framework

Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel

cybersecurity, Don't miss, framework, Hot stuff, MITRE, MITRE ATT&CK, News, Video /

Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel 2025-05-19 at 07:04 By Help Net Security In this Help Net Security video, Adam Pennington, MITRE ATT&CK Lead, breaks down what’s new in the ATT&CK v17 release. He highlights the addition of the ESXi platform, new and updated techniques for Linux, refinements to mitigation guidance, and […]

React to this headline:

Loading spinner

Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel Read More »

Cybersecurity Skills Framework connects the dots between IT job roles and the practical skills needed

cybersecurity, framework, News, OpenSSF, The Linux Foundation /

Cybersecurity Skills Framework connects the dots between IT job roles and the practical skills needed 2025-05-16 at 08:08 By Help Net Security The Linux Foundation, in collaboration with OpenSSF and Linux Foundation Education, has released the Cybersecurity Skills Framework, a global reference guide that helps organizations identify and address critical cybersecurity competencies across a broad

React to this headline:

Loading spinner

Cybersecurity Skills Framework connects the dots between IT job roles and the practical skills needed Read More »

UNIDIR Intrusion Path: New framework to analyze ICT environment activities

critical infrastructure, framework, ICS/SCADA, News /

UNIDIR Intrusion Path: New framework to analyze ICT environment activities 2025-05-13 at 07:37 By Help Net Security Malicious activity in the ICT environment is growing. However, a non-technical audience often struggle to understand these threats, either because technical explanations are too complex or because media coverage oversimplifies the issues. To help understand and analyze these

React to this headline:

Loading spinner

UNIDIR Intrusion Path: New framework to analyze ICT environment activities Read More »

Villain: Open-source framework for managing and enhancing reverse shells

Don't miss, framework, GitHub, News, open source, software /

Villain: Open-source framework for managing and enhancing reverse shells 2025-04-30 at 08:04 By Mirko Zorz Villain is an open-source Stage 0/1 command-and-control (C2) framework designed to manage multiple reverse TCP and HoaxShell-based shells. Beyond simply handling connections, Villain enhances these shells with added functionality, offering commands and utilities, and allowing for shell sessions sharing across

React to this headline:

Loading spinner

Villain: Open-source framework for managing and enhancing reverse shells Read More »

13 core principles to strengthen AI cybersecurity

Artificial Intelligence, ETSI, framework, News, security standard, standards /

13 core principles to strengthen AI cybersecurity 2025-04-25 at 07:55 By Help Net Security The new ETSI TS 104 223 specification for securing AI provides reliable and actionable cybersecurity guidance aimed at protecting end users. Adopting a whole-lifecycle approach, the framework outlines 13 core principles that expand into 72 detailed, trackable principles across five key

React to this headline:

Loading spinner

13 core principles to strengthen AI cybersecurity Read More »

Strategic AI readiness for cybersecurity: From hype to reality

Artificial Intelligence, Aryaka, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, News, opinion, strategy /

Strategic AI readiness for cybersecurity: From hype to reality 2025-04-16 at 08:34 By Help Net Security AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity. Many companies could encounter serious repercussions, such as increased volumes of advanced cyber threats, if they fail to exploit AI

React to this headline:

Loading spinner

Strategic AI readiness for cybersecurity: From hype to reality Read More »

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework

Bluetooth, Don't miss, framework, GitHub, Hot stuff, News, open source, software /

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework 2025-04-02 at 07:35 By Mirko Zorz BlueToolkit is an open-source tool that helps find security flaws in Bluetooth Classic devices. It runs known and custom exploits to test if a device is vulnerable. Right now, it includes 43 different exploits. Some are public, and others were made specifically

React to this headline:

Loading spinner

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework Read More »

AMTSO Releases Sandbox Evaluation Framework

AMTSO, framework, Malware & Threats, sandbox, testing /

AMTSO Releases Sandbox Evaluation Framework 2025-03-26 at 17:31 By Eduard Kovacs AMTSO has developed a Sandbox Evaluation Framework to standardize the testing of malware analysis solutions.  The post AMTSO Releases Sandbox Evaluation Framework appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:

React to this headline:

Loading spinner

AMTSO Releases Sandbox Evaluation Framework Read More »

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

Cloudflare, Don't miss, framework, Hot stuff, News, Next.js, open source, PoC, ProjectDiscovery, vulnerability, web application security, web development /

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) 2025-03-24 at 15:17 By Zeljka Zorz A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web pages they should no have access to (e.g., the web app’s admin panel).

React to this headline:

Loading spinner

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) Read More »

Building cyber resilience in banking: Expert insights on strategy, risk, and regulation

Citizens, cyber resilience, cybersecurity, Don't miss, Features, financial industry, framework, Hot stuff, News, opinion, security controls, strategy /

Building cyber resilience in banking: Expert insights on strategy, risk, and regulation 2025-03-04 at 09:23 By Mirko Zorz In this Help Net Security interview, Matthew Darlage, CISO at Citizens, discusses key strategies for strengthening cyber resilience in banks. He underlines that adherence to frameworks like NIST is essential for continuous improvement and that data protection

React to this headline:

Loading spinner

Building cyber resilience in banking: Expert insights on strategy, risk, and regulation Read More »

AI security posture management will be needed before agentic AI takes hold

Artificial Intelligence, authentication, bot, cybersecurity, Don't miss, Expert analysis, Expert corner, Features, framework, IBS Software, News, opinion /

AI security posture management will be needed before agentic AI takes hold 2025-01-27 at 07:40 By Help Net Security As I’m currently knee deep in testing agentic AI in all its forms, as well as new iterations of current generative AI models such as OpenAI’s O1, the complexities of securing AI bot frameworks for enterprise

React to this headline:

Loading spinner

AI security posture management will be needed before agentic AI takes hold Read More »

AI-driven insights transform security preparedness and recovery

Artificial Intelligence, cybersecurity, Digitate, Don't miss, Features, framework, Hot stuff, News, opinion, strategy /

AI-driven insights transform security preparedness and recovery 2025-01-20 at 07:04 By Mirko Zorz In this Help Net Security interview, Arunava Bag, CTO at Digitate, discusses how organizations can recover digital operations after an incident, prioritize cybersecurity strategies, and secure digital operations with effective frameworks. What measures should organizations take to recover digital operations after an

React to this headline:

Loading spinner

AI-driven insights transform security preparedness and recovery Read More »

EU takes decisive action on healthcare cybersecurity

cyber resilience, cybersecurity, Data Protection, EU, European Commission, framework, Government, healthcare, News /

EU takes decisive action on healthcare cybersecurity 2025-01-17 at 06:39 By Help Net Security The Commission has presented an EU action plan aimed at strengthening the cybersecurity of hospitals and healthcare providers. The initiative is an essential step in shielding the healthcare sector from cyber threats. Digitalization is revolutionizing healthcare, enabling better patient services through

React to this headline:

Loading spinner

EU takes decisive action on healthcare cybersecurity Read More »

A humble proposal: The InfoSec CIA triad should be expanded

Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Foresight Cyber, framework, Government, Hot stuff, News, opinion, standards /

A humble proposal: The InfoSec CIA triad should be expanded 2025-01-16 at 06:35 By Help Net Security The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may elevate the costs of incidents. In this article, I will analyze the CIA triad, point

React to this headline:

Loading spinner

A humble proposal: The InfoSec CIA triad should be expanded Read More »

GitLab CISO on proactive monitoring and metrics for DevSecOps success

Artificial Intelligence, cybersecurity, DevSecOps, Don't miss, Features, framework, GitLab, Hot stuff, LLMs, News, opinion, security metrics, software development /

GitLab CISO on proactive monitoring and metrics for DevSecOps success 2025-01-09 at 07:32 By Mirko Zorz In this Help Net Security interview, Josh Lemos, CISO at GitLab, talks about the shift from DevOps to DevSecOps, focusing on the complexity of building systems and integrating security tools. He shares tips for maintaining development speed, fostering collaboration,

React to this headline:

Loading spinner

GitLab CISO on proactive monitoring and metrics for DevSecOps success Read More »

The future of data and AI: Seven trends shaping 2025 and beyond

Artificial Intelligence, automation, BigID, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Hot stuff, News, opinion, predictions /

The future of data and AI: Seven trends shaping 2025 and beyond 2024-12-27 at 07:31 By Help Net Security In 2025, seven trends will shape the future of data and AI, offering advantages for those who see these changes not as challenges but as opportunities to innovate and excel. The post The future of data

React to this headline:

Loading spinner

The future of data and AI: Seven trends shaping 2025 and beyond Read More »

How open-source MDM solutions simplify cross-platform device management

cybersecurity, Don't miss, Features, Fleet, framework, Hot stuff, mobile devices, News, open source, opinion, security standard, strategy /

How open-source MDM solutions simplify cross-platform device management 2024-11-01 at 07:33 By Mirko Zorz In this Help Net Security interview, Mike McNeil, CEO at Fleet, talks about the security risks posed by unmanaged mobile devices and how mobile device management (MDM) solutions help address them. He also discusses employee resistance to MDM and how open-source

React to this headline:

Loading spinner

How open-source MDM solutions simplify cross-platform device management Read More »

How NIS2 will impact sectors from healthcare to energy

CISO, Compliance, cybersecurity, Don't miss, EU, Features, framework, Hot stuff, News, opinion, Risk Management, security standard, Splunk, strategy /

How NIS2 will impact sectors from healthcare to energy 2024-10-17 at 07:02 By Mirko Zorz In this Help Net Security interview, Mick Baccio, Global Security Advisor at Splunk SURGe, discusses the far-reaching implications of the NIS2 Directive beyond traditional IT security. He explains how NIS2 will fundamentally change cybersecurity governance, making it a core aspect

React to this headline:

Loading spinner

How NIS2 will impact sectors from healthcare to energy Read More »

The NHI management challenge: When employees leave

authentication, credentials, cybersecurity, Don't miss, Entro, Expert analysis, Expert corner, framework, Hot stuff, News, Non Human Identities, opinion /

The NHI management challenge: When employees leave 2024-10-15 at 08:01 By Help Net Security An employee is exiting your organization. Regardless of the terms of departure, an ex-staffer has the potential when they leave or change roles to impact a wide range of non-human identities, digital credentials, and other secrets. Those secrets include the credentials

React to this headline:

Loading spinner

The NHI management challenge: When employees leave Read More »

Investing in Privacy by Design for long-term compliance

awareness, cybersecurity, Don't miss, Features, framework, Hot stuff, Microblink, News, opinion, Privacy, regulation /

Investing in Privacy by Design for long-term compliance 2024-10-10 at 07:31 By Mirko Zorz In this Help Net Security interview, Bojan Belušić, Head of Information Security & IT Operations at Microblink, discusses the relationship between Privacy by Design and regulatory frameworks like GDPR. Integrating privacy principles from the outset of product and process development ensures

React to this headline:

Loading spinner

Investing in Privacy by Design for long-term compliance Read More »

Scroll to Top