News

Creative cybersecurity strategies for resource-constrained institutions

collaboration, Compliance, cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, Innovation, News, RTI International, security controls, strategy /

Creative cybersecurity strategies for resource-constrained institutions 2025-12-02 at 09:33 By Mirko Zorz In this Help Net Security interview, Dennis Pickett, CISO at RTI International, talks about how research institutions can approach cybersecurity with limited resources and still build resilience. He discusses the tension between open research and the need to protect sensitive information, noting that […]

Creative cybersecurity strategies for resource-constrained institutions Read More »

Product showcase: UserLock IAM for Active Directory

Don't miss, Hot stuff, identity management, IS Decisions, News, Product showcase /

Product showcase: UserLock IAM for Active Directory 2025-12-02 at 08:34 By Help Net Security UserLock brings modern identity and access management (IAM) to Active Directory, adding granular multi-factor authentication (MFA), contextual access controls, single sign-on (SSO) and real-time session management. It helps AD-first teams secure logons and govern access to network and SaaS resources without

Product showcase: UserLock IAM for Active Directory Read More »

Attackers keep finding new ways to fool AI

Artificial Intelligence, cybersecurity, framework, Government, News, report, security standard /

Attackers keep finding new ways to fool AI 2025-12-02 at 08:14 By Anamarija Pogorelec AI development keeps accelerating while the safeguards around it move on uneven ground, according to The International AI Safety Report. Security leaders are being asked to judge exposure without dependable benchmarks. Developers build layered defenses Across the AI ecosystem, developers are

Attackers keep finding new ways to fool AI Read More »

The collapse of trust at the identity layer

automation, cybersecurity, deepfakes, fraud, identity verification, News, Regula, report, security metrics, social engineering /

The collapse of trust at the identity layer 2025-12-02 at 07:49 By Anamarija Pogorelec Identity verification has become the latest front in the fight against industrialized fraud, according to a new report from Regula. The shift is visible across sectors that once relied on predictable verification routines. Criminals have learned to target the identity step

The collapse of trust at the identity layer Read More »

Cybersecurity jobs available right now: December 2, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: December 2, 2025 2025-12-02 at 07:30 By Anamarija Pogorelec Application Security Manager Oddity | Israel | On-site – View job details As an Application Security Manager, you will conduct threat modeling based on a deep understanding of product features and workflows. You will coordinate manual and automated penetration testing with

Cybersecurity jobs available right now: December 2, 2025 Read More »

Cryptomixer crypto laundering service taken down by law enforcement

Cryptocurrency, cybercrime, Don't miss, EU, Eurojust, Europol, Germany, Hot stuff, News, Switzerland /

Cryptomixer crypto laundering service taken down by law enforcement 2025-12-01 at 16:57 By Zeljka Zorz German and Swiss law enforcement agencies have taken down Cryptomixer, an illegal cryptocurrency mixer service, and have confiscated over 25 million euros (approximately $29 million) in Bitcoin. The Cryptomixer seizure banner As part of Operation Olympia, and with support from

Cryptomixer crypto laundering service taken down by law enforcement Read More »

Treating MCP like an API creates security blind spots

API security, Artificial Intelligence, Compliance, cybersecurity, Don't miss, Features, Hot stuff, identity management, MCP Manager, News, security controls, servers /

Treating MCP like an API creates security blind spots 2025-12-01 at 09:06 By Mirko Zorz In this Help Net Security interview, Michael Yaroshefsky, CEO at MCP Manager, discusses how Model Context Protocol’s (MCP) trust model creates security gaps that many teams overlook and why MCP must not be treated like a standard API. He explains how

Treating MCP like an API creates security blind spots Read More »

Offensive cyber power is spreading fast and changing global security

China, CISO, cyber risk, cybersecurity, Don't miss, Hot stuff, NATO, News, report, research, Risk Management, Russian Federation, strategy, threats /

Offensive cyber power is spreading fast and changing global security 2025-12-01 at 08:36 By Sinisa Markovic Offensive cyber activity has moved far beyond a handful of major powers. More governments now rely on digital operations to project influence during geopolitical tension, which raises new risks for organizations caught in the middle. A new policy brief

Offensive cyber power is spreading fast and changing global security Read More »

Enterprise password audits made practical for busy security teams

auditing, Don't miss, enterprise, Hot stuff, News, password management, Passwork /

Enterprise password audits made practical for busy security teams 2025-12-01 at 08:36 By Sinisa Markovic Security teams carry a heavy load, and password risk is one of the most overlooked parts of that workload. Every year new systems, cloud tools, and shared services add more credentials into the mix. Some sit in proper vaults, others

Enterprise password audits made practical for busy security teams Read More »

What zero trust looks like when you build it step by step

access control, authentication, cybersecurity, Don't miss, identity management, KeyData Cyber, News, security metrics, Video, zero trust /

What zero trust looks like when you build it step by step 2025-12-01 at 08:36 By Help Net Security In this Help Net Security video, Jonathan Edwards, Managing Director at KeyData Cyber, walks us through what practical zero trust adoption looks like in stages. He explains why he dislikes the term itself, then shifts to

What zero trust looks like when you build it step by step Read More »

The weekend is prime time for ransomware

cybersecurity, identity, News, Ransomware, report, Semperis, SOC /

The weekend is prime time for ransomware 2025-12-01 at 07:01 By Anamarija Pogorelec Over half of organizations that experienced a ransomware event in the past year were hit during a weekend or holiday, according to a Semperis report. Those periods often come with thin staffing, slower investigation, and fewer eyes on identity systems. Intruders know

The weekend is prime time for ransomware Read More »

Week in review: Fake “Windows Update” fuels malware, Salesforce details Gainsight breach

News, Week in review /

Week in review: Fake “Windows Update” fuels malware, Salesforce details Gainsight breach 2025-11-30 at 11:05 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Quantum encryption is pushing satellite hardware to its limits In this Help Net Security interview, Colonel Ludovic Monnerat, Commander Space Command,

Week in review: Fake “Windows Update” fuels malware, Salesforce details Gainsight breach Read More »

Social data puts user passwords at risk in unexpected ways

authentication, cyber risk, Don't miss, Facebook, Hot stuff, Instagram, LinkedIn, LLMs, News, passwords, Privacy, research, social media, tips /

Social data puts user passwords at risk in unexpected ways 2025-11-28 at 09:08 By Anamarija Pogorelec Many CISOs already assume that social media creates new openings for password guessing, but new research helps show what that risk looks like in practice. The findings reveal how much information can be reconstructed from public profiles and how

Social data puts user passwords at risk in unexpected ways Read More »

New observational auditing framework takes aim at machine learning privacy leaks

cybersecurity, Don't miss, Features, Hot stuff, machine learning, Meta, News, Privacy, research, security auditing /

New observational auditing framework takes aim at machine learning privacy leaks 2025-11-28 at 08:34 By Sinisa Markovic Machine learning (ML) privacy concerns continue to surface, as audits show that models can reveal parts of the labels (the user’s choice, expressed preference, or the result of an action) used during training. A new research paper explores

New observational auditing framework takes aim at machine learning privacy leaks Read More »

Why password management defines PCI DSS success

authentication, Compliance, Don't miss, Hot stuff, News, password management, Passwork /

Why password management defines PCI DSS success 2025-11-28 at 08:03 By Sinisa Markovic Most CISOs spend their days dealing with noisy dashboards and vendor pitches that all promise a shortcut to compliance. It can be overwhelming to sort out what matters. When you dig into real incidents involving payment data, a surprising number come down to

Why password management defines PCI DSS success Read More »

Fragmented tooling slows vulnerability management

cybersecurity, Hackuity, News, remediation, report, Threat Intelligence, vulnerability management /

Fragmented tooling slows vulnerability management 2025-11-28 at 07:32 By Anamarija Pogorelec Security leaders know vulnerability backlogs are rising, but new data shows how quickly the gap between exposures and available resources is widening, according to a new report by Hackuity. Fragmented detection and slow remediation Organizations use a formalized approach to manage vulnerabilities, but their

Fragmented tooling slows vulnerability management Read More »

Infosec products of the month: November 2025

1touch.io, Action1, Barracuda Networks, Bedrock Data, Bitdefender, Cyware, Firewalla, Forescout, Immersive, Kentik, Komodor, Minimus, News, Nokod Security, Synack /

Infosec products of the month: November 2025 2025-11-28 at 07:22 By Anamarija Pogorelec Here’s a look at the most interesting products from the past month, featuring releases from: 1touch.io, Action1, Barracuda Networks, Bedrock Data, Bitdefender, Cyware, Firewalla, Forescout, Immersive, Kentik, Komodor, Minimus, Nokod Security, and Synack. Action1 addresses Intune gaps with patching and risk-based vulnerability

Infosec products of the month: November 2025 Read More »

Hottest cybersecurity open-source tools of the month: November 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: November 2025 2025-11-27 at 09:00 By Anamarija Pogorelec This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Heisenberg: Open-source software supply chain health check tool Heisenberg is an open-source tool that checks the health of a software supply chain.

Hottest cybersecurity open-source tools of the month: November 2025 Read More »

Your critical infrastructure is running out of time

Cisco, critical infrastructure, cyber resilience, cybersecurity, News, patching, policy, report /

Your critical infrastructure is running out of time 2025-11-27 at 08:05 By Anamarija Pogorelec Cyber attackers often succeed not because they are inventive, but because the systems they target are old. A new report by Cisco shows how unsupported technology inside national infrastructure creates openings that attackers can exploit repeatedly. The findings show how widespread

Your critical infrastructure is running out of time Read More »

Criminal networks industrialize payment fraud operations

Artificial Intelligence, cybersecurity, financial industry, fraud, mobile payment, News, online payment, report, Visa /

Criminal networks industrialize payment fraud operations 2025-11-27 at 07:55 By Anamarija Pogorelec Fraud operations are expanding faster than payment defenses can adjust. Criminal groups function like coordinated businesses that develop tools, automate tasks, and scale attacks. New data from a Visa report shows how these shifts are reshaping risk across the financial sector. Fraud now

Criminal networks industrialize payment fraud operations Read More »

Scroll to Top