Kanvas: Open-source incident response case management tool 2025-07-09 at 07:31 By Mirko Zorz Kanvas is an open-source incident response case management tool with a simple desktop interface, built in Python. It gives investigators a place to work with SOD (Spreadsheet of Doom) or similar files, so they can handle key tasks without jumping between different […]
Kanvas: Open-source incident response case management tool Read More »
6 eye-opening books on AI’s rise, risks, and realities 2025-07-09 at 07:02 By Anamarija Pogorelec AI is changing how we detect, prevent, and respond to cyber threats. From traditional networks to emerging spaces, it is shaping security operations, identity management, and threat response. This collection of AI books offers diverse perspectives, including practical implementations, strategic
6 eye-opening books on AI’s rise, risks, and realities Read More »
Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777) 2025-07-08 at 18:32 By Zeljka Zorz With PoC exploits for CVE-2025-5777 (aka CitrixBleed 2) now public and reports of active exploitation of the flaw since mid-June, you should check whether your Citrix NetScaler ADC and/or Gateway instances have been probed and compromised by attackers.
Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777) Read More »
IBM Power11 debuts with uptime, security, and energy efficiency upgrades 2025-07-08 at 18:01 By Sinisa Markovic IBM unveiled Power11 today, a new generation of Power servers built to improve performance across processing, hardware, and virtualization. It’s designed to run reliably both on-site and in IBM’s hybrid cloud. Enterprises in banking, healthcare, retail and government depend
IBM Power11 debuts with uptime, security, and energy efficiency upgrades Read More »
ParrotOS 6.4 lands with key tool updates and kernel upgrade 2025-07-08 at 11:32 By Anamarija Pogorelec ParrotOS, known for its emphasis on security, privacy, and development, is widely used by cybersecurity professionals and enthusiasts alike. Version 6.4 delivers a host of updates and community-driven enhancements. The update is expected to be the final release in
ParrotOS 6.4 lands with key tool updates and kernel upgrade Read More »
Exposure management is the answer to: “Am I working on the right things?” 2025-07-08 at 09:07 By Mirko Zorz In this Help Net Security interview, Dan DeCloss, Founder and CTO at PlexTrac, discusses the role of exposure management in cybersecurity and how it helps organizations gain visibility into their attack surface to improve risk assessment
Exposure management is the answer to: “Am I working on the right things?” Read More »
Cyberattacks are changing the game for major sports events 2025-07-08 at 08:32 By Sinisa Markovic Sports fans and cybercriminals both look forward to major sporting events, but for very different reasons. Fake ticket sites, stolen login details, and DDoS attacks are common ways criminals try to make money or disrupt an event. Why are sports
Cyberattacks are changing the game for major sports events Read More »
Can your security stack handle AI that thinks for itself? 2025-07-08 at 08:03 By Help Net Security In this Help Net Security video, Art Poghosyan, CEO at Britive, explores the rise of agentic AI and its impact on identity security. As autonomous AI agents begin to think, act, and interact more like humans, traditional identity
Can your security stack handle AI that thinks for itself? Read More »
CISOs urged to fix API risk before regulation forces their hand 2025-07-08 at 07:33 By Mirko Zorz Most organizations are exposing sensitive data through APIs without security controls in place, and they may not even realize it, according to Raidiam. Their report, API Security at a Turning Point, draws on a detailed assessment of 68
CISOs urged to fix API risk before regulation forces their hand Read More »
Cybersecurity jobs available right now: July 8, 2025 2025-07-08 at 07:02 By Anamarija Pogorelec Analyst III-Threat Intel Verizon Data Services | India | Hybrid – View job details As an Analyst III-Threat Intel, you will deploy security tools, analyze logs and endpoints, and assess threats across Verizon’s enterprise and cloud environments. You’ll also help develop
Cybersecurity jobs available right now: July 8, 2025 Read More »
Cut Your Azure Spend: Trustwave MXDR and MailMarshal Purchases Now Count Towards Your Microsoft Azure Consumption Commitment MACC 2025-07-07 at 16:04 By Trustwave has significantly enhanced its Microsoft Azure Marketplace offering with the addition of three security solutions that will help clients meet their Microsoft Azure Consumption Commitment (MACC). This article is an excerpt from
July 2025 Patch Tuesday forecast: Take a break from the grind 2025-07-07 at 09:33 By Help Net Security There was a barrage of updates released the week of June 2025 Patch Tuesday. This included security updates from Adobe, Google, Microsoft, Mozilla, and others. But it has been ‘calm’ the past couple of weeks. The news
July 2025 Patch Tuesday forecast: Take a break from the grind Read More »
AI built it, but can you trust it? 2025-07-07 at 09:02 By Mirko Zorz In this Help Net Security interview, John Morello, CTO at Minimus, discusses the security risks in AI-driven development, where many dependencies are pulled in quickly. He explains why it’s hard to secure software stacks that no one fully understands. He also
AI built it, but can you trust it? Read More »
Aegis Authenticator: Free, open-source 2FA app for Android 2025-07-07 at 08:34 By Help Net Security Aegis Authenticator is an open-source 2FA app for Android that helps you manage login codes for your online accounts. The app features strong encryption and the ability to back up your data. It supports both HOTP and TOTP, so it
Aegis Authenticator: Free, open-source 2FA app for Android Read More »
Review: Attack Surface Management 2025-07-07 at 08:04 By Mirko Zorz Attack Surface Management (ASM) has become one of those buzzwords that gets used a lot but rarely explained in detail. The authors of this book offer a practical guide that aims to change that. About the authors Ron Eddings is the Executive Producer at Hacker
Review: Attack Surface Management Read More »
New technique detects tampering or forgery of a PDF document 2025-07-07 at 07:37 By Sinisa Markovic Researchers from the University of Pretoria presented a new technique for detecting tampering in PDF documents by analyzing the file’s page objects. The technique employs a prototype that can detect changes to a PDF document, such as changes made
New technique detects tampering or forgery of a PDF document Read More »
Cloud security maintains its position as top spending priority 2025-07-07 at 07:04 By Help Net Security While most enterprises have integrated cloud resources into their operations, many need to improve their ability to secure these environments and the data they contain, according to Thales. Cloud security challenges go beyond technology The variability of controls across
Cloud security maintains its position as top spending priority Read More »
Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome 2025-07-06 at 11:09 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) If you haven’t recently updated the Sudo utility on your Linux
The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner 2025-07-04 at 15:34 By Nikita Kazymirskyi On July 3, 2025, Qantas confirmed in an update statement that a cyber incident had compromised data from one of its contact centers, following the detection of suspicious activity on June 30. The breach didn’t strike at the heart
The Breach Beyond the Runway: Cybercriminals Targeted Qantas Through a Trusted Partner Read More »
NTLM relay attacks are back from the dead 2025-07-04 at 09:32 By Help Net Security NTLM relay attacks are the easiest way for an attacker to compromise domain-joined hosts. While many security practitioners think NTLM relay is a solved problem, it is not – and, in fact, it may be getting worse. Anecdotally, they are
NTLM relay attacks are back from the dead Read More »