News

EU launches EU-based, privacy-focused DNS resolution service

content filtering, DNS, Don't miss, ENISA, EU, Hot stuff, News, Privacy, Whalebone /

EU launches EU-based, privacy-focused DNS resolution service 2025-06-09 at 17:38 By Zeljka Zorz DNS4EU, an EU-based DNS resolution service created to strengthen European Union’s digital sovereignty, has become reality. What is DNS? The Domain Name System (DNS) “translates” human-readable domain names into IP addresses and back, and is essential for accessing websites. Most users use […]

EU launches EU-based, privacy-focused DNS resolution service Read More »

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)

CERT-PL, Don't miss, exploit, FearsOff, Hot stuff, News, PoC, Roundcube, Shadowserver, vulnerability /

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) 2025-06-09 at 15:18 By Zeljka Zorz With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks exploiting the flaw are incoming and possibly already happening. According to the Shadowserver Foundation, there

Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) Read More »

Balancing cybersecurity and client experience for high-net-worth clients

authentication, CIO, CISO, cybersecurity, Don't miss, Features, financial industry, Hot stuff, LPL Financial, News, regulation, risk /

Balancing cybersecurity and client experience for high-net-worth clients 2025-06-09 at 09:03 By Mirko Zorz In this Help Net Security interview, Renana Friedlich-Barsky, EVP and CISO at LPL Financial, discusses how threat actors are targeting high-net-worth clients and exploiting digital touchpoints in wealth management. She explains why firms must embed security from the start to protect

Balancing cybersecurity and client experience for high-net-worth clients Read More »

CISOs, are you ready for cyber threats in biotech?

CISO, cybersecurity, Don't miss, Features, Hot stuff, how-to, News, strategy, tips /

CISOs, are you ready for cyber threats in biotech? 2025-06-09 at 08:35 By Mirko Zorz The threat landscape in the bioeconomy is different from what most CISOs are used to. It includes traditional risks like data breaches, but the consequences are more complex. A compromise of genomic databases, for example, does not just expose personal

CISOs, are you ready for cyber threats in biotech? Read More »

fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic

Don't miss, GitHub, News, open source, software /

fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic 2025-06-09 at 08:00 By Mirko Zorz fiddleitm is an open-source tool built on top of mitmproxy that helps find malicious web traffic. It works by checking HTTP requests and responses for known patterns that might point to malware, phishing, or other threats. fiddleitm features “I created fiddleitm

fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic Read More »

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques

CardinalOps, cybersecurity, framework, MITRE, MITRE ATT&CK, News, report, SIEM, SOC, survey, threat detection /

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques 2025-06-09 at 07:32 By Help Net Security Using the MITRE ATT&CK framework as a baseline, organizations are generally improving year-over-year in understanding security information and event management (SIEM) detection coverage and quality, but plenty of room for improvement remains, according to CardinalOps. MITRE ATT&CK enhances SOC

Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques Read More »

Employees repeatedly fall for vendor email compromise attacks

Abnormal AI, Email, email security, News, report, survey /

Employees repeatedly fall for vendor email compromise attacks 2025-06-09 at 07:02 By Help Net Security In just 12 months, attackers attempted to steal more than $300 million via vendor email compromise (VEC), with 7% of engagements coming from employees who had engaged with a previous attack, according to Abnormal AI. Vendor email compromise risks increase

Employees repeatedly fall for vendor email compromise attacks Read More »

Week in review: Google fixes exploited Chrome zero-day, Patch Tuesday forecast

News, Week in review /

Week in review: Google fixes exploited Chrome zero-day, Patch Tuesday forecast 2025-06-08 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: June 2025 Patch Tuesday forecast: Second time is the charm? Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout

Week in review: Google fixes exploited Chrome zero-day, Patch Tuesday forecast Read More »

Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?

Android, botnet, consumer, Don't miss, FBI, Google, Hot stuff, HUMAN Security, IoT, News, smart home /

Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them? 2025-06-06 at 16:09 By Zeljka Zorz Millions of Internet-of-Things (IoT) devices running the open-source version of the Android operating system are part of the Badbox 2.0 botnet, the FBI has warned. Cyber criminals are using the botnet to perform ad fraud and

Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them? Read More »

145 criminal domains linked to BidenCash Marketplace seized

Cryptocurrency, cybersecurity, FBI, Government, law enforcement, News, Searchlight Cyber, Shadowserver, US DoJ, USA /

145 criminal domains linked to BidenCash Marketplace seized 2025-06-06 at 13:01 By Help Net Security Approximately 145 darknet and conventional internet domains, along with cryptocurrency funds linked to the BidenCash marketplace, have been seized by the U.S. Attorney’s Office for the Eastern District of Virginia. The operators of the BidenCash marketplace use the platform to

145 criminal domains linked to BidenCash Marketplace seized Read More »

June 2025 Patch Tuesday forecast: Second time is the charm?

Adobe, apple, cybersecurity, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, security update /

June 2025 Patch Tuesday forecast: Second time is the charm? 2025-06-06 at 09:57 By Help Net Security Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout May. The May Patch Tuesday release of updates was typical in number of vulnerabilities addressed with 41 in both Windows 10 and 11, and their associated

June 2025 Patch Tuesday forecast: Second time is the charm? Read More »

Why IAM should be the starting point for AI-driven cybersecurity

Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, Hot stuff, identity management, News, security metrics, Twine Security /

Why IAM should be the starting point for AI-driven cybersecurity 2025-06-06 at 09:03 By Mirko Zorz In this Help Net Security interview, Benny Porat, CEO at Twine Security, discusses applying AI agents to security decisions. He explains why identity and access management (IAM) is the ideal starting point for both augmentation and automation, and shares

Why IAM should be the starting point for AI-driven cybersecurity Read More »

Protecting patient data starts with knowing where it’s stored

BitSight, CISO, data, data security, Don't miss, healthcare, Main Line Health, News, Smart Meter, tips /

Protecting patient data starts with knowing where it’s stored 2025-06-06 at 08:31 By Sinisa Markovic Patient data is often stored or processed outside the country where it was collected. When that happens, the data falls under the laws of the country where it resides. Depending on those laws, local governments may have legal access to

Protecting patient data starts with knowing where it’s stored Read More »

Ransomware and USB attacks are hammering OT systems

CISO, critical infrastructure, cybersecurity, Don't miss, Honeywell, ICS/SCADA, News, report /

Ransomware and USB attacks are hammering OT systems 2025-06-06 at 08:02 By Mirko Zorz Ransomware, trojans, and malware delivered through USB devices are putting growing pressure on industrial systems, according to the Honeywell 2025 Cyber Threat Report, which draws on data from monitoring tools deployed across industrial sites around the world. The findings highlight persistent

Ransomware and USB attacks are hammering OT systems Read More »

AI becomes key player in enterprise ransomware defense

Artificial Intelligence, Delinea, News, Ransomware, report, survey /

AI becomes key player in enterprise ransomware defense 2025-06-06 at 07:32 By Help Net Security Ransomware breaches continue to rise even as fewer victims pay, according to a Delinea report. 69% of organizations globally have fallen victim to ransomware, with 27% being hit more than once. While only 57% of organizations paid ransoms, down from

AI becomes key player in enterprise ransomware defense Read More »

New infosec products of the week: June 6, 2025

Akamai, AttackIQ, Barracuda Networks, Bitdefender, Fortinet, Malwarebytes, News, Varonis /

New infosec products of the week: June 6, 2025 2025-06-06 at 07:01 By Sinisa Markovic Here’s a look at the most interesting products from the past week, featuring releases from Akamai, AttackIQ, Barracuda Networks, Bitdefender, Fortinet, Malwarebytes, and Varonis. Bitdefender unifies security, risk management, and compliance in a single platform Bitdefender announced GravityZone Compliance Manager,

New infosec products of the week: June 6, 2025 Read More »

Meta open-sources AI tool to automatically classify sensitive documents

Artificial Intelligence, cybersecurity, data loss prevention, Data Protection, Don't miss, GitHub, Hot stuff, Meta, News, open source, software /

Meta open-sources AI tool to automatically classify sensitive documents 2025-06-05 at 09:17 By Mirko Zorz Meta has released an open source AI tool called Automated Sensitive Document Classification. It was originally built for internal use and is designed to find sensitive information in documents and apply security labels automatically. The tool uses customizable classification rules

Meta open-sources AI tool to automatically classify sensitive documents Read More »

The cloud security crisis no one’s talking about

ARMO, cloud security, cybersecurity, News, report, SOC, survey /

The cloud security crisis no one’s talking about 2025-06-05 at 08:33 By Help Net Security Security teams are overwhelmed by a flood of alerts, most of which lack the context needed to accurately assess and espond to threats, according to ARMO. Respondents report receiving an average of 4,080 security alerts per month – or 136

The cloud security crisis no one’s talking about Read More »

Google survey shows Americans are changing how they fight scams

Google, Morning Consult, News, report, scams, survey, USA /

Google survey shows Americans are changing how they fight scams 2025-06-05 at 08:11 By Sinisa Markovic If it seems like scams are popping up everywhere lately, you’re not wrong. A new survey from Google shows most Americans feel the same, and they’re starting to change how they handle things online because of it. But different

Google survey shows Americans are changing how they fight scams Read More »

Why SAP security updates are a struggle for large enterprises

CISO, cybersecurity, Don't miss, how-to, News, Pathlock, SAP, security update, strategy, tips, Video /

Why SAP security updates are a struggle for large enterprises 2025-06-05 at 07:33 By Help Net Security In this Help Net Security video, Jonathan Stross, SAP Security Analyst at Pathlock, examines why managing SAP security updates is so complex for enterprises. From highly customized, interconnected environments to the pressure of real-time patching, Strauss highlights why

Why SAP security updates are a struggle for large enterprises Read More »

Scroll to Top