The password problem we keep pretending to fix 2025-10-16 at 07:15 By Anamarija Pogorelec Experts across industries say they are still losing ground against identity-related breaches, even after years of investment in stronger access controls, according to RSA. Many said their organizations had faced at least one identity-related breach in recent years, and most of […]
The password problem we keep pretending to fix Read More »
F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info 2025-10-15 at 18:39 By Zeljka Zorz US tech company F5 has suffered a breach, and the attackers made off with source code of and vulnerability information related to its BIG-IP family of networking and security products, the company confirmed today. BIG-IP vulnerabilities are often
F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info Read More »
Microsoft patches three zero-days actively exploited by attackers 2025-10-15 at 13:18 By Zeljka Zorz On October 2025 Patch Tuesday, Microsoft released fixes for 175+ vulnerabilities, including three zero-days under active attack: CVE-2025-24990, CVE-2025-59230, and CVE-2025-47827. The actively exploited vulnerabilities are an unusual mix CVE-2025-24990 is in the third-party driver (ltmdm64.sys) for the software-based Agere Modem,
Microsoft patches three zero-days actively exploited by attackers Read More »
Maltrail: Open-source malicious traffic detection system 2025-10-15 at 08:30 By Sinisa Markovic Maltrail is an open-source network traffic detection system designed to spot malicious or suspicious activity. It works by checking traffic against publicly available blacklists, as well as static lists compiled from antivirus reports and user-defined sources. These “trails” can include domain names, URLs,
Maltrail: Open-source malicious traffic detection system Read More »
Building trust in AI-powered security operations 2025-10-15 at 08:22 By Help Net Security In this Help Net Security video, James Hodge, VP, Global Specialist Organisation at Splunk, explores the transformative role of AI in cybersecurity threat detection. He explains how AI’s ability to process vast amounts of data and detect anomalies faster than humans is
Building trust in AI-powered security operations Read More »
The diagnosis is in: Mobile health apps are bad for your privacy 2025-10-15 at 07:40 By Sinisa Markovic Sensitive data is moving through Android healthcare apps without adequate protection. Researchers found that many transmit information without encryption, store files without safeguards, or share it through third-party components. Study design showing data collection, static security analysis
The diagnosis is in: Mobile health apps are bad for your privacy Read More »
The power grid is getting old, and so is the cybersecurity protecting it 2025-10-15 at 07:03 By Anamarija Pogorelec Critical infrastructure is getting older, and the cost of that decay is starting to show. The Arthur D. Little Built to Last? report says that the systems powering energy, water, and transport are reaching the end
The power grid is getting old, and so is the cybersecurity protecting it Read More »
What if your privacy tools could learn as they go? 2025-10-14 at 11:49 By Mirko Zorz A new academic study proposes a way to design privacy mechanisms that can make use of prior knowledge about how data is distributed, even when that information is incomplete. The method allows privacy guarantees to stay mathematically sound while
What if your privacy tools could learn as they go? Read More »
The solar power boom opened a backdoor for cybercriminals 2025-10-14 at 11:49 By Sinisa Markovic Solar isn’t low risk anymore. Adoption has turned inverters, aggregators, and control software into attack surfaces capable of disrupting service and undermining confidence in the transition. Cyber threats expose weak spots in solar power systems Until recently, security risks in
The solar power boom opened a backdoor for cybercriminals Read More »
What Chat Control means for your privacy 2025-10-14 at 08:00 By Mirko Zorz The EU’s proposed Chat Control (CSAM Regulation) aims to combat child sexual abuse material by requiring digital platforms to detect, report, and remove illegal content, including grooming behaviors. Cybersecurity experts warn that such measures could undermine encryption, create new attack surfaces, and
What Chat Control means for your privacy Read More »
Security validation: The key to maximizing ROI from security investments 2025-10-14 at 08:00 By Help Net Security Every sizable organization invests heavily in firewalls, SIEMs, EDRs, and countless other technologies that form the backbone of a modern enterprise’s cyber defenses. Yet despite these significant investments, attackers continue to exploit misconfigurations, untested rules, and hidden dependencies
Security validation: The key to maximizing ROI from security investments Read More »
Cybersecurity jobs available right now: October 14, 2025 2025-10-14 at 08:00 By Sinisa Markovic Cyber Security Analyst I First Citizens Bank | USA | Remote – View job details As a Cyber Security Analyst, you will be responsible for developing skills related to the use of the standard intelligence cycle (collection, analysis, and dissemination) across
Cybersecurity jobs available right now: October 14, 2025 Read More »
Building a healthcare cybersecurity strategy that works 2025-10-13 at 09:41 By Mirko Zorz In this Help Net Security interview, Wayman Cummings, CISO at Ochsner Health, talks about building a healthcare cybersecurity strategy, even when resources are tight. He explains how focusing on areas like vulnerability management and network segmentation can make the biggest difference. Cummings
Building a healthcare cybersecurity strategy that works Read More »
AI-generated images have a problem of credibility, not creativity 2025-10-13 at 08:34 By Sinisa Markovic GenAI simplifies image creation, yet it creates hard problems around intellectual property, authenticity, and accountability. Researchers at Queen’s University in Canada examined watermarking as a way to tag AI images so origin and integrity can be checked. Watermarking scenario overview
AI-generated images have a problem of credibility, not creativity Read More »
The five-minute guide to OT cyber resilience 2025-10-13 at 08:19 By Help Net Security In this Help Net Security video, Rob Demain, CEO of e2e-assure, explains the essentials of OT cybersecurity resilience. He discusses the importance of understanding remote access points, supply chain connections, and the need for specialized sensors to monitor OT networks that
The five-minute guide to OT cyber resilience Read More »
When hackers hit, patient safety takes the fall 2025-10-13 at 07:33 By Anamarija Pogorelec 93% of U.S. healthcare organizations experienced at least one cyberattack in the past year, with an average of 43 incidents per organization, according to Proofpoint. The study found that most of these attacks involved cloud account compromises, ransomware, supply chain intrusions,
When hackers hit, patient safety takes the fall Read More »
Attackers don’t linger, they strike and move on 2025-10-13 at 07:26 By Anamarija Pogorelec Cyber attacks are happening faster than ever. Intrusions that once took weeks or months now unfold in minutes, leaving little time to react. Attackers move quickly once they gain access, aiming to run their payloads and get results before defenders can
Attackers don’t linger, they strike and move on Read More »
Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884) 2025-10-12 at 13:18 By Zeljka Zorz Oracle has revealed the existence of yet another remotely exploitable Oracle E-Business Suite vulnerability (CVE-2025-61884). About CVE-2025-61884 CVE-2025-61884 is a vulnerability in the Runtime user interface in the Oracle Configurator product of Oracle E-Business Suite (EBS). Like CVE-2025-61882 before
Week in review: Hackers extorting Salesforce, CentreStack 0-day exploited 2025-10-12 at 11:02 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How to get better results from bug bounty programs without wasting money The wrong bug bounty strategy can flood your team with low-value reports.
Week in review: Hackers extorting Salesforce, CentreStack 0-day exploited Read More »
Why Managed Detection and Response (MDR) is Now Mission-Critical 2025-10-10 at 16:16 By The digital landscape across Asia/Pacific (excluding Japan) (APEJ) is characterized by rapid growth in the acceptance of Managed Detection and Response (MDR), and driven by a corresponding surge in cyber threats, according to IDC’s just released report IDC MarketScape: Asia/Pacific (Excluding Japan)
Why Managed Detection and Response (MDR) is Now Mission-Critical Read More »