News

Apple strengthens storage flexibility with new disk image formats

apple, cybersecurity, digital forensics, Encryption, News /

Apple strengthens storage flexibility with new disk image formats 2025-10-03 at 08:04 By Sinisa Markovic Apple’s release of macOS 26 Tahoe introduced a new disk image format and updated an older one, both of which are drawing attention from system testers and forensic examiners. Apple Sparse Image Format (ASIF) The Apple Sparse Image Format (ASIF) […]

React to this headline:

Loading spinner

Apple strengthens storage flexibility with new disk image formats Read More »

AI hype hits a wall when the data doesn’t deliver

Artificial Intelligence, investment, News, report, Riverbed, security ROI /

AI hype hits a wall when the data doesn’t deliver 2025-10-03 at 07:31 By Anamarija Pogorelec Companies are pouring money into AI for IT operations, but most projects are still far from maturity. A global survey of 1,200 business leaders, IT leaders, and technical specialists found that while spending and confidence are rising, only 12%

React to this headline:

Loading spinner

AI hype hits a wall when the data doesn’t deliver Read More »

New infosec products of the week: October 3, 2025

Acronis, Legit Security, News, NowSecure, Siemens, TELUS /

New infosec products of the week: October 3, 2025 2025-10-03 at 07:04 By Anamarija Pogorelec Here’s a look at the most interesting products from the past week, featuring releases from Acronis, Legit Security, NowSecure, Siemens, and Telus. NowSecure Privacy helps organizations protect mobile apps from data leaks NowSecure announced the release of NowSecure Privacy, a

React to this headline:

Loading spinner

New infosec products of the week: October 3, 2025 Read More »

Hackers claim to have plundered Red Hat’s GitHub repos

data breach, data theft, Don't miss, GitHub, Hot stuff, News, Red Hat /

Hackers claim to have plundered Red Hat’s GitHub repos 2025-10-02 at 20:00 By Zeljka Zorz The Crimson Collective, an emerging extortion / hacker group, has made a bombshell claim on their Telegram channel: they have gained access to Red Hat’s GitHub and have exfiltrated data from over 28,000 internal repositories connected to the company’s consulting

React to this headline:

Loading spinner

Hackers claim to have plundered Red Hat’s GitHub repos Read More »

OpenSSL 3.6.0: New features, crypto support

Encryption, News, open source, software /

OpenSSL 3.6.0: New features, crypto support 2025-10-02 at 17:54 By Anamarija Pogorelec The OpenSSL Project has announced the release of OpenSSL 3.6.0, a feature update that brings significant functionality improvements, standards compliance, and a few key deprecations that developers and security teams will need to keep in mind. Key cryptographic enhancements OpenSSL 3.6.0 introduces several

React to this headline:

Loading spinner

OpenSSL 3.6.0: New features, crypto support Read More »

Oracle customers targeted with emails claiming E-Business Suite breach, data theft

Atmos, Don't miss, extortion, Google Cloud, Halcyon, Hot stuff, Mandiant, News, Oracle /

Oracle customers targeted with emails claiming E-Business Suite breach, data theft 2025-10-02 at 16:19 By Zeljka Zorz Unknown attackers claiming affiliation with the Cl0p extortion gang are hitting business and IT executives at various companies with emails claiming that they have exfiltrated sensitive data from the firms’ Oracle E-Business Suite (EBS). The email campaign According

React to this headline:

Loading spinner

Oracle customers targeted with emails claiming E-Business Suite breach, data theft Read More »

ProSpy and ToSpy: New spyware families impersonating secure messaging apps

Android, cybercrime, ESET, Malware, News, Signal, spyware /

ProSpy and ToSpy: New spyware families impersonating secure messaging apps 2025-10-02 at 12:04 By Anamarija Pogorelec ESET researchers have found two Android spyware campaigns aimed at people looking for secure messaging apps such as Signal and ToTok. The attackers spread the spyware through fake websites and social engineering. Researchers identified two previously unknown spyware families.

React to this headline:

Loading spinner

ProSpy and ToSpy: New spyware families impersonating secure messaging apps Read More »

Building a mature automotive cybersecurity program beyond checklists

agentic AI, Agero, automotive security, Compliance, cybersecurity, Don't miss, Features, Hot stuff, News, security controls, security metrics, strategy /

Building a mature automotive cybersecurity program beyond checklists 2025-10-02 at 09:41 By Mirko Zorz In this Help Net Security interview, Robert Sullivan, CIO & CISO at Agero, shares his perspective on automotive cybersecurity. He discusses strategies for developing mature security programs, meeting regulatory requirements, and addressing supply chain risks. Sullivan also looks ahead to how

React to this headline:

Loading spinner

Building a mature automotive cybersecurity program beyond checklists Read More »

GPT needs to be rewired for security

Artificial Intelligence, automation, cybersecurity, Don't miss, Exaforce, Expert analysis, Expert corner, Hot stuff, LLMs, News, opinion, SOC /

GPT needs to be rewired for security 2025-10-02 at 09:18 By Help Net Security LLMs and agentic systems already shine at everyday productivity, including transcribing and summarizing meetings, extracting action items, prioritizing critical emails, and even planning travel. But in the SOC (where mistakes have real cost), today’s models stumble on work that demands high

React to this headline:

Loading spinner

GPT needs to be rewired for security Read More »

Chekov: Open-source static code analysis tool

cloud security, code analysis, cybersecurity, Don't miss, GitHub, News, open source, software /

Chekov: Open-source static code analysis tool 2025-10-02 at 09:18 By Sinisa Markovic Checkov is an open-source tool designed to help teams secure their cloud infrastructure and code. At its core, it’s a static code analysis tool for infrastructure as code (IaC), but it also goes a step further by providing software composition analysis (SCA) for

React to this headline:

Loading spinner

Chekov: Open-source static code analysis tool Read More »

The energy sector is ground zero for global cyber activity

critical infrastructure, cybersecurity, Don't miss, energy sector, machine learning, News, research, threats /

The energy sector is ground zero for global cyber activity 2025-10-02 at 08:27 By Sinisa Markovic A new study from the Karlsruhe Institute of Technology shows how geopolitical tensions shape cyberattacks on power grids, fuel systems, and other critical infrastructure. How the research was done Researchers reviewed major cyber threat databases including MITRE ATT&CK Groups,

React to this headline:

Loading spinner

The energy sector is ground zero for global cyber activity Read More »

Biotech platforms keep missing the mark on security fundamentals

access control, cybersecurity, Data leak, data security, healthcare, News, report, Sekurno /

Biotech platforms keep missing the mark on security fundamentals 2025-10-02 at 08:27 By Anamarija Pogorelec A new security posture report on the biotech sector shows how quickly attackers could reach sensitive health data with only basic reconnaissance. Researchers needed less than two hours per company to uncover exposed genomic records, unprotected APIs, and misconfigured systems,

React to this headline:

Loading spinner

Biotech platforms keep missing the mark on security fundamentals Read More »

Underwriting is shifting to AI-driven, real-time decisions by 2030

agentic AI, Artificial Intelligence, CXO, cyber insurance, data collection, Experian, fraud, News, strategy /

Underwriting is shifting to AI-driven, real-time decisions by 2030 2025-10-02 at 07:45 By Anamarija Pogorelec Underwriting is undergoing a major transformation as financial institutions push for faster decisions, better fraud detection, and greater personalization, according to a new global Experian report. By 2030, credit decisions are expected to become embedded in everyday transactions, with artificial

React to this headline:

Loading spinner

Underwriting is shifting to AI-driven, real-time decisions by 2030 Read More »

North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S.

AI, Australia, Canada, Don't miss, Europe, financial industry, Germany, Government, healthcare, Hot stuff, India, Insider Threat, Japan, News, North Korea, Okta, remote working, Singapore, software development, tips, UK, USA /

North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S. 2025-10-01 at 17:24 By Zeljka Zorz North Korea’s clandestine IT Worker (ITW) program, which is long known for targeting U.S. technology firms and crypto firms, has broadened its scope to attempt to infiltrate a variety of industries worldwide, including finance, healthcare, public

React to this headline:

Loading spinner

North Korea’s IT workers are targeting firms beyond tech, crypto, and the U.S. Read More »

Google Drive for desktop will spot, stop and remedy ransomware damage

cloud storage, Don't miss, Encryption, Google, Google Drive, Hot stuff, macOS, News, Ransomware, Windows /

Google Drive for desktop will spot, stop and remedy ransomware damage 2025-10-01 at 16:33 By Zeljka Zorz Google has rolled out AI-powered ransomware detection and file restoration features in Drive for desktop, Google’s official file syncing and access app for Windows and macOS. Currently in open beta, this new layer of defense is not meant

React to this headline:

Loading spinner

Google Drive for desktop will spot, stop and remedy ransomware damage Read More »

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts

0-day, Cisco, Don't miss, firewall, Government, government-backed attacks, GreyNoise, Hot stuff, News, Shadowserver /

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts 2025-10-01 at 13:36 By Zeljka Zorz Despite Cisco and various cybersecurity agencies warning about attackers actively exploting zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362) in Cisco Adaptive Security Appliances (ASA) for months, there are still around 48,000 vulnerable appliances out there. The number is provided by

React to this headline:

Loading spinner

Too many Cisco ASA firewalls still unsecure despite zero-day attack alerts Read More »

Hackers love LOTL, this approach shuts them down

Bitdefender, cyberattacks, cybersecurity, Don't miss, Hot stuff, News, Risk Management /

Hackers love LOTL, this approach shuts them down 2025-10-01 at 09:04 By Zeljka Zorz Every time cyber defenders and companies discover new ways to block intrusions, attackers change their tactics and find a way around the defenses. “Living off the Land” (LOTL) is a prime example: since many detection tools became good at flagging malware,

React to this headline:

Loading spinner

Hackers love LOTL, this approach shuts them down Read More »

A2AS framework targets prompt injection and agentic AI security risks

agentic AI, Artificial Intelligence, CISO, cybersecurity, Don't miss, framework, LLMs, News /

A2AS framework targets prompt injection and agentic AI security risks 2025-10-01 at 08:31 By Mirko Zorz AI systems are now deeply embedded in business operations, and this introduces new security risks that traditional controls are not built to handle. The newly released A2AS framework is designed to protect AI agents at runtime and prevent real-world

React to this headline:

Loading spinner

A2AS framework targets prompt injection and agentic AI security risks Read More »

Biometric spoofing isn’t as complex as it sounds

biometrics, cybersecurity, Group-IB, iProov, News, Ping Identity, Solaris, spoofing /

Biometric spoofing isn’t as complex as it sounds 2025-10-01 at 08:04 By Sinisa Markovic Biometric technologies were originally designed to improve security and streamline authentication, but they’re often misused in ways most people don’t notice. Like any system, biometrics has weaknesses that attackers can exploit. Biometric spoofing isn’t as complex as it sounds. It’s basically

React to this headline:

Loading spinner

Biometric spoofing isn’t as complex as it sounds Read More »

How to stop a single vendor breach from taking down your business

CISO, cyber risk, cybersecurity, Don't miss, Hot stuff, Intel 471, News, Risk Management, strategy, third party compromise, tips, Video /

How to stop a single vendor breach from taking down your business 2025-10-01 at 07:38 By Help Net Security In this Help Net Security video, William Dixon, Senior Executive at Intel 471, examines the future of third-party cyber risk and why it is a growing concern for organizations worldwide. As businesses become more interconnected, the

React to this headline:

Loading spinner

How to stop a single vendor breach from taking down your business Read More »

Scroll to Top