News

How to manage and protect your biometric data

biometrics, cybersecurity, data, Don't miss, how-to, News /

How to manage and protect your biometric data 2025-03-27 at 18:08 By Help Net Security Biometric data refers to unique physical or behavioral characteristics that are used to verify a person’s identity. Revoking or changing biometric data is more complicated than changing passwords. Unlike passwords, biometric identifiers like fingerprints or retina scans are unique and […]

React to this headline:

Loading spinner

How to manage and protect your biometric data Read More »

A closer look at The Ultimate Cybersecurity Careers Guide

books, certification, cybersecurity, Don't miss, Hot stuff, how-to, News, opinion, skill development, strategy, tips /

A closer look at The Ultimate Cybersecurity Careers Guide 2025-03-27 at 16:48 By Mirko Zorz In this Help Net Security interview, Kim Crawley, cybersecurity expert and Professor at the Open Institute of Technology, discusses her latest book, The Ultimate Cybersecurity Careers Guide. She shares insights on how aspiring professionals can break into the field and

React to this headline:

Loading spinner

A closer look at The Ultimate Cybersecurity Careers Guide Read More »

UK NCSC offers security guidance for domain and DNS registrars

DNS, domain registration, Don't miss, guidelines, Hot stuff, NCSC, News /

UK NCSC offers security guidance for domain and DNS registrars 2025-03-27 at 16:48 By Zeljka Zorz The UK National Cyber Security Centre (NCSC) has released security guidance for domain registrars and operators of Domain Name System (DNS) services. “DNS registrars have an important role to help counter domain abuses throughout their lifecycle,” the NCSC says.

React to this headline:

Loading spinner

UK NCSC offers security guidance for domain and DNS registrars Read More »

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825)

CrushFTP, Don't miss, enterprise, file-sharing, Hot stuff, News, security update, SMBs, vulnerability /

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) 2025-03-27 at 13:14 By Zeljka Zorz CrushFTP has fixed a critical vulnerability (CVE-2025-2825) in its enterprise file transfer solution that could be exploited by remote, unauthenticated attackers to access vulnerable internet-facing servers (and likely the data stored on them). Attackers, especially ransomware gangs, have a penchant for leveraging 0-day

React to this headline:

Loading spinner

CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) Read More »

The hidden costs of security tool bloat and how to fix it

CISO, cybersecurity, Don't miss, Features, Gigamon, Hot stuff, News, opinion, strategy /

The hidden costs of security tool bloat and how to fix it 2025-03-27 at 08:07 By Mirko Zorz In this Help Net Security interview, Shane Buckley, President and CEO at Gigamon, discusses why combating tool bloat is a top priority for CISOs as they face tighter budgets and expanding security stacks. Buckley shares insights on

React to this headline:

Loading spinner

The hidden costs of security tool bloat and how to fix it Read More »

Cyber insurance isn’t always what it seems

CISO, cyber insurance, cyber resilience, cyber risk, cybersecurity, Don't miss, Halock Security Labs, Hot stuff, Mercury Risk And Compliance, News, opinion, strategy, tips /

Cyber insurance isn’t always what it seems 2025-03-27 at 07:39 By Mirko Zorz Many companies think cyber insurance will protect them from financial losses after an attack. But many policies have gaps. Some claims get denied. Others cover less than expected. CISOs must understand the risks before an attack happens. Misconceptions about cyber insurance Myth:

React to this headline:

Loading spinner

Cyber insurance isn’t always what it seems Read More »

Hottest cybersecurity open-source tools of the month: March 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: March 2025 2025-03-27 at 07:01 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Hetty: Open-source HTTP toolkit for security research Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: March 2025 Read More »

ETSI releases security standard for the quantum future

cybersecurity, data security, Encryption, ETSI, News, quantum computing, security standard /

ETSI releases security standard for the quantum future 2025-03-27 at 06:35 By Help Net Security ETSI launched post-quantum security standard to guarantee the protection of critical data and communications in the future. The specification “Efficient Quantum-Safe Hybrid Key Exchanges with Hidden Access Policies” (ETSI TS 104 015) has been developed to enhance security mechanisms, ensuring

React to this headline:

Loading spinner

ETSI releases security standard for the quantum future Read More »

Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool

cybercime, ESET, News, Ransomware, research /

Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool 2025-03-26 at 17:02 By Help Net Security ESET researchers have published an in-depth analysis highlighting significant shifts within the ransomware landscape, spotlighting the rise of RansomHub. This relatively new ransomware-as-a-service operation has quickly come to dominate the scene. “The fight against ransomware reached two milestones

React to this headline:

Loading spinner

Enemies with benefits: RansomHub and rival gangs share EDRKillShifter tool Read More »

China-linked FamousSparrow APT group resurfaces with enhanced capabilities

APT, China, cybercrime, cybersecurity, Don't miss, ESET, News, research, USA /

China-linked FamousSparrow APT group resurfaces with enhanced capabilities 2025-03-26 at 17:02 By Help Net Security ESET investigated suspicious activity on the network of a trade group in the United States that operates in the financial sector. While helping the affected entity remediate the compromise, they made an unexpected discovery in the victim’s system: malicious tools

React to this headline:

Loading spinner

China-linked FamousSparrow APT group resurfaces with enhanced capabilities Read More »

Whitepaper: Voice of Security 2025

AWS, Don't miss, IDC, News, Tines, Whitepapers and webinars /

Whitepaper: Voice of Security 2025 2025-03-26 at 16:02 By Help Net Security Discover insights from 900 security leaders across the globe in IDC’s Voice of Security 2025 survey, sponsored by Tines in partnership with AWS. Understand the biggest challenges facing security teams today, and how they can stay ahead of the curve in the age

React to this headline:

Loading spinner

Whitepaper: Voice of Security 2025 Read More »

2025 Healthcare Cybersecurity Threats: Insights from the Trustwave Risk Radar Report

Database Protection, News, Reports, Security Research, Threat Intelligence /

2025 Healthcare Cybersecurity Threats: Insights from the Trustwave Risk Radar Report 2025-03-26 at 15:02 By Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks targeting healthcare organizations, from ransomware to third-party threats. Key Findings from the 2025 Trustwave Risk Radar Report – Explore critical insights on healthcare cybersecurity, attack trends, and the growing need for

React to this headline:

Loading spinner

2025 Healthcare Cybersecurity Threats: Insights from the Trustwave Risk Radar Report Read More »

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures

Database Protection, News, Reports, Security Research, Threat Intelligence /

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures 2025-03-26 at 15:02 By Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks targeting healthcare organizations, from ransomware to third-party threats. Key Findings from the 2025 Trustwave Risk Radar Report – Explore critical insights on healthcare cybersecurity, attack trends, and the growing need

React to this headline:

Loading spinner

2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures Read More »

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)

0-day, APT, Chrome, Don't miss, exploit, Hot stuff, Kaspersky, News, Windows /

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) 2025-03-26 at 13:08 By Zeljka Zorz Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The vulnerability was flagged by Kaspersky researchers, who discovered it being exploited by

React to this headline:

Loading spinner

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) Read More »

A CISO’s guide to securing AI models

access control, Artificial Intelligence, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, machine learning, News, opinion, Protect AI /

A CISO’s guide to securing AI models 2025-03-26 at 08:05 By Help Net Security In AI applications, machine learning (ML) models are the core decision-making engines that drive predictions, recommendations, and autonomous actions. Unlike traditional IT applications, which rely on predefined rules and static algorithms, ML models are dynamic—they develop their own internal patterns and

React to this headline:

Loading spinner

A CISO’s guide to securing AI models Read More »

Malwoverview: First response tool for threat hunting

Don't miss, GitHub, News, open source, software /

Malwoverview: First response tool for threat hunting 2025-03-26 at 07:32 By Mirko Zorz Malwoverview is an open-source threat hunting tool designed for the initial triage of malware samples, URLs, IP addresses, domains, malware families, IOCs, and hashes. “Malwoverview is simple and direct, integrating multiple public sandboxes to retrieve and display only relevant information. It enables

React to this headline:

Loading spinner

Malwoverview: First response tool for threat hunting Read More »

How does your data end up on the dark web?

cybercrime, cybersecurity, dark web, Don't miss, how-to, News, tips /

How does your data end up on the dark web? 2025-03-26 at 07:01 By Help Net Security The dark web is a hidden corner of the internet where people can remain anonymous. It’s often confused with the deep web, but they’re not quite the same thing. The deep web is just everything online that’s not

React to this headline:

Loading spinner

How does your data end up on the dark web? Read More »

Trustwave SpiderLabs Threat Review: Alleged Oracle Compromise

data breach, DFIR, News /

Trustwave SpiderLabs Threat Review: Alleged Oracle Compromise 2025-03-25 at 23:49 By On March 20, a relatively unknown user on Breach Forums posted the allegation that Oracle had suffered a data breach. According to published reports, the attacker claimed that 6 million customer records were exfiltrated from Oracle’s SSO and LDAP systems. This article is an excerpt

React to this headline:

Loading spinner

Trustwave SpiderLabs Threat Review: Alleged Oracle Compromise Read More »

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover

AWS, containers, Don't miss, Google, Hot stuff, Kubernetes, News, vulnerability, Wiz /

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover 2025-03-25 at 18:54 By Zeljka Zorz Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over Kubernetes clusters. “Based on our analysis, about 43% of cloud environments are vulnerable to these vulnerabilities, with our research uncovering

React to this headline:

Loading spinner

Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover Read More »

Scroll to Top