The C-suite gap that’s putting your company at risk 2025-04-22 at 08:03 By Help Net Security New research from EY US shows that cyber attacks are creating serious financial risks. C-suite leaders don’t always agree on how exposed their companies are or where the biggest threats come from. CISOs more concerned about cybersecurity (Source: EY […]
React to this headline:
The C-suite gap that’s putting your company at risk Read More »
Compliance weighs heavily on security and GRC teams 2025-04-22 at 07:24 By Help Net Security Only 29% of all organizations say their compliance programs consistently meet internal and external standards, according to Swimlane. Their report reveals that fragmented workflows, manual evidence gathering and poor collaboration between security and governance, risk and compliance (GRC) teams are
React to this headline:
Compliance weighs heavily on security and GRC teams Read More »
Cybercriminals blend AI and social engineering to bypass detection 2025-04-21 at 08:04 By Help Net Security Attackers are focusing more on stealing identities. Because of this, companies need to use zero trust principles. They should also verify user identities more carefully, says DirectDefense. Researchers analyzed thousands of alerts, mapping them to the MITRE ATT&CK framework,
React to this headline:
Cybercriminals blend AI and social engineering to bypass detection Read More »
Cyber threats now a daily reality for one in three businesses 2025-04-21 at 07:40 By Help Net Security Businesses are losing out on an average of $98.5 million a year as a consequence of cyber threats, fraud, regulatory hurdles and operational inefficiencies, according to research from FIS and Oxford Economics. The cost of disharmony is
React to this headline:
Cyber threats now a daily reality for one in three businesses Read More »
Why CISOs are watching the GenAI supply chain shift closely 2025-04-21 at 07:08 By Help Net Security In supply chain operations, GenAI is gaining traction. But according to Logility’s Supply Chain Horizons 2025 report, many security leaders remain uneasy about what that means for data protection, legacy tech, and trust in automation. The survey of
React to this headline:
Why CISOs are watching the GenAI supply chain shift closely Read More »
Widely available AI tools signal new era of malicious bot activity 2025-04-18 at 07:34 By Help Net Security Rise in accessible AI tools significantly lowered the barrier to entry for cyber attackers, enabling them to create and deploy malicious bots at scale, according to Thales. Automated bot traffic surpassed human-generated traffic for the first time
React to this headline:
Widely available AI tools signal new era of malicious bot activity Read More »
Microsoft vulnerabilities: What’s improved, what’s at risk 2025-04-17 at 08:02 By Help Net Security Microsoft reported a record 1,360 vulnerabilities in 2024, according to the latest BeyondTrust Microsoft Vulnerabilities Report. The volume marks an 11% increase from the previous record in 2022 and fits within a broader post-pandemic trend: more vulnerabilities, more products, and more
React to this headline:
Microsoft vulnerabilities: What’s improved, what’s at risk Read More »
Browser extensions make nearly every employee a potential attack vector 2025-04-16 at 07:12 By Help Net Security Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have access to sensitive data 99% of enterprise users have at least one extension
React to this headline:
Browser extensions make nearly every employee a potential attack vector Read More »
94% of firms say pentesting is essential, but few are doing it right 2025-04-15 at 08:05 By Help Net Security Organizations are fixing less than half of all exploitable vulnerabilities, with just 21% of GenAI app flaws being resolved, according to Cobalt. Big firms take longer to fix pentest issues 94% of firms view pentesting
React to this headline:
94% of firms say pentesting is essential, but few are doing it right Read More »
Organizations can’t afford to be non-compliant 2025-04-14 at 07:01 By Help Net Security Non-compliance can cost organizations 2.71 times more than maintaining compliance programs, according to Secureframe. That’s because non-compliance can result in business disruption, productivity losses, fines, penalties, and settlement costs, among other factors that come with a hefty price tag. Even data breaches
React to this headline:
Organizations can’t afford to be non-compliant Read More »
Ransomware groups push negotiations to new levels of uncertainty 2025-04-11 at 08:18 By Help Net Security Ransomware attacks increased by nearly 20% in 2024, and the severity rose by 13%, according to At-Bay. The blast radius of ransomware continues to grow as businesses impacted by attacks on vendors and partners increased 43%, while the average
React to this headline:
Ransomware groups push negotiations to new levels of uncertainty Read More »
iOS devices face twice the phishing attacks of Android 2025-04-11 at 07:06 By Help Net Security 2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from nation-states to individuals, are increasingly targeting mobile devices for the onset of their attacks to steal credentials
React to this headline:
iOS devices face twice the phishing attacks of Android Read More »
Study Identifies 20 Most Vulnerable Connected Devices of 2025 2025-04-10 at 15:03 By Ionut Arghire Routers are the riskiest devices in enterprise networks as they contain the most critical vulnerabilities, a new Forescout report shows. The post Study Identifies 20 Most Vulnerable Connected Devices of 2025 appeared first on SecurityWeek. This article is an excerpt
React to this headline:
Study Identifies 20 Most Vulnerable Connected Devices of 2025 Read More »
AI is challenging the geopolitical status quo 2025-04-09 at 07:06 By Help Net Security AI-powered cyberattacks are becoming powerful new weapons. Organizations need to act fast to close the gap between today’s defenses and tomorrow’s threats. These attacks are only going to grow. New data from Armis Labs shows that the threat of AI in
React to this headline:
AI is challenging the geopolitical status quo Read More »
Cyberattacks on water and power utilities threaten public safety 2025-04-08 at 07:33 By Help Net Security 62% of utility operators were targeted by cyberattacks in the past year, and of those, 80% were attacked multiple times, according to Semperis. 54% suffered permanent corruption or destruction of data and systems. (Source: Semperis) Utilities face rising cyber
React to this headline:
Cyberattacks on water and power utilities threaten public safety Read More »
Benefits from privacy investment are greater than the cost 2025-04-04 at 08:02 By Help Net Security Cisco released its 2025 Data Privacy Benchmark Study. The report looks at global trends in data privacy and how they affect businesses. The study gathered responses from 2,600 privacy and security experts in 12 countries. It highlights the need
React to this headline:
Benefits from privacy investment are greater than the cost Read More »
Cybercriminals exfiltrate data in just three days 2025-04-03 at 08:14 By Industry News In 56% of Sophos managed detection and response (MDR) and incident response (IR) cases, attackers gained initial access to networks by exploiting external remote services, including edge devices such as firewalls and VPNs, and by leveraging valid accounts. Compromised credentials remain the
React to this headline:
Cybercriminals exfiltrate data in just three days Read More »
Open-source malware doubles, data exfiltration attacks dominate 2025-04-03 at 07:02 By Help Net Security There’s been a notable shift in the types of threats targeting software developers, with a total of 17,954 open source malware packages identified in Q1 2025, according to Sonatype. Quarterly breakdown (Source: Sonatype) The Q1 figure represents a significant decrease from
React to this headline:
Open-source malware doubles, data exfiltration attacks dominate Read More »
Only 1% of malicious emails that reach inboxes deliver malware 2025-04-02 at 07:04 By Help Net Security 99% of email threats reaching corporate user inboxes in 2024 were response-based social engineering attacks or contained phishing links, according to Fortra. Only 1% of malicious emails that reached user inboxes delivered malware. This shows that while common
React to this headline:
Only 1% of malicious emails that reach inboxes deliver malware Read More »
Only 2-5% of application security alerts require immediate action 2025-03-31 at 07:51 By Help Net Security The large volume of security alerts, many created by automated tools, is overwhelming security and development teams, according to the 2025 Application Security Benchmark report by Ox Security. The report is based on an analysis of over 101 million
React to this headline:
Only 2-5% of application security alerts require immediate action Read More »