News

Phishers are increasingly impersonating electronic toll collection companies

cybercrime, Don't miss, Facebook, Guardio, Hot stuff, Microsoft, News, phishing, Prodaft, scams, Steam /

Phishers are increasingly impersonating electronic toll collection companies 2025-04-03 at 14:31 By Zeljka Zorz Steam was the most imitated brands by phishers in the first quarter of 2025, followed by Microsoft and Facebook/Meta, Guardio researchers have revealed. “Historically, the #1 spot has been dominated by the usual suspects – big tech companies like Meta, Microsoft, […]

React to this headline:

Loading spinner

Phishers are increasingly impersonating electronic toll collection companies Read More »

Beware fake AutoCAD, SketchUp sites dropping malware

backdoor, cybercrime, Kaspersky, Malware, News /

Beware fake AutoCAD, SketchUp sites dropping malware 2025-04-03 at 09:47 By Help Net Security Malware peddlers are saddling users with the TookPS downloader and the Lapmon and TeviRat backdoors via malicious sites that mimic official ones and ostensibly offer legitimate software for download, Kaspersky researchers have warned. Malicious websites (Source: Kaspersky) The list of impersonated

React to this headline:

Loading spinner

Beware fake AutoCAD, SketchUp sites dropping malware Read More »

7 ways to get C-suite buy-in on that new cybersecurity tool

Check Point, Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, investment, News, opinion, resilience /

7 ways to get C-suite buy-in on that new cybersecurity tool 2025-04-03 at 08:34 By Help Net Security You’re in the middle of a sprint, juggling deadlines, debugging code, fine-tuning pipelines, and then it happens—you stumble across the perfect cybersecurity tool. It promises to eliminate secrets in logs, reduce risks in CI/CD pipelines, and save

React to this headline:

Loading spinner

7 ways to get C-suite buy-in on that new cybersecurity tool Read More »

Building a cybersecurity strategy that survives disruption

CISO, cyber resilience, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Risk Management, strategy, tips /

Building a cybersecurity strategy that survives disruption 2025-04-03 at 08:14 By Mirko Zorz Cybersecurity isn’t what it used to be. Attackers are moving quicker, disruptions happen all the time, and many security plans built for more predictable times just can’t keep up. With everything from ransomware to geopolitical threats to cloud slip-ups hitting companies, there’s

React to this headline:

Loading spinner

Building a cybersecurity strategy that survives disruption Read More »

Cybercriminals exfiltrate data in just three days

cybercrime, cybersecurity, News, Ransomware, report, Sophos, survey /

Cybercriminals exfiltrate data in just three days 2025-04-03 at 08:14 By Industry News In 56% of Sophos managed detection and response (MDR) and incident response (IR) cases, attackers gained initial access to networks by exploiting external remote services, including edge devices such as firewalls and VPNs, and by leveraging valid accounts. Compromised credentials remain the

React to this headline:

Loading spinner

Cybercriminals exfiltrate data in just three days Read More »

Open-source malware doubles, data exfiltration attacks dominate

cybercrime, Data exfiltration, Don't miss, Malware, News, open source, report, Sonatype /

Open-source malware doubles, data exfiltration attacks dominate 2025-04-03 at 07:02 By Help Net Security There’s been a notable shift in the types of threats targeting software developers, with a total of 17,954 open source malware packages identified in Q1 2025, according to Sonatype. Quarterly breakdown (Source: Sonatype) The Q1 figure represents a significant decrease from

React to this headline:

Loading spinner

Open-source malware doubles, data exfiltration attacks dominate Read More »

Review: Zero to Engineer

books, Don't miss, News, Review, Reviews, skill development /

Review: Zero to Engineer 2025-04-03 at 06:37 By Mirko Zorz Zero to Engineer is a practical guide for anyone looking to launch a career in information technology without a traditional college degree. The book draws from the author’s unlikely journey – from being expelled from high school to earning six figures in the tech industry.

React to this headline:

Loading spinner

Review: Zero to Engineer Read More »

Trustwave Named a Top Player in Radicati’s Secure Email Market Quadrant 2025 Report

email security, News, Reports, Spotlights /

Trustwave Named a Top Player in Radicati’s Secure Email Market Quadrant 2025 Report 2025-04-02 at 16:11 By Trustwave MailMarshal fortified its position as a leading secure email gateway by being named a Top Player in Radicati’s Secure Email Market Quadrant 2025 report. This article is an excerpt from Trustwave Blog View Original Source React to this

React to this headline:

Loading spinner

Trustwave Named a Top Player in Radicati’s Secure Email Market Quadrant 2025 Report Read More »

How to map and manage your cyber attack surface with EASM

attacks, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, Outpost24 /

How to map and manage your cyber attack surface with EASM 2025-04-02 at 16:10 By Help Net Security In today’s digital landscape, understanding your organization’s attack surface is crucial for maintaining robust cybersecurity. To effectively manage and mitigate the cyber-risks hiding in modern attack surfaces, it’s important to adopt an attacker-centric approach. In this article,

React to this headline:

Loading spinner

How to map and manage your cyber attack surface with EASM Read More »

Google is making sending end-to-end encrypted emails easy

Don't miss, email security, Encryption, enterprise, Gmail, Google Workspace, Hot stuff, News, Outlook, Privacy, secure communications, SMBs /

Google is making sending end-to-end encrypted emails easy 2025-04-02 at 15:03 By Zeljka Zorz Sending end-to-end encrypted (E2EE) emails from Gmail enterprise accounts is about to become much easier than it is now, Google has announced on Tuesday. The company will first make available this simplified capability to users who want to send E2EE emails

React to this headline:

Loading spinner

Google is making sending end-to-end encrypted emails easy Read More »

North Korean IT workers set their sights on European organizations

blockchain, CMS, data theft, Don't miss, EU, extortion, Hot stuff, Insider Threat, News, North Korea, UK, web application, web development /

North Korean IT workers set their sights on European organizations 2025-04-02 at 13:05 By Zeljka Zorz North Korean IT workers are expanding their efforts beyond the US, and are seeking to fraudulently gain employment with organizations around the world, but most especially in Europe. According to Google’s threat researchers, they are also increasingly attempting to

React to this headline:

Loading spinner

North Korean IT workers set their sights on European organizations Read More »

Balancing data protection and clinical usability in healthcare

cybersecurity, Data Protection, Don't miss, Features, healthcare, Hot stuff, Main Line Health, News, opinion /

Balancing data protection and clinical usability in healthcare 2025-04-02 at 08:01 By Mirko Zorz In this Help Net Security interview, Aaron Weismann, CISO at Main Line Health, discusses the growing ransomware threat in healthcare and why the sector remains a prime target. He explains the difficulties of protecting patient information, securing legacy systems, and maintaining

React to this headline:

Loading spinner

Balancing data protection and clinical usability in healthcare Read More »

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework

Bluetooth, Don't miss, framework, GitHub, Hot stuff, News, open source, software /

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework 2025-04-02 at 07:35 By Mirko Zorz BlueToolkit is an open-source tool that helps find security flaws in Bluetooth Classic devices. It runs known and custom exploits to test if a device is vulnerable. Right now, it includes 43 different exploits. Some are public, and others were made specifically

React to this headline:

Loading spinner

BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework Read More »

Only 1% of malicious emails that reach inboxes deliver malware

cybersecurity, Email, email security, Fortra, News, phishing, report, survey /

Only 1% of malicious emails that reach inboxes deliver malware 2025-04-02 at 07:04 By Help Net Security 99% of email threats reaching corporate user inboxes in 2024 were response-based social engineering attacks or contained phishing links, according to Fortra. Only 1% of malicious emails that reached user inboxes delivered malware. This shows that while common

React to this headline:

Loading spinner

Only 1% of malicious emails that reach inboxes deliver malware Read More »

Your smart home may not be as secure as you think

cybersecurity, Don't miss, hardware, how-to, News, Privacy, smart home /

Your smart home may not be as secure as you think 2025-04-02 at 06:31 By Help Net Security The Internet of Things (IoT) has become a major part of daily life. Smartphones, smart thermostats, security cameras, and other connected devices make tasks easier and improve comfort, efficiency, and productivity. But as the number of devices

React to this headline:

Loading spinner

Your smart home may not be as secure as you think Read More »

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)

CrushFTP, CVE, Don't miss, Hot stuff, News, PoC, Rapid7, Shadowserver, VulnCheck /

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) 2025-04-01 at 18:49 By Zeljka Zorz Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been leveraging publicly available PoC exploit code. What can be done? CVE-2025-2825, affecting CrushFTP versions 10.0.0 through

React to this headline:

Loading spinner

Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825) Read More »

Building a reasonable cyber defense program

Center for Internet Security, Don't miss, Hot stuff, News /

Building a reasonable cyber defense program 2025-04-01 at 16:04 By Help Net Security If you do business in the United States, especially across state lines, you probably know how difficult it is to comply with U.S. state data privacy laws. The federal government and many U.S. state governments require you to implement “reasonable” cybersecurity controls

React to this headline:

Loading spinner

Building a reasonable cyber defense program Read More »

Attackers are probing Palo Alto Networks GlobalProtect portals

Don't miss, enterprise, GreyNoise, Hot stuff, News, Palo Alto Networks, scanning, VPN /

Attackers are probing Palo Alto Networks GlobalProtect portals 2025-04-01 at 14:21 By Zeljka Zorz Cybersecurity company GreyNoise is warning about a significant increase of scanning activity targeting internet-facing Palo Alto Networks GlobalProtect portals in the last 30 days, and has urged organizations with exposed systems to secure them and look for signs of compromise. “The

React to this headline:

Loading spinner

Attackers are probing Palo Alto Networks GlobalProtect portals Read More »

Why global tensions are a cybersecurity problem for every business

CISO, cyber risk, cybersecurity, Don't miss, Hot stuff, News, strategy, threats /

Why global tensions are a cybersecurity problem for every business 2025-04-01 at 09:03 By Mirko Zorz With global tensions climbing, cyber attacks linked to nation-states and their allies are becoming more common, sophisticated, and destructive. For organizations, cybersecurity can’t be treated as separate from world events anymore, they’re closely connected. Conflict between countries is spilling

React to this headline:

Loading spinner

Why global tensions are a cybersecurity problem for every business Read More »

How to build an effective cybersecurity simulation

cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Immersive Labs, News, opinion, skill development, strategy, tips, training /

How to build an effective cybersecurity simulation 2025-04-01 at 08:32 By Help Net Security Most people groan at the prospect of security training. It’s typically delivered through dull online videos or uninspiring exercises that fail to capture real-world urgency. To make a real difference in cyber crisis readiness, personnel need the opportunity to test their

React to this headline:

Loading spinner

How to build an effective cybersecurity simulation Read More »

Scroll to Top