The unseen side of malware and how to find it 2025-09-19 at 08:31 By Anamarija Pogorelec Security teams rely on threat reports to understand what’s out there and to keep their organizations safe. But a new report shows that these reports might only reveal part of the story. Hidden malware variants are quietly slipping past […]
React to this headline:
The unseen side of malware and how to find it Read More »
The top CTEM platforms you should know in 2025 2025-08-14 at 08:02 By Help Net Security Continuous Threat Exposure Management (CTEM) is a modern cybersecurity strategy originally coined by Gartner analysts, which focuses on identifying, prioritizing, validating, and mobilizing teams to reduce threat exposure across an organization’s full attack surface. It’s in a category of
React to this headline:
The top CTEM platforms you should know in 2025 Read More »
Why 90% of cyber leaders are feeling the heat 2025-08-06 at 08:02 By Anamarija Pogorelec 90% of cyber leaders find managing cyber risks harder today than five years ago, mainly due to the explosion of AI and expanding attack surfaces, according to BitSight. These threats are also fueling high rates of burnout, with 47% of
React to this headline:
Why 90% of cyber leaders are feeling the heat Read More »
Tired of gaps in your security? These open-source tools can help 2025-07-17 at 07:42 By Anamarija Pogorelec When it comes to spotting threats, security teams need tools that can pull data from all over and make it easier to analyze. In this article, we’ll take a look at some popular open-source tools that help with
React to this headline:
Tired of gaps in your security? These open-source tools can help Read More »
Industrial security is on shaky ground and leaders need to pay attention 2025-07-03 at 07:07 By Help Net Security 44% of industrial organizations claim to have strong real-time cyber visibility, but nearly 60% have low to no confidence in their OT and IoT threat detection capabilities, according to Forescout. How confident are you in your
React to this headline:
Industrial security is on shaky ground and leaders need to pay attention Read More »
Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques 2025-06-09 at 07:32 By Help Net Security Using the MITRE ATT&CK framework as a baseline, organizations are generally improving year-over-year in understanding security information and event management (SIEM) detection coverage and quality, but plenty of room for improvement remains, according to CardinalOps. MITRE ATT&CK enhances SOC
React to this headline:
Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques Read More »
Virtual Event Today: Threat Detection & Incident Response (TDIR) Summit 2025-05-21 at 12:49 By SecurityWeek News SecurityWeek’s 2025 Threat Detection & Incident Response (TDIR) Summit takes place as a virtual summit on Wednesday, May 21st. The post Virtual Event Today: Threat Detection & Incident Response (TDIR) Summit appeared first on SecurityWeek. This article is an
React to this headline:
Virtual Event Today: Threat Detection & Incident Response (TDIR) Summit Read More »
Event Preview: 2025 Threat Detection & Incident Response (Virtual) Summit 2025-05-20 at 15:39 By SecurityWeek News SecurityWeek’s 2025 Threat Detection & Incident Response (TDIR) Summit takes place as a virtual summit on Wednesday, May 21st. The post Event Preview: 2025 Threat Detection & Incident Response (Virtual) Summit appeared first on SecurityWeek. This article is an
React to this headline:
Event Preview: 2025 Threat Detection & Incident Response (Virtual) Summit Read More »
PRevent: Open-source tool to detect malicious code in pull requests 2025-02-20 at 16:52 By Zeljka Zorz Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for Semgrep and Opengrep static
React to this headline:
PRevent: Open-source tool to detect malicious code in pull requests Read More »
Strengthening security posture with comprehensive cybersecurity assessments 2024-12-10 at 07:04 By Mirko Zorz In this Help Net Security interview, Phani Dasari, CISO at HGS, discusses key aspects of cybersecurity assessments, including effective tools and methodologies, the role of AI and automation, and strategies for aligning assessments with organizational needs. The post Strengthening security posture with
React to this headline:
Strengthening security posture with comprehensive cybersecurity assessments Read More »
5 reasons to double down on network security 2024-12-02 at 07:33 By Help Net Security Cybersecurity programs have evolved significantly over the past few decades. The advent of cloud computing shattered the conventional corporate perimeter, forcing organizations to update their defense strategies. Today, with the rise of work-from-anywhere and bring-your-own-device (BYOD) policies as well as
React to this headline:
5 reasons to double down on network security Read More »
Google launches on-device AI to alert Android users of scam calls in real-time 2024-11-14 at 15:04 By Anamarija Pogorelec Google has announced new security features for Android that provide real-time protection against scams and harmful apps. These features, powered by advanced on-device AI, enhance user safety without compromising privacy. These new security features are available
React to this headline:
Google launches on-device AI to alert Android users of scam calls in real-time Read More »
Why cyber tools fail SOC teams 2024-10-31 at 06:34 By Help Net Security A recent Vectra AI report highlights a growing distrust of threat detection tools. 47% of respondents note they do not trust their tools to work the way they need them to. Moreover, 60% of SOC practitioners say security vendors flood them with
React to this headline:
Why cyber tools fail SOC teams Read More »
Enhancing national security: The four pillars of the National Framework for Action 2024-10-24 at 07:33 By Mirko Zorz In this Help Net Security interview, John Cohen, Executive Director, Program for Countering Hybrid Threats at the Center for Internet Security, discusses the four pillars of the National Framework for Action, emphasizing how these measures can combat
React to this headline:
Enhancing national security: The four pillars of the National Framework for Action Read More »
Attackers deploying red teaming tool for EDR evasion 2024-10-15 at 17:16 By Zeljka Zorz Threat actors are leveraging the open-source EDRSilencer tool to evade endpoint detection and response systems, Trend Micro researchers have noticed. About EDRSilencer The software, which is intended for red teaming, is being abused to “silence” EDR solutions. It works by leveraging
React to this headline:
Attackers deploying red teaming tool for EDR evasion Read More »
Suricata: Open-source network analysis and threat detection 2024-10-02 at 07:31 By Help Net Security Suricata is an open-source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. Suricata features Suricata offers comprehensive capabilities for network security monitoring (NSM), including logging HTTP requests, capturing and storing TLS certificates, and extracting files
React to this headline:
Suricata: Open-source network analysis and threat detection Read More »
AI use: 3 essential questions every CISO must ask 2024-09-26 at 07:32 By Help Net Security In July, Wall Street experienced its worst day since 2022, with the tech-focused Nasdaq falling by 3.6%. The downturn was largely triggered by what commentators suggest is the result of underwhelming earnings from some major tech companies. What’s notable
React to this headline:
AI use: 3 essential questions every CISO must ask Read More »
Organizations are making email more secure, and it’s paying off 2024-09-25 at 06:01 By Help Net Security Compromised identities have been a central component of countless costly breaches this year, according to Red Canary. Rise in identity and cloud-native attacks While most of the threats and techniques identified in the 2024 report remain consistent with
React to this headline:
Organizations are making email more secure, and it’s paying off Read More »
How to make Infrastructure as Code secure by default 2024-09-13 at 07:46 By Help Net Security Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through machine-readable definition files. What can we to do make IaC secure by default? Security workflows for IaC
React to this headline:
How to make Infrastructure as Code secure by default Read More »
NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise? 2024-08-09 at 08:02 By Help Net Security The Network and Information Security (NIS) 2 Directive is possibly one of the most significant pieces of cybersecurity regulation to ever hit Europe. The 27 EU Member States have until 17 October 2024 to adopt and publish
React to this headline:
NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise? Read More »