Hot stuff

Why multi-cloud security needs a fresh approach to stay resilient

CISO, cloud security, Don't miss, Hot stuff, News, strategy, tips /

Why multi-cloud security needs a fresh approach to stay resilient 2025-03-05 at 07:41 By Mirko Zorz As enterprises expand their multi-cloud strategies to drive agility and scalability, CISOs must prioritize cyber resilience across diverse cloud platforms. The complexities of securing multi-cloud environments demand innovative solutions to maintain a strong security posture. “Many organizations in regulated […]

React to this headline:

Loading spinner

Why multi-cloud security needs a fresh approach to stay resilient Read More »

Scammers take over social media

Artificial Intelligence, cybercriminals, cybersecurity, Don't miss, Gen Digital, Hot stuff, scams, social media, Video /

Scammers take over social media 2025-03-05 at 07:02 By Help Net Security In Q4 2024, cyber threats reached unprecedented levels, with 2.55 billion attacks blocked, equating to 321 threats every second. In this Help Net Security video, Luis Corrons, Security Evangelist at Gen, discusses a new Gen report that highlights a troubling trend: social media

React to this headline:

Loading spinner

Scammers take over social media Read More »

Prioritizing data and identity security in 2025

Artificial Intelligence, cybersecurity, data security, Don't miss, Expert analysis, Expert corner, Hot stuff, human error, identity protection, News, opinion /

Prioritizing data and identity security in 2025 2025-03-04 at 17:02 By Help Net Security To say that the cybersecurity landscape has grown more complex over the past several years would be a dramatic understatement. Attackers have more resources at their fingertips than ever, and data breaches have become almost a daily occurrence. For both businesses

React to this headline:

Loading spinner

Prioritizing data and identity security in 2025 Read More »

Building cyber resilience in banking: Expert insights on strategy, risk, and regulation

Citizens, cyber resilience, cybersecurity, Don't miss, Features, financial industry, framework, Hot stuff, News, opinion, security controls, strategy /

Building cyber resilience in banking: Expert insights on strategy, risk, and regulation 2025-03-04 at 09:23 By Mirko Zorz In this Help Net Security interview, Matthew Darlage, CISO at Citizens, discusses key strategies for strengthening cyber resilience in banks. He underlines that adherence to frameworks like NIST is essential for continuous improvement and that data protection

React to this headline:

Loading spinner

Building cyber resilience in banking: Expert insights on strategy, risk, and regulation Read More »

CISO vs. CIO: Where security and IT leadership clash (and how to fix it)

CISO, CXO, cybersecurity, Don't miss, Hot stuff, LogicGate, News, opinion, security ROI, strategy, tips /

CISO vs. CIO: Where security and IT leadership clash (and how to fix it) 2025-03-04 at 08:01 By Mirko Zorz The dynamic between CISOs and CIOs has always been complex. While both roles are essential to an organization’s success, their priorities often put them at odds. The CIO focuses on IT efficiency, innovation, and business

React to this headline:

Loading spinner

CISO vs. CIO: Where security and IT leadership clash (and how to fix it) Read More »

Innovation vs. security: Managing shadow AI risks

Artificial Intelligence, cyber risk, cybersecurity, Don't miss, Hot stuff, strategy, Tanium, tips, Video /

Innovation vs. security: Managing shadow AI risks 2025-03-03 at 18:02 By Help Net Security In this Help Net Security video, Tim Morris, Chief Security Advisor at Tanium, shares practical best practices to help organizations balance innovation and security while leveraging AI. Morris warns of an even riskier shadow AI trend in which departments, unsatisfied with

React to this headline:

Loading spinner

Innovation vs. security: Managing shadow AI risks Read More »

Review: The Chief AI Officer’s Handbook

Artificial Intelligence, books, Don't miss, Hot stuff, News, Review, Reviews, skill development, strategy, tips /

Review: The Chief AI Officer’s Handbook 2025-03-03 at 07:33 By Mirko Zorz The Chief AI Officer’s Handbook is a comprehensive resource for professionals navigating AI implementation and strategy. It is particularly valuable for Chief AI Officers (CAIOs), offering guidance on defining their role and executing AI-driven business strategies. About the author Jarrod Anderson, SYRV’s Chief

React to this headline:

Loading spinner

Review: The Chief AI Officer’s Handbook Read More »

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)

CVE, Don't miss, Hot stuff, MITRE, News, open source, PoC, red team, training /

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) 2025-02-28 at 17:03 By Zeljka Zorz Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code execution. About MITRE Caldera MITRE Caldera is a platform built on the

React to this headline:

Loading spinner

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) Read More »

OSPS Baseline: Practical security best practices for open source software projects

cyber resilience, Don't miss, guide, Hot stuff, News, open source, OpenSSF, software development /

OSPS Baseline: Practical security best practices for open source software projects 2025-02-28 at 14:49 By Help Net Security The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security Baseline (OSPS Baseline), a tiered framework of security practices that evolve with the

React to this headline:

Loading spinner

OSPS Baseline: Practical security best practices for open source software projects Read More »

Understanding the AI Act and its compliance challenges

Artificial Intelligence, Compliance, cybersecurity, Don't miss, EU, Features, GDPR, Hot stuff, Hunton Andrews Kurth, legislation, News, opinion, regulation, strategy /

Understanding the AI Act and its compliance challenges 2025-02-28 at 08:03 By Mirko Zorz In this Help Net Security interview, David Dumont, Partner at Hunton Andrews Kurth, discusses the implications of the EU AI Act and how organizations can leverage existing GDPR frameworks while addressing new obligations such as conformity assessments and transparency requirements. Dumont

React to this headline:

Loading spinner

Understanding the AI Act and its compliance challenges Read More »

The art of balancing data security with business goals

cybersecurity, data security, Don't miss, Gartner, Hot stuff, Risk Management, Video /

The art of balancing data security with business goals 2025-02-28 at 07:32 By Help Net Security In this Help Net Security video, Nathan Parks, Senior Research Specialist at Gartner, discusses their recent research, revealing that only 14% of security leaders effectively balance data security with business goals. 35% of leaders are focused on securing data,

React to this headline:

Loading spinner

The art of balancing data security with business goals Read More »

2024 phishing trends tell us what to expect in 2025

Don't miss, enterprise, Hot stuff, Kroll, News, phishing, Prodaft, SMBs, social engineering /

2024 phishing trends tell us what to expect in 2025 2025-02-27 at 14:18 By Zeljka Zorz Phishing has been the method most often employed by cybercriminals to achieve initial access to targeted organizations in 2024, according to risk advisory firm Kroll, which expects this trend to continue in 2025. But attackers have also increasingly been

React to this headline:

Loading spinner

2024 phishing trends tell us what to expect in 2025 Read More »

Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363)

aerospace, Don't miss, Hot stuff, manufacturing sector, News, product development, Siemens, transportation, vulnerability /

Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363) 2025-02-27 at 11:32 By Zeljka Zorz A high-severity vulnerability (CVE-2025-23363) in the Siemens Teamcenter product lifecycle management (PLM) software could allow an attacker to steal users’ valid session data and gain unauthorized access to the vulnerable application. About CVE-2025-23363 Siemens Teamcenter is a suite of applications that

React to this headline:

Loading spinner

Siemens Teamcenter vulnerability could allow account takeover (CVE-2025-23363) Read More »

Debunking 5 myths about network automation

automation, BackBox, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, network, News, opinion /

Debunking 5 myths about network automation 2025-02-27 at 06:02 By Help Net Security Imagine you’re a network engineer at an enterprise. You already have your hands full with IT priorities, including managing bandwidth related to working from home, the company’s new data center, and, more recently, computing needs to support AI adoption. Additionally, the security

React to this headline:

Loading spinner

Debunking 5 myths about network automation Read More »

Is your email or password among the 240+ million compromised by infostealers?

credentials, Don't miss, Hot stuff, Malware, News, passwords /

Is your email or password among the 240+ million compromised by infostealers? 2025-02-26 at 18:00 By Zeljka Zorz For the second time since the start of 2025, a huge number of login credentials extracted from infostealer logs has been added to the database powering the HaveIBeenPwned (HIBP) site and breach notification service. In January 2025,

React to this headline:

Loading spinner

Is your email or password among the 240+ million compromised by infostealers? Read More »

Hundreds of GitHub repos served up malware for years

Don't miss, GitHub, Hot stuff, Kaspersky, Malware, News /

Hundreds of GitHub repos served up malware for years 2025-02-26 at 13:13 By Zeljka Zorz Kaspersky researchers have unearthed an extensive and long-running malware delivery campaign that exploited users’ propensity for downloading code from GitHub and using it without first verifying whether it’s malicious. “Over the course of the GitVenom campaign, the threat actors behind

React to this headline:

Loading spinner

Hundreds of GitHub repos served up malware for years Read More »

The compliance illusion: Why your company might be at risk despite passing audits

auditing, CISO, Compliance, CXO, cybersecurity, Don't miss, Fortra, Hot stuff, how-to, ISO 27001, News, NIST, PCI DSS, regulation, strategy, tips /

The compliance illusion: Why your company might be at risk despite passing audits 2025-02-26 at 08:20 By Mirko Zorz For many CISOs, compliance can feel like a necessary evil and a false sense of security. While frameworks like ISO 27001, SOC 2, and PCI DSS offer structured guidelines, they don’t automatically equate to strong cybersecurity.

React to this headline:

Loading spinner

The compliance illusion: Why your company might be at risk despite passing audits Read More »

How enterprise leaders can secure and govern agentic AI

Artificial Intelligence, cybersecurity, Don't miss, Hot stuff, IBM, Video /

How enterprise leaders can secure and govern agentic AI 2025-02-26 at 08:20 By Help Net Security In this Help Net Security video, Nataraj Nagaratnam, an IBM Fellow and CTO for Cloud Security, discusses enterprises’ steps to lay a secure foundation for agentic AI deployments. Recent research from IBM and Morning Consult shows that 99% of

React to this headline:

Loading spinner

How enterprise leaders can secure and govern agentic AI Read More »

Background check, drug testing provider DISA suffers data breach

data breach, Don't miss, Hot stuff, News, USA /

Background check, drug testing provider DISA suffers data breach 2025-02-25 at 20:06 By Zeljka Zorz DISA Global Solutions, a Texas-based company that provides employment screening services (including drug and alcohol testing and background checks) for over 55,000 organizations, has suffered a cyber incident that led to a data breach, which resulted in the potential compromise

React to this headline:

Loading spinner

Background check, drug testing provider DISA suffers data breach Read More »

China-based Silver Fox spoofs healthcare app to deliver malware

APT, backdoor, China, Don't miss, Forescout, healthcare, Hot stuff, News, programming, software development /

China-based Silver Fox spoofs healthcare app to deliver malware 2025-02-25 at 18:33 By Zeljka Zorz Silver Fox, a China-based threat actor that may or may not be backed by the Chinese government, has been delivering the ValleyRAT backdoor to unsuspecting users by disguising the malware as legitimate healthcare app (the Philips DICOM viewer), a Windows

React to this headline:

Loading spinner

China-based Silver Fox spoofs healthcare app to deliver malware Read More »

Scroll to Top