News

The CISO’s bookshelf: 10 must-reads for security leaders

books, CISO, Don't miss, Hot stuff, News, skill development, strategy, tips /

The CISO’s bookshelf: 10 must-reads for security leaders 2025-03-06 at 07:56 By Help Net Security Discover essential reads for CISOs in this curated list of books covering cybersecurity leadership, risk management, zero trust, board communication, and more. Why CISOs Fail, 2nd Edition Author: Barak Engel Barak Engel expands on the ideas from his original 2017 […]

React to this headline:

Loading spinner

The CISO’s bookshelf: 10 must-reads for security leaders Read More »

89% of enterprise AI usage is invisible to the organization

Artificial Intelligence, cybersecurity, data security, generative AI, LayerX, News, report, survey /

89% of enterprise AI usage is invisible to the organization 2025-03-06 at 07:04 By Help Net Security Organizations have zero visibility into 89% of AI usage, despite security policies according to a LayerX report. 71% of connections to GenAI tools are done using personal non-corporate accounts. Among logins using corporate accounts, 58% of connections are

React to this headline:

Loading spinner

89% of enterprise AI usage is invisible to the organization Read More »

The 5 stages of incident response grief

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, LogicGate, News, opinion /

The 5 stages of incident response grief 2025-03-05 at 18:03 By Help Net Security Whether we recognize it or not, anytime an incident occurs, it sets off the grieving process. But grief isn’t a bad thing: it’s how we process our emotional reactions and move on. That’s precisely what security teams need to do in

React to this headline:

Loading spinner

The 5 stages of incident response grief Read More »

Fix Inventory: Open-source cloud asset inventory tool

asset discovery, cloud security, Don't miss, GitHub, IT assets, News, open source, software /

Fix Inventory: Open-source cloud asset inventory tool 2025-03-05 at 08:04 By Help Net Security Fix Inventory is an open-source tool for detecting compliance and security risks in cloud infrastructure accounts. It was built from the ground up for cloud-native environments and provides broad support for over 300 cloud services, including AWS, Google Cloud Platform, Azure,

React to this headline:

Loading spinner

Fix Inventory: Open-source cloud asset inventory tool Read More »

Why multi-cloud security needs a fresh approach to stay resilient

CISO, cloud security, Don't miss, Hot stuff, News, strategy, tips /

Why multi-cloud security needs a fresh approach to stay resilient 2025-03-05 at 07:41 By Mirko Zorz As enterprises expand their multi-cloud strategies to drive agility and scalability, CISOs must prioritize cyber resilience across diverse cloud platforms. The complexities of securing multi-cloud environments demand innovative solutions to maintain a strong security posture. “Many organizations in regulated

React to this headline:

Loading spinner

Why multi-cloud security needs a fresh approach to stay resilient Read More »

Prioritizing data and identity security in 2025

Artificial Intelligence, cybersecurity, data security, Don't miss, Expert analysis, Expert corner, Hot stuff, human error, identity protection, News, opinion /

Prioritizing data and identity security in 2025 2025-03-04 at 17:02 By Help Net Security To say that the cybersecurity landscape has grown more complex over the past several years would be a dramatic understatement. Attackers have more resources at their fingertips than ever, and data breaches have become almost a daily occurrence. For both businesses

React to this headline:

Loading spinner

Prioritizing data and identity security in 2025 Read More »

eBook: What does it take to be a full-fledged virtual CISO?

Cynomi, Don't miss, News, Whitepapers and webinars /

eBook: What does it take to be a full-fledged virtual CISO? 2025-03-04 at 16:00 By Help Net Security Virtual Chief Information Security Officer (vCISO) services are in high demand. Even though it is clear to all that this trend is growing, most service providers only offer a portion of overall CISO duties. Many ask themselves

React to this headline:

Loading spinner

eBook: What does it take to be a full-fledged virtual CISO? Read More »

Building cyber resilience in banking: Expert insights on strategy, risk, and regulation

Citizens, cyber resilience, cybersecurity, Don't miss, Features, financial industry, framework, Hot stuff, News, opinion, security controls, strategy /

Building cyber resilience in banking: Expert insights on strategy, risk, and regulation 2025-03-04 at 09:23 By Mirko Zorz In this Help Net Security interview, Matthew Darlage, CISO at Citizens, discusses key strategies for strengthening cyber resilience in banks. He underlines that adherence to frameworks like NIST is essential for continuous improvement and that data protection

React to this headline:

Loading spinner

Building cyber resilience in banking: Expert insights on strategy, risk, and regulation Read More »

CISO vs. CIO: Where security and IT leadership clash (and how to fix it)

CISO, CXO, cybersecurity, Don't miss, Hot stuff, LogicGate, News, opinion, security ROI, strategy, tips /

CISO vs. CIO: Where security and IT leadership clash (and how to fix it) 2025-03-04 at 08:01 By Mirko Zorz The dynamic between CISOs and CIOs has always been complex. While both roles are essential to an organization’s success, their priorities often put them at odds. The CIO focuses on IT efficiency, innovation, and business

React to this headline:

Loading spinner

CISO vs. CIO: Where security and IT leadership clash (and how to fix it) Read More »

Cybersecurity jobs available right now: March 4, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: March 4, 2025 2025-03-04 at 07:36 By Anamarija Pogorelec Application Security Engineer Via | Israel | Hybrid – View job details As a Application Security Engineer, you will perform security assessments, including penetration testing, vulnerability scanning, and code reviews, to identify security weaknesses in applications. Define and implement application security

React to this headline:

Loading spinner

Cybersecurity jobs available right now: March 4, 2025 Read More »

Online crime-as-a-service skyrockets with 24,000 users selling attack tools

cybercrime, cybersecurity, fraud, identity, identity verification, iProov, News, report, survey /

Online crime-as-a-service skyrockets with 24,000 users selling attack tools 2025-03-03 at 19:01 By Help Net Security The growth of AI-based technology has introduced new challenges, making remote identity verification systems more vulnerable to attacks, according to iProov. Innovative and easily accessible tools have allowed threat actors to become more sophisticated overnight, powering an increasing number

React to this headline:

Loading spinner

Online crime-as-a-service skyrockets with 24,000 users selling attack tools Read More »

Commix: Open-source OS command injection exploitation tool

cybersecurity, Don't miss, GitHub, News, open source, software /

Commix: Open-source OS command injection exploitation tool 2025-03-03 at 08:08 By Help Net Security Commix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments for researchers and ethical hackers. Commix features Easy to use: Commix simplifies the process of identifying and exploiting command injection

React to this headline:

Loading spinner

Commix: Open-source OS command injection exploitation tool Read More »

Review: The Chief AI Officer’s Handbook

Artificial Intelligence, books, Don't miss, Hot stuff, News, Review, Reviews, skill development, strategy, tips /

Review: The Chief AI Officer’s Handbook 2025-03-03 at 07:33 By Mirko Zorz The Chief AI Officer’s Handbook is a comprehensive resource for professionals navigating AI implementation and strategy. It is particularly valuable for Chief AI Officers (CAIOs), offering guidance on defining their role and executing AI-driven business strategies. About the author Jarrod Anderson, SYRV’s Chief

React to this headline:

Loading spinner

Review: The Chief AI Officer’s Handbook Read More »

How QR code attacks work and how to protect yourself

cybercrime, cybersecurity, Don't miss, fraud, how-to, News, QR codes, tips /

How QR code attacks work and how to protect yourself 2025-03-03 at 07:13 By Help Net Security QR codes have become an integral part of our everyday life due to their simplicity. While they’ve been around for many years, their use exploded during the COVID-19 pandemic, when businesses turned to them for contactless menus, payments,

React to this headline:

Loading spinner

How QR code attacks work and how to protect yourself Read More »

Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released

News, Week in review /

Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released 2025-03-02 at 11:06 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Massive botnet hits Microsoft 365 accounts A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying

React to this headline:

Loading spinner

Week in review: Botnet hits M365 accounts, PoC for Ivanti Endpoint Manager vulnerabilities released Read More »

OT/ICS cyber threats escalate as geopolitical conflicts intensify

critical infrastructure, Dragos, ICS/SCADA, News, report /

OT/ICS cyber threats escalate as geopolitical conflicts intensify 2025-02-28 at 17:03 By Help Net Security Ransomware attacks against industrial organizations surged by 87% over the past year, while new malware families designed specifically for OT environments emerged. These findings highlight a troubling trend: OT systems are increasingly becoming mainstream targets, and even sophisticated threat actors

React to this headline:

Loading spinner

OT/ICS cyber threats escalate as geopolitical conflicts intensify Read More »

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)

CVE, Don't miss, Hot stuff, MITRE, News, open source, PoC, red team, training /

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) 2025-02-28 at 17:03 By Zeljka Zorz Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code execution. About MITRE Caldera MITRE Caldera is a platform built on the

React to this headline:

Loading spinner

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) Read More »

OSPS Baseline: Practical security best practices for open source software projects

cyber resilience, Don't miss, guide, Hot stuff, News, open source, OpenSSF, software development /

OSPS Baseline: Practical security best practices for open source software projects 2025-02-28 at 14:49 By Help Net Security The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security Baseline (OSPS Baseline), a tiered framework of security practices that evolve with the

React to this headline:

Loading spinner

OSPS Baseline: Practical security best practices for open source software projects Read More »

Understanding the AI Act and its compliance challenges

Artificial Intelligence, Compliance, cybersecurity, Don't miss, EU, Features, GDPR, Hot stuff, Hunton Andrews Kurth, legislation, News, opinion, regulation, strategy /

Understanding the AI Act and its compliance challenges 2025-02-28 at 08:03 By Mirko Zorz In this Help Net Security interview, David Dumont, Partner at Hunton Andrews Kurth, discusses the implications of the EU AI Act and how organizations can leverage existing GDPR frameworks while addressing new obligations such as conformity assessments and transparency requirements. Dumont

React to this headline:

Loading spinner

Understanding the AI Act and its compliance challenges Read More »

Infosec products of the month: February 2025

1Password, Armor, BigID, Dynatrace, Fortinet, Legit Security, Netwrix, News, Nymi, Palo Alto Networks, Pangea, Privacera, Qualys, SafeBreach, Satori, Seal Security, Socure, Trustmi, Veeam Software /

Infosec products of the month: February 2025 2025-02-28 at 07:07 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Armor, BigID, Dynatrace, Fortinet, Legit Security, Netwrix, Nymi, Palo Alto Networks, Pangea, Privacera, Qualys, SafeBreach, Satori, Seal Security, Socure, and Veeam Software. Qualys TotalAppSec enables

React to this headline:

Loading spinner

Infosec products of the month: February 2025 Read More »

Scroll to Top