One in three security teams trust AI to act autonomously 2025-04-24 at 07:39 By Help Net Security While AI adoption is widespread, its impact on productivity, trust, and team structure varies sharply by role and region, according to Exabeam. The findings confirm a critical divide: 71% of executives believe AI has significantly improved productivity across […]
One in three security teams trust AI to act autonomously Read More »
2025 Data Breach Investigations Report: Third-party breaches double 2025-04-23 at 14:55 By Sinisa Markovic The exploitation of vulnerabilities has seen another year of growth as an initial access vector for breaches, reaching 20%, according to Verizon’s 2025 Data Breach Investigations Report. Researchers analyzed 22,052 real-world security incidents, of which 12,195 were confirmed data breaches. This
2025 Data Breach Investigations Report: Third-party breaches double Read More »
Phishing emails delivering infostealers surge 84% 2025-04-23 at 07:31 By Help Net Security Cybercriminals continued to shift to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises declined, according to IBM. Researchers observed an 84% increase in emails delivering infostealers in 2024 compared to the prior year, a method threat actors relied
Phishing emails delivering infostealers surge 84% Read More »
54% of tech hiring managers expect layoffs in 2025 2025-04-22 at 18:22 By Help Net Security 54% of tech hiring managers say their companies are likely to conduct layoffs within the next year, and 45% say employees whose roles can be replaced by AI are most likely to be let go, according to a new
54% of tech hiring managers expect layoffs in 2025 Read More »
The C-suite gap that’s putting your company at risk 2025-04-22 at 08:03 By Help Net Security New research from EY US shows that cyber attacks are creating serious financial risks. C-suite leaders don’t always agree on how exposed their companies are or where the biggest threats come from. CISOs more concerned about cybersecurity (Source: EY
The C-suite gap that’s putting your company at risk Read More »
Compliance weighs heavily on security and GRC teams 2025-04-22 at 07:24 By Help Net Security Only 29% of all organizations say their compliance programs consistently meet internal and external standards, according to Swimlane. Their report reveals that fragmented workflows, manual evidence gathering and poor collaboration between security and governance, risk and compliance (GRC) teams are
Compliance weighs heavily on security and GRC teams Read More »
Cybercriminals blend AI and social engineering to bypass detection 2025-04-21 at 08:04 By Help Net Security Attackers are focusing more on stealing identities. Because of this, companies need to use zero trust principles. They should also verify user identities more carefully, says DirectDefense. Researchers analyzed thousands of alerts, mapping them to the MITRE ATT&CK framework,
Cybercriminals blend AI and social engineering to bypass detection Read More »
Cyber threats now a daily reality for one in three businesses 2025-04-21 at 07:40 By Help Net Security Businesses are losing out on an average of $98.5 million a year as a consequence of cyber threats, fraud, regulatory hurdles and operational inefficiencies, according to research from FIS and Oxford Economics. The cost of disharmony is
Cyber threats now a daily reality for one in three businesses Read More »
Widely available AI tools signal new era of malicious bot activity 2025-04-18 at 07:34 By Help Net Security Rise in accessible AI tools significantly lowered the barrier to entry for cyber attackers, enabling them to create and deploy malicious bots at scale, according to Thales. Automated bot traffic surpassed human-generated traffic for the first time
Widely available AI tools signal new era of malicious bot activity Read More »
Browser extensions make nearly every employee a potential attack vector 2025-04-16 at 07:12 By Help Net Security Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have access to sensitive data 99% of enterprise users have at least one extension
Browser extensions make nearly every employee a potential attack vector Read More »
94% of firms say pentesting is essential, but few are doing it right 2025-04-15 at 08:05 By Help Net Security Organizations are fixing less than half of all exploitable vulnerabilities, with just 21% of GenAI app flaws being resolved, according to Cobalt. Big firms take longer to fix pentest issues 94% of firms view pentesting
94% of firms say pentesting is essential, but few are doing it right Read More »
Organizations can’t afford to be non-compliant 2025-04-14 at 07:01 By Help Net Security Non-compliance can cost organizations 2.71 times more than maintaining compliance programs, according to Secureframe. That’s because non-compliance can result in business disruption, productivity losses, fines, penalties, and settlement costs, among other factors that come with a hefty price tag. Even data breaches
Organizations can’t afford to be non-compliant Read More »
Ransomware groups push negotiations to new levels of uncertainty 2025-04-11 at 08:18 By Help Net Security Ransomware attacks increased by nearly 20% in 2024, and the severity rose by 13%, according to At-Bay. The blast radius of ransomware continues to grow as businesses impacted by attacks on vendors and partners increased 43%, while the average
Ransomware groups push negotiations to new levels of uncertainty Read More »
iOS devices face twice the phishing attacks of Android 2025-04-11 at 07:06 By Help Net Security 2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from nation-states to individuals, are increasingly targeting mobile devices for the onset of their attacks to steal credentials
iOS devices face twice the phishing attacks of Android Read More »
Cybercriminals exfiltrate data in just three days 2025-04-03 at 08:14 By Industry News In 56% of Sophos managed detection and response (MDR) and incident response (IR) cases, attackers gained initial access to networks by exploiting external remote services, including edge devices such as firewalls and VPNs, and by leveraging valid accounts. Compromised credentials remain the
Cybercriminals exfiltrate data in just three days Read More »
Only 1% of malicious emails that reach inboxes deliver malware 2025-04-02 at 07:04 By Help Net Security 99% of email threats reaching corporate user inboxes in 2024 were response-based social engineering attacks or contained phishing links, according to Fortra. Only 1% of malicious emails that reached user inboxes delivered malware. This shows that while common
Only 1% of malicious emails that reach inboxes deliver malware Read More »
Only 2-5% of application security alerts require immediate action 2025-03-31 at 07:51 By Help Net Security The large volume of security alerts, many created by automated tools, is overwhelming security and development teams, according to the 2025 Application Security Benchmark report by Ox Security. The report is based on an analysis of over 101 million
Only 2-5% of application security alerts require immediate action Read More »
GenAI turning employees into unintentional insider threats 2025-03-31 at 07:03 By Help Net Security The amount of data being shared by businesses with GenAI apps has exploded, increasing 30x in one year, according to Netskope. The average organization now shares more than 7.7GB of data with AI tools per month, a massive jump from just
GenAI turning employees into unintentional insider threats Read More »
Healthcare’s alarming cybersecurity reality 2025-03-28 at 07:35 By Help Net Security 89% of healthcare organizations have the top 1% of riskiest Internet of Medical Things (IoMT) devices – which contain known exploitable vulnerabilities (KEVs) linked to active ransomware campaigns as well as an insecure connection to the internet – on their networks, according to Claroty.
Healthcare’s alarming cybersecurity reality Read More »
Enterprises walk a tightrope between AI innovation and security 2025-03-24 at 08:02 By Help Net Security AI/ML tool usage surged globally in 2024, with enterprises integrating AI into operations and employees embedding it in daily workflows, according to Zscaler. The report reveals a 3,000+% year-over-year growth in enterprise use of AI/ML tools, highlighting the rapid
Enterprises walk a tightrope between AI innovation and security Read More »