News

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures

Database Protection, News, Reports, Security Research, Threat Intelligence /

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures 2025-03-26 at 15:02 By Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks targeting healthcare organizations, from ransomware to third-party threats. Key Findings from the 2025 Trustwave Risk Radar Report – Explore critical insights on healthcare cybersecurity, attack trends, and the growing need […]

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures Read More »

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)

0-day, APT, Chrome, Don't miss, exploit, Hot stuff, Kaspersky, News, Windows /

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) 2025-03-26 at 13:08 By Zeljka Zorz Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The vulnerability was flagged by Kaspersky researchers, who discovered it being exploited by

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) Read More »

A CISO’s guide to securing AI models

access control, Artificial Intelligence, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, News, opinion, Protect AI /

A CISO’s guide to securing AI models 2025-03-26 at 08:05 By Help Net Security In AI applications, machine learning (ML) models are the core decision-making engines that drive predictions, recommendations, and autonomous actions. Unlike traditional IT applications, which rely on predefined rules and static algorithms, ML models are dynamic—they develop their own internal patterns and

A CISO’s guide to securing AI models Read More »

Malwoverview: First response tool for threat hunting

Don't miss, GitHub, News, open source, software /

Malwoverview: First response tool for threat hunting 2025-03-26 at 07:32 By Mirko Zorz Malwoverview is an open-source threat hunting tool designed for the initial triage of malware samples, URLs, IP addresses, domains, malware families, IOCs, and hashes. “Malwoverview is simple and direct, integrating multiple public sandboxes to retrieve and display only relevant information. It enables

Malwoverview: First response tool for threat hunting Read More »

Trustwave SpiderLabs Threat Review: Alleged Oracle Compromise

data breach, DFIR, News /

Trustwave SpiderLabs Threat Review: Alleged Oracle Compromise 2025-03-25 at 23:49 By On March 20, a relatively unknown user on Breach Forums posted the allegation that Oracle had suffered a data breach. According to published reports, the attacker claimed that 6 million customer records were exfiltrated from Oracle’s SSO and LDAP systems. This article is an excerpt

Trustwave SpiderLabs Threat Review: Alleged Oracle Compromise Read More »

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover

AWS, containers, Don't miss, Google, Hot stuff, Kubernetes, News, vulnerability, Wiz /

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover 2025-03-25 at 18:54 By Zeljka Zorz Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over Kubernetes clusters. “Based on our analysis, about 43% of cloud environments are vulnerable to these vulnerabilities, with our research uncovering

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover Read More »

Review: The Developer’s Playbook for Large Language Model Security

Artificial Intelligence, books, cybersecurity, Don't miss, Exabeam, Hot stuff, News, Reviews, strategy, tips /

Review: The Developer’s Playbook for Large Language Model Security 2025-03-25 at 18:06 By Mirko Zorz With the adoption of large language models (LLMs) across industries, security teams often play catch-up. Many organizations are integrating GenAI into customer interactions, software development, and enterprise decision-making, often without grasping the security implications. As LLMs are becoming integral to

Review: The Developer’s Playbook for Large Language Model Security Read More »

Microsoft’s new AI agents take on phishing, patching, alert fatigue

Artificial Intelligence, Aviatrix, BlueVoyant, cybersecurity, Don't miss, Fletch, Microsoft, News, OneTrust, Tanium /

Microsoft’s new AI agents take on phishing, patching, alert fatigue 2025-03-25 at 18:06 By Mirko Zorz Microsoft is rolling out a new generation of AI agents in Security Copilot, built to help with some of the most time-consuming security challenges, such as phishing, data protection, and identity management. Phishing is still one of the most

Microsoft’s new AI agents take on phishing, patching, alert fatigue Read More »

The vCISO Academy: Transforming MSPs and MSSPs into cybersecurity powerhouses

CISO, cybersecurity, Cynomi, Don't miss, Hot stuff, News /

The vCISO Academy: Transforming MSPs and MSSPs into cybersecurity powerhouses 2025-03-25 at 16:13 By Help Net Security By now, it’s no secret—cyber threats are on the rise, and the need for strong cybersecurity is greater than ever. Globally small and medium-sized businesses (SMBs) are prime targets for cyberattacks, yet many can’t afford a full-time Chief

The vCISO Academy: Transforming MSPs and MSSPs into cybersecurity powerhouses Read More »

Trustwave MailMarshal’s Secure Email Gateway Protects Against Phishing/Ransomware Attacks

data breach, email security, Emerging Threats, News /

Trustwave MailMarshal’s Secure Email Gateway Protects Against Phishing/Ransomware Attacks 2025-03-25 at 15:28 By Combat Medusa Ransomware: Learn how Trustwave MailMarshal’s secure email gateway effectively blocks phishing attacks, the primary entry point for this dangerous threat. Strengthen Your Email Security: Discover the layered protection and advanced threat detection capabilities of our managed email security services, and prevent costly data breaches.

Trustwave MailMarshal’s Secure Email Gateway Protects Against Phishing/Ransomware Attacks Read More »

Spring clean your security data: The case for cybersecurity data hygiene

Auguria, cyber hygiene, cybersecurity, data management, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, SIEM, SOC, strategy /

Spring clean your security data: The case for cybersecurity data hygiene 2025-03-25 at 08:41 By Help Net Security Spring cleaning isn’t just for your closets; security teams should take the same approach to their security operations data, where years of unchecked log growth have created a bloated, inefficient and costly mess. The modern Security Operations

Spring clean your security data: The case for cybersecurity data hygiene Read More »

OT systems are strategic targets in global power struggles

cyberattacks, cybercrime, cybersecurity, News, Ransomware, Waterfall Security Solutions /

OT systems are strategic targets in global power struggles 2025-03-25 at 08:06 By Help Net Security Compared to 2023, 2024 saw a smaller increase in cyberattacks that caused physical consequences on OT organizations, according to Waterfall Security. Nevertheless, there were sharp jumps in the number of sites affected by the hacks, as well as in

OT systems are strategic targets in global power struggles Read More »

How AI agents could undermine computing infrastructure security

Artificial Intelligence, cybersecurity, Don't miss, Hot stuff, News, opinion, Teleport, threats, Video /

How AI agents could undermine computing infrastructure security 2025-03-25 at 07:34 By Help Net Security In this Help Net Security video, Ev Kontsevoy, CEO at Teleport, explores the risks AI agents pose to computing infrastructure, particularly when exposed to social engineering attacks. Unlike traditional software, AI agents aren’t fully deterministic, making them more vulnerable to

How AI agents could undermine computing infrastructure security Read More »

Cybersecurity jobs available right now: March 25, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: March 25, 2025 2025-03-25 at 07:03 By Anamarija Pogorelec Analyst – Cyber Threat Intelligence Adecco | UAE | On-site – View job details As an Analyst – Cyber Threat Intelligence, you will conduct threat hunting missions across multi-cloud environments and perform cyber forensics to analyze security incidents. You will also

Cybersecurity jobs available right now: March 25, 2025 Read More »

Protecting your personal information from data brokers

cybersecurity, data, data security, Don't miss, how-to, News, regulation, strategy, tips /

Protecting your personal information from data brokers 2025-03-24 at 18:01 By Help Net Security How aware are you that your personal information could be bought and sold without your consent—and that there are companies whose entire business model revolves around this? So, these companies, called data brokers, collect everything they can about you – where

Protecting your personal information from data brokers Read More »

Report: Fortune 500 employee-linked account exposure

Don't miss, Enzoic, News, Whitepapers and webinars /

Report: Fortune 500 employee-linked account exposure 2025-03-24 at 16:01 By Help Net Security A backbone of our economy, Fortune 500 companies employ more than 31 million people worldwide. According to data analyzed by the Enzoic research team, over the past three years of 2022, 2023, and 2024, more than three million employee-linked accounts became newly

Report: Fortune 500 employee-linked account exposure Read More »

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

Cloudflare, Don't miss, framework, Hot stuff, News, Next.js, open source, PoC, ProjectDiscovery, vulnerability, web application security, web development /

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) 2025-03-24 at 15:17 By Zeljka Zorz A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web pages they should no have access to (e.g., the web app’s admin panel).

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) Read More »

How AI, corruption and digital tools fuel Europe’s criminal underworld

cybercrime, Don't miss, EU, Europe, Europol, law enforcement, News, report /

How AI, corruption and digital tools fuel Europe’s criminal underworld 2025-03-24 at 09:31 By Help Net Security Europol has released its 2025 report on serious and organized crime in the EU. The EU Serious and Organised Crime Threat Assessment (EU-SOCTA) is based on intelligence from EU countries and global law enforcement. The findings are stark.

How AI, corruption and digital tools fuel Europe’s criminal underworld Read More »

Enterprises walk a tightrope between AI innovation and security

Artificial Intelligence, ChatGPT, cybercrime, cybersecurity, News, report, survey, Zscaler /

Enterprises walk a tightrope between AI innovation and security 2025-03-24 at 08:02 By Help Net Security AI/ML tool usage surged globally in 2024, with enterprises integrating AI into operations and employees embedding it in daily workflows, according to Zscaler. The report reveals a 3,000+% year-over-year growth in enterprise use of AI/ML tools, highlighting the rapid

Enterprises walk a tightrope between AI innovation and security Read More »

Scroll to Top