News

This is the year CISOs unlock AI’s full potential

Artificial Intelligence, Balbix, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, generative AI, Hot stuff, News, opinion /

This is the year CISOs unlock AI’s full potential 2025-01-14 at 07:31 By Help Net Security In 2025, CISOs will have powerful new capabilities as generative artificial intelligence (GenAI) continues to mature. Evolving beyond providing answers to questions, GenAI will provide proactive recommendations, take action, and communicate in a personalized manner. This transition will enable […]

React to this headline:

Loading spinner

This is the year CISOs unlock AI’s full potential Read More »

How AI and ML are transforming digital banking security

Artificial Intelligence, authentication, cybersecurity, Don't miss, Features, financial industry, Hot stuff, machine learning, News, opinion, passwordless, Solaris, strategy /

How AI and ML are transforming digital banking security 2025-01-14 at 07:04 By Mirko Zorz In this Help Net Security interview, Nuno Martins da Silveira Teodoro, VP of Group Cybersecurity at Solaris, discusses the latest advancements in digital banking security. He talks about how AI and ML are reshaping fraud detection, the growing trend of

React to this headline:

Loading spinner

How AI and ML are transforming digital banking security Read More »

Cybersecurity jobs available right now: January 14, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: January 14, 2025 2025-01-14 at 06:34 By Anamarija Pogorelec Application Security Engineer ENOC | UAE | On-site – View job details As an Application Security Engineer, you will establish and maintain DLP policies to prevent unauthorized access, transmission, or disclosure of sensitive data, focusing on both on-premises and cloud environments.

React to this headline:

Loading spinner

Cybersecurity jobs available right now: January 14, 2025 Read More »

What 2024 taught us about security vulnerabilties

BitSight, Black Duck, Checkmarx, CISA, cybersecurity, FBI, Fortinet, NCSC, News, NSA, report, Skybox Security, survey, Tenable, Veracode, vulnerability /

What 2024 taught us about security vulnerabilties 2025-01-14 at 06:03 By Help Net Security From zero-day exploits to weaknesses in widely used software and hardware, the vulnerabilities uncovered last year underscore threat actors’ tactics and the critical gaps in organizational defenses. This roundup showcases the standout findings from 2024’s cybersecurity reports, highlighting critical risks and

React to this headline:

Loading spinner

What 2024 taught us about security vulnerabilties Read More »

UK domain registry Nominet breached via Ivanti zero-day

0-day, CISA, Don't miss, Hot stuff, Ivanti, Mandiant, News, Nominet, Shadowserver, WatchTowr /

UK domain registry Nominet breached via Ivanti zero-day 2025-01-13 at 22:17 By Zeljka Zorz The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver Foundation shared today. In the meantime, UK domain registry Nominet became the first publicly known

React to this headline:

Loading spinner

UK domain registry Nominet breached via Ivanti zero-day Read More »

Attackers are encrypting AWS S3 data without using ransomware

AWS, cloud storage, Don't miss, enterprise, extortion, Halcyon, Hot stuff, News, Ransomware /

Attackers are encrypting AWS S3 data without using ransomware 2025-01-13 at 19:03 By Zeljka Zorz A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with AWS’s server-side encryption option with customer-provided keys (SSE-C), and asking for money to hand over the key they used. They do not exfiltrate the

React to this headline:

Loading spinner

Attackers are encrypting AWS S3 data without using ransomware Read More »

EU law enforcement training agency data breach: Data of 97,000 individuals compromised

data breach, Don't miss, EU, EU CEPOL, Hot stuff, law enforcement, News /

EU law enforcement training agency data breach: Data of 97,000 individuals compromised 2025-01-13 at 16:35 By Zeljka Zorz Personal data of nearly 100,000 individuals that have participated in trainings organized by CEPOL, the European Union (EU) Agency for Law Enforcement Training, has potentially been compromised due to the cyberattack suffered by the agency in May

React to this headline:

Loading spinner

EU law enforcement training agency data breach: Data of 97,000 individuals compromised Read More »

Alleged Blender, Sinbad cryptomixer operators arrested, indicted

arrest, Cryptocurrency, cybercrime, News, Ransomware, US DoJ /

Alleged Blender, Sinbad cryptomixer operators arrested, indicted 2025-01-13 at 13:34 By Help Net Security Three Russian nationals have been indicted in the Northern District of Georgia for their alleged role as operators of cryptocurrency mixing (cryptomixer) services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on Dec. 1, 2024, roughly a

React to this headline:

Loading spinner

Alleged Blender, Sinbad cryptomixer operators arrested, indicted Read More »

GitHub CISO on security strategy and collaborating with the open-source community

CISO, cybersecurity, Don't miss, Features, GitHub, Hot stuff, News, open source, opinion, software development, strategy, tips /

GitHub CISO on security strategy and collaborating with the open-source community 2025-01-13 at 07:06 By Mirko Zorz In this Help Net Security, Alexis Wales, CISO at GitHub, discusses how GitHub embeds security into every aspect of its platform to protect millions of developers and repositories, ensuring it remains a trustworthy platform for building secure software.

React to this headline:

Loading spinner

GitHub CISO on security strategy and collaborating with the open-source community Read More »

Chainsaw: Open-source tool for hunting through Windows forensic artefacts

Don't miss, GitHub, News, open source, software, Windows, WithSecure /

Chainsaw: Open-source tool for hunting through Windows forensic artefacts 2025-01-13 at 06:34 By Help Net Security Chainsaw is an open-source first-response tool for quickly detecting threats in Windows forensic artefacts, including Event Logs and the MFT file. It enables fast keyword searches through event logs and identifies threats using built-in Sigma detection and custom detection

React to this headline:

Loading spinner

Chainsaw: Open-source tool for hunting through Windows forensic artefacts Read More »

Time for a change: Elevating developers’ security skills

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, skill development, software development, Symbiotic Security, vulnerability management /

Time for a change: Elevating developers’ security skills 2025-01-13 at 06:07 By Help Net Security Organizations don’t know their software engineers’ security skills because they don’t assess them in the interview process. Trying to do that in an interview is challenging, of course, given the time it takes for a proper assessment. However, given the

React to this headline:

Loading spinner

Time for a change: Elevating developers’ security skills Read More »

Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast

News, Week in review /

Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast 2025-01-12 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways,

React to this headline:

Loading spinner

Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast Read More »

Job-seeking devs targeted with fake CrowdStrike offer via email

CrowdStrike, cryptojacking, cybersecurity jobs, Don't miss, Hot stuff, News, scams, Windows /

Job-seeking devs targeted with fake CrowdStrike offer via email 2025-01-10 at 14:33 By Zeljka Zorz Cryptojackers are impersonating Crowdstrike via email to get developers to unwittingly install the XMRig cryptocurrency miner on their Windows PC, the company has warned. The email Crowdstrike has a web page where job hunters can see which positions are open

React to this headline:

Loading spinner

Job-seeking devs targeted with fake CrowdStrike offer via email Read More »

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance

Adobe, Don't miss, Expert analysis, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, Windows /

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance 2025-01-10 at 09:45 By Help Net Security Welcome to 2025 and a new year of patch excitement! In my December article, I talked about Microsoft’s Secure Future Initiative (SFI) and how it manifested in many of the Microsoft products released in 2024. While this security

React to this headline:

Loading spinner

January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance Read More »

The SBI fake banking app shows that SMS authentication has had its day

authentication, cybercrime, cybersecurity, Don't miss, Expert analysis, Expert corner, financial industry, fraud, Hot stuff, IBS Software, News, opinion /

The SBI fake banking app shows that SMS authentication has had its day 2025-01-10 at 07:01 By Help Net Security As a company fortunate enough to have and maintain our own pentesting team, we often do outreach with other organizations to assist with or provide our expertise in offensive security. In collaboration with the Kerala

React to this headline:

Loading spinner

The SBI fake banking app shows that SMS authentication has had its day Read More »

Preventing the next ransomware attack with help from AI

Artificial Intelligence, BlackFog, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Ransomware, security awareness, strategy, tips /

Preventing the next ransomware attack with help from AI 2025-01-10 at 07:01 By Mirko Zorz In this Help Net Security interview, Dr. Darren Williams, CEO at BlackFog, talks about how employee training plays a crucial role in preventing ransomware attacks. He points out that human error is often the biggest security risk and explains how

React to this headline:

Loading spinner

Preventing the next ransomware attack with help from AI Read More »

New infosec products of the week: January 10, 2025

BioConnect, Bitdefender, BreachLock, McAfee, Netgear, News, Swimlane /

New infosec products of the week: January 10, 2025 2025-01-10 at 06:08 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from BioConnect, BreachLock, McAfee, Netgear, and Swimlane. NETGEAR Armor, powered by Bitdefender, protects home networks against cyber threats Armor is a security and privacy solution

React to this headline:

Loading spinner

New infosec products of the week: January 10, 2025 Read More »

Banshee Stealer variant targets Russian-speaking macOS users

Check Point, Don't miss, Hot stuff, macOS, Malware, News /

Banshee Stealer variant targets Russian-speaking macOS users 2025-01-09 at 19:48 By Zeljka Zorz The Banshee Stealer is a stealthy threat to the rising number of macOS users around the world, including those in Russian-speaking countries, according to Check Point researcher Antonis Terefos. Banshee Stealer was first publicly profiled in August 2024, a month after its

React to this headline:

Loading spinner

Banshee Stealer variant targets Russian-speaking macOS users Read More »

Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)

0-day, Don't miss, enterprise, Hot stuff, Ivanti, Mandiant, News, VPN /

Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) 2025-01-09 at 14:23 By Zeljka Zorz The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant researchers have shared. It’s still impossible to say whether they were mounted by a single threat actor, but the

React to this headline:

Loading spinner

Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282) Read More »

Wireshark 4.4.3 released: Updated protocol support, bug fixes

News, open source, software, Wireshark /

Wireshark 4.4.3 released: Updated protocol support, bug fixes 2025-01-09 at 11:07 By Help Net Security Wireshark, the popular network protocol analyzer, has reached version 4.4.3. Wireshark offers deep inspection across hundreds of protocols, live and offline analysis, and display filters. With multi-platform support, VoIP analysis, and capture file compatibility, it’s perfect for professionals seeking intuitive

React to this headline:

Loading spinner

Wireshark 4.4.3 released: Updated protocol support, bug fixes Read More »

Scroll to Top