Stealthy backdoor found hiding in SOHO devices running Linux 2025-06-23 at 11:02 By Mirko Zorz SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a broader shift in how China-Nexus threat actors are using Operational Relay Box (ORB) networks to […]
Stealthy backdoor found hiding in SOHO devices running Linux Read More »
Review: Redefining Hacking 2025-06-23 at 09:06 By Mirko Zorz Redefining Hacking takes a look at how red teaming and bug bounty hunting are changing, especially now that AI is becoming a bigger part of the job. About the authors Omar Santos is a Distinguished Engineer at Cisco focusing on AI security, research, incident response, and
Review: Redefining Hacking Read More »
How CISOs can justify security investments in financial terms 2025-06-23 at 09:06 By Mirko Zorz In this Help Net Security interview, John Verry, Managing Director at CBIZ, discusses how insurers and financial risk professionals evaluate cybersecurity maturity through different lenses. He also shows how framing cyber risk in business terms can strengthen investment cases and
How CISOs can justify security investments in financial terms Read More »
Quantum risk is already changing cybersecurity 2025-06-23 at 08:18 By Mirko Zorz A new report from the Cyber Threat Alliance warns that the era of quantum risk is already underway, and security teams need to stop treating it like a problem for tomorrow. The report, Approaching Quantum Dawn: Closing the Cybersecurity Readiness Gap Before It’s
Quantum risk is already changing cybersecurity Read More »
71% of new hires click on phishing emails within 3 months 2025-06-23 at 07:35 By Anamarija Pogorelec New hires are more likely to fall for phishing attacks and social engineering than longer-term employees, especially in their first 90 days, according to Keepnet. Why new hires are easy targets for phishing attacks Based on data from
71% of new hires click on phishing emails within 3 months Read More »
Medical device cyberattacks push hospitals into crisis mode 2025-06-23 at 07:14 By Help Net Security 22% of healthcare organizations have experienced cyberattacks that directly impacted medical devices, according to RunSafe Security. Three-quarters of these incidents disrupted patient care, including 24% that required patient transfers to other facilities. The survey reveals that healthcare cybersecurity has evolved
Medical device cyberattacks push hospitals into crisis mode Read More »
Week in review: Keyloggers found on Outlook login pages, police shut down dark web drug market 2025-06-22 at 09:33 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Researchers unearth keyloggers on Outlook login pages Unknown threat actors have compromised internet-accessible Microsoft Exchange Servers of
Exposed and Exploited: Trustwave Uncovers the Alarming Cyber Risks Lurking in the Tech Sector 2025-06-20 at 16:02 By Uncover the top cyber threats targeting the technology industry in 2025. Gain exclusive insights from Trustwave SpiderLabs into emerging ransomware trends, attacker tactics, and dark web-fueled supply chain threats. Explore how AI is both a threat and
Microsoft boosts default security of Windows 365 Cloud PCs 2025-06-20 at 15:05 By Zeljka Zorz Windows 365 Cloud PCs now come with new default settings aimed at preventing / minimizing data exfiltration and malicious exploits, Microsoft has announced. Windows 365 Cloud PCs are Azure (i.e., Windows 365 service)-hosted virtual Windows PCs the company offers as
Microsoft boosts default security of Windows 365 Cloud PCs Read More »
DuckDuckGo’s Scam Blocker now blocks more types of scams 2025-06-20 at 12:24 By Sinisa Markovic Online scams are getting worse and more varied. DuckDuckGo knows that, so they’ve made changes. Their built-in Scam Blocker now stops more kinds of scam sites, all without tracking you. How Scam Blocker works (Source: DuckDuckGo) “If you accidentally click
DuckDuckGo’s Scam Blocker now blocks more types of scams Read More »
Amazon Linux 2023 achieves FIPS 140-3 validation 2025-06-20 at 10:52 By Help Net Security Amazon Linux 2023 (AL2023) has earned FIPS 140-3 Level 1 validation for several of its cryptographic modules. This means it’s now approved for use in systems that need to meet U.S. and Canadian government standards for encryption. FIPS (Federal Information Processing
Amazon Linux 2023 achieves FIPS 140-3 validation Read More »
Strategies to secure long-life IoT devices 2025-06-20 at 09:07 By Mirko Zorz In this Help Net Security interview, Rob ter Linden, CISO at Signify, discusses priorities for CISOs working on IoT security, including the need for compliant infrastructure, easy device management, and preparing for future tech like quantum computing and AI. He also covers challenges
Strategies to secure long-life IoT devices Read More »
CISOs flag gaps in GenAI strategy, skills, and infrastructure 2025-06-20 at 08:32 By Help Net Security 95% of C-suite leaders say that GenAI is driving a new level of innovation in their organizations, according to NTT DATA. While CEOs and business leaders are committed to GenAI adoption, CISOs and operational leaders lack the necessary guidance,
CISOs flag gaps in GenAI strategy, skills, and infrastructure Read More »
Who’s guarding the AI? Even security teams are bypassing oversight 2025-06-20 at 08:07 By Help Net Security Even security teams, the ones responsible for protecting the business, are adding to AI-related risk. A new survey by AI security company Mindgard, based on responses from over 500 cybersecurity professionals at RSAC 2025 Conference and Infosecurity Europe
Who’s guarding the AI? Even security teams are bypassing oversight Read More »
AI Index 2025: What’s changing and why it matters 2025-06-20 at 07:39 By Sinisa Markovic Stanford recently released its AI Index 2025, and it’s packed with insights on how AI is changing. For CISOs, it’s a solid check-in on where things stand. It covers what the tech can do now, how governments are responding, and
AI Index 2025: What’s changing and why it matters Read More »
New infosec products of the week: June 20, 2025 2025-06-20 at 07:01 By Sinisa Markovic Here’s a look at the most interesting products from the past week, featuring releases from BigID, Dashlane, Sumsub, and Jumio. Dashlane’s AI model alerts businesses to phishing risks In contrast to rule-based filters or reliance on a threat intel database,
New infosec products of the week: June 20, 2025 Read More »
Unleash the Tiger: Fast, Smart, and Targeted Cybersecurity Testing from Trustwave SpiderLabs 2025-06-19 at 21:54 By Learn all about Trustwave SpiderLabs’ new Tiger Team Testing. Get rapid, targeted, and cost-effective security assessments. Discover how Tiger Teams differ from traditional red and purple teams. Learn about their focused approach for faster, more efficient vulnerability detection. Identify
Why AI code assistants need a security reality check 2025-06-19 at 09:02 By Mirko Zorz In this Help Net Security interview, Silviu Asandei, Security Specialist and Security Governance at Sonar, discusses how AI code assistants are transforming development workflows and impacting security. He explains how these tools can boost productivity but may also propagate vulnerabilities
Why AI code assistants need a security reality check Read More »
GPS tracker detection made easy with off-the-shelf hardware 2025-06-19 at 08:33 By Mirko Zorz Cyberstalkers are increasingly turning to cheap GPS trackers to secretly monitor people in real time. These devices, which often cost less than $30 and run on 4G LTE networks, are small, easy to hide under a bumper or in a glovebox,
GPS tracker detection made easy with off-the-shelf hardware Read More »
Thieves don’t need your car keys, just a wireless signal 2025-06-19 at 08:01 By Sinisa Markovic A recent study by researchers at the University of Padova reveals that despite the rise in car thefts involving Remote Keyless Entry (RKE) systems, the auto industry has made little progress in strengthening security. Since RKE’s introduction in the
Thieves don’t need your car keys, just a wireless signal Read More »