News

Fake macOS help sites push Shamos infostealer via ClickFix technique

Check Point, CrowdStrike, Don't miss, ESET, Hot stuff, macOS, malvertising, Malware, Microsoft, News, social engineering /

Fake macOS help sites push Shamos infostealer via ClickFix technique 2025-08-25 at 15:23 By Zeljka Zorz Criminals are taking advantage of macOS users’ need to resolve technical issues to get them to infect their machines with the Shamos infostealer, Crowdstrike researchers have warned. To prevent macOS security features from blocking the installation, the malware peddlers […]

Fake macOS help sites push Shamos infostealer via ClickFix technique Read More »

Why a new AI tool could change how we test insider threat defenses

Artificial Intelligence, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, Insider Threat, LLMs, News, research, Risk Management /

Why a new AI tool could change how we test insider threat defenses 2025-08-25 at 09:04 By Mirko Zorz Insider threats are among the hardest attacks to detect because they come from people who already have legitimate access. Security teams know the risk well, but they often lack the data needed to train systems that

Why a new AI tool could change how we test insider threat defenses Read More »

Why satellite cybersecurity threats matter to everyone

aerospace, CISO, cyber resilience, cyber risk, cybersecurity, Deloitte, Don't miss, Features, Hot stuff, News, opinion, strategy, tips, zero trust /

Why satellite cybersecurity threats matter to everyone 2025-08-25 at 08:34 By Mirko Zorz Satellites play a huge role in our daily lives, supporting everything from global communications to navigation, business, and national security. As space becomes more crowded and commercial satellite use grows, these systems are facing new cyber threats. The challenge is even greater

Why satellite cybersecurity threats matter to everyone Read More »

Kopia: Open-source encrypted backup tool for Windows, macOS, Linux

backup, Don't miss, GitHub, News, open source, software /

Kopia: Open-source encrypted backup tool for Windows, macOS, Linux 2025-08-25 at 08:21 By Help Net Security Kopia is an open-source backup and restore tool that lets you create encrypted snapshots of your files and store them in cloud storage, on a remote server, on network-attached storage, or on your own computer. It doesn’t create a

Kopia: Open-source encrypted backup tool for Windows, macOS, Linux Read More »

Review: Adversarial AI Attacks, Mitigations, and Defense Strategies

Artificial Intelligence, books, Don't miss, generative AI, Hot stuff, how-to, LLMs, machine learning, News, Review, Reviews, skill development, strategy, tips /

Review: Adversarial AI Attacks, Mitigations, and Defense Strategies 2025-08-25 at 07:50 By Mirko Zorz Adversarial AI Attacks, Mitigations, and Defense Strategies shows how AI systems can be attacked and how defenders can prepare. It’s essentially a walkthrough of offensive and defensive approaches to AI security. About the author John Sotiropoulos is the Head Of AI

Review: Adversarial AI Attacks, Mitigations, and Defense Strategies Read More »

Smart manufacturing demands workers with AI and cybersecurity skills

Artificial Intelligence, cybersecurity, digital transformation, manufacturing sector, News, report, Rockwell Automation, survey /

Smart manufacturing demands workers with AI and cybersecurity skills 2025-08-25 at 07:13 By Sinisa Markovic The manufacturing sector is entering a new phase of digital transformation. According to Rockwell Automation’s 10th Annual State of Smart Manufacturing Report, 56% of manufacturers are piloting smart manufacturing initiatives, 20% have deployed them at scale, and another 20% are

Smart manufacturing demands workers with AI and cybersecurity skills Read More »

Week in review: Covertly connected and insecure Android VPN apps, Apple fixes exploited zero-day

News, Week in review /

Week in review: Covertly connected and insecure Android VPN apps, Apple fixes exploited zero-day 2025-08-24 at 11:03 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Android VPN apps used by millions are covertly connected AND insecure Three families of Android VPN apps, with a

Week in review: Covertly connected and insecure Android VPN apps, Apple fixes exploited zero-day Read More »

China-linked Murky Panda targets and moves laterally through cloud services

APT, China, Cloud, CrowdStrike, cyber espionage, Don't miss, Hot stuff, News /

China-linked Murky Panda targets and moves laterally through cloud services 2025-08-22 at 17:33 By Zeljka Zorz In its recently released 2025 Threat Hunting Report, Crowdstrike pointed out an interesting trend: a 136% surge in cloud intrusions. A good chunk of this surge is due to “China-nexus adversaries”, Murky Panda (aka Silk Typhoon) among them. Murky

China-linked Murky Panda targets and moves laterally through cloud services Read More »

Interpol operation seizes $97 million in African cybercrime sweep

arrest, cybercrime, Interpol, law enforcement, News /

Interpol operation seizes $97 million in African cybercrime sweep 2025-08-22 at 11:57 By Sinisa Markovic Authorities in Africa have arrested 1,209 people in an Interpol-led crackdown on cybercrime that targeted nearly 88,000 victims. 11,432 malicious infrastructures were dismantled during Operation Serengeti 2025 (Source: Interpol) Operation Serengeti 2.0 The operation, which ran from June to August

Interpol operation seizes $97 million in African cybercrime sweep Read More »

Five ways OSINT helps financial institutions to fight money laundering

Blackdot Solutions, cybersecurity, Don't miss, Expert analysis, Expert corner, financial industry, Hot stuff, News, opinion, OSINT, strategy, tips /

Five ways OSINT helps financial institutions to fight money laundering 2025-08-22 at 09:31 By Help Net Security Here are five key ways OSINT tools can help financial firms develop advanced strategies to fight money laundering criminals. 1. Reveal complex networks and ownership structures Money launderers often use layered networks of offshore entities and shell companies

Five ways OSINT helps financial institutions to fight money laundering Read More »

AI gives ransomware gangs a deadly upgrade

Acronis, Artificial Intelligence, cybercrime, News, report, survey /

AI gives ransomware gangs a deadly upgrade 2025-08-22 at 09:00 By Sinisa Markovic Ransomware continues to be the major threat to large and medium-sized businesses, with numerous ransomware gangs abusing AI for automation, according to Acronis. Ransomware gangs maintain pressure on victims From January to June 2025, the number of publicly reported ransomware victims jumped

AI gives ransomware gangs a deadly upgrade Read More »

The new battleground for CISOs is human behavior

Artificial Intelligence, cyber resilience, cybersecurity, LevelBlue, News, report, social engineering, threats /

The new battleground for CISOs is human behavior 2025-08-22 at 08:40 By Anamarija Pogorelec Attackers don’t always need a technical flaw. More often, they just trick your people. Social engineering works, and AI makes it harder to catch.” Only about one in four cybersecurity teams are effective at collaborating with the broader business (Source: LevelBlue)

The new battleground for CISOs is human behavior Read More »

Local governments struggle to defend critical infrastructure as threats grow

Center for Internet Security, critical infrastructure, cyber resilience, cyber risk, cybersecurity, generative AI, Government, News, report, survey, USA /

Local governments struggle to defend critical infrastructure as threats grow 2025-08-22 at 08:03 By Sinisa Markovic A small-town water system, a county hospital, and a local school district may not seem like front-line targets in global conflict, but they are. These organizations face daily cyber attacks, from ransomware to foreign adversaries probing for weak points.

Local governments struggle to defend critical infrastructure as threats grow Read More »

DevOps in the cloud and what is putting your data at risk

cloud security, DevOps, Don't miss, GitProtect.io, News, SaaS, strategy, tips, Video /

DevOps in the cloud and what is putting your data at risk 2025-08-22 at 07:33 By Help Net Security In this Help Net Security video, Greg Bak, Head of Product Enablement at GitProtect, walks through some of the biggest security risks DevOps teams are dealing with. He covers how AI tools can introduce vulnerabilities, including

DevOps in the cloud and what is putting your data at risk Read More »

New infosec products of the week: August 22, 2025

Doppel, Druva, LastPass, News, StackHawk /

New infosec products of the week: August 22, 2025 2025-08-22 at 07:05 By Sinisa Markovic Here’s a look at the most interesting products from the past week, featuring releases from Doppel, Druva, LastPass, and StackHawk. StackHawk empowers security teams to expand their API testing coverage StackHawk releaseed LLM-Driven OpenAPI Specifications, a powerful new capability that

New infosec products of the week: August 22, 2025 Read More »

Russian threat actors using old Cisco bug to target critical infrastructure orgs

Cisco, critical infrastructure, cyber espionage, Don't miss, FBI, Hot stuff, News, Russian Federation, USA, vulnerability /

Russian threat actors using old Cisco bug to target critical infrastructure orgs 2025-08-21 at 18:07 By Zeljka Zorz A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old vulnerability (CVE-2018-0171), the FBI and Cisco warned on Wednesday. “Primary targets

Russian threat actors using old Cisco bug to target critical infrastructure orgs Read More »

Introducing D-Fence: MailMarshal’s Advanced Machine Learning Phishing Protection

Artificial Intelligence, email security, News, Tips & Tricks /

Introducing D-Fence: MailMarshal’s Advanced Machine Learning Phishing Protection 2025-08-21 at 16:05 By MailMarshal’s new D-Fence layer uses machine learning to combat sophisticated phishing attacks by analyzing email structure and identifying hidden malicious elements. D-Fence provides next-generation email security by catching 40% more phishing emails that previously went undetected. D-Fence works with URLDeep to deliver powerful

Introducing D-Fence: MailMarshal’s Advanced Machine Learning Phishing Protection Read More »

AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged

AWS, cloud security, cloud storage, Don't miss, Fog Security, Hot stuff, News /

AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged 2025-08-21 at 14:38 By Zeljka Zorz AWS’s Trusted Advisor tool, which is supposed to warn customers if their (cloud) S3 storage buckets are publicly exposed, could be “tricked” into reporting them as not exposed when they actually are, Fog Security researchers have found. S3

AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged Read More »

Using lightweight LLMs to cut incident response times and reduce hallucinations

Artificial Intelligence, CISO, cybersecurity, Don't miss, Features, Hot stuff, Incident Response, LLMs, News, research, security operations, strategy, Threat Intelligence, tips /

Using lightweight LLMs to cut incident response times and reduce hallucinations 2025-08-21 at 09:03 By Mirko Zorz Researchers from the University of Melbourne and Imperial College London have developed a method for using LLMs to improve incident response planning with a focus on reducing the risk of hallucinations. Their approach uses a smaller, fine-tuned LLM

Using lightweight LLMs to cut incident response times and reduce hallucinations Read More »

Fractional vs. full-time CISO: Finding the right fit for your company

CISO, cybersecurity, Don't miss, Features, Hot stuff, Mandos, News, security controls, strategy /

Fractional vs. full-time CISO: Finding the right fit for your company 2025-08-21 at 08:32 By Mirko Zorz In this Help Net Security interview, Nikoloz Kokhreidze, Fractional CISO at Mandos, discusses why many early- and growth-stage B2B companies hire full-time CISOs before it’s needed. He breaks down common founder misconceptions, explains the right approach to security

Fractional vs. full-time CISO: Finding the right fit for your company Read More »

Scroll to Top