tips

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity 2026-03-09 at 09:01 By Mirko Zorz Stu Hirst was already a CISO when he started to go deaf. It was 2023, and the hearing loss crept in over months, enough for him to adapt, to lean on hearing aids and captions, to quietly reorganize […]

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity Read More »

Why phishing still works today

Why phishing still works today 2026-03-06 at 08:30 By Help Net Security In this Help Net Security video, Gal Livschitz, Senior Penetration Tester at Terra Security, explains how phishing has evolved and why employees still fall for it. He outlines how phishing now uses HTTPS, branded pages, and lookalike domains, making attacks harder to spot.

Why phishing still works today Read More »

When cyber threats start thinking for themselves

When cyber threats start thinking for themselves 2026-03-02 at 07:30 By Help Net Security In this Help Net Security video, Jason Rivera, Field CISO & Head of Solution Engineering at SimSpace, discusses how autonomous AI agents are changing cyber threats. Drawing on experience in the US Army, NSA, Deloitte, and CrowdStrike, he describes how security

When cyber threats start thinking for themselves Read More »

Scattered Lapsus$ Hunters seeks women for vishing attacks

Scattered Lapsus$ Hunters seeks women for vishing attacks 2026-02-26 at 14:55 By Zeljka Zorz The Scattered Lapsus$ Hunters (SLH) hacking collective has launched a recruitment push aimed specifically at women, offering cash payments for participating in voice-phishing (vishing) attacks. A few days ago, threat intelligence firm Dataminr detected posts on a public Telegram channel advertising

Scattered Lapsus$ Hunters seeks women for vishing attacks Read More »

The hidden cost of putting off security decisions

The hidden cost of putting off security decisions 2026-02-06 at 08:01 By Help Net Security In this Help Net Security video, Hanah Darley, Chief AI Officer, Geordie AI, talks about how putting off security risk decisions creates long-term costs that often stay hidden. Drawing on her work with CISOs and security leaders, she shows how

The hidden cost of putting off security decisions Read More »

Cybersecurity planning keeps moving toward whole-of-society models

Cybersecurity planning keeps moving toward whole-of-society models 2026-02-05 at 09:11 By Sinisa Markovic National governments already run cybersecurity through a mix of ministries, regulators, law enforcement, and private operators that own most critical systems. In that environment, guidance circulating among policymakers outlines how national cybersecurity strategies increasingly tie together risk management, workforce planning, technology standards,

Cybersecurity planning keeps moving toward whole-of-society models Read More »

Why incident response breaks down when it matters most

Why incident response breaks down when it matters most 2026-02-04 at 07:45 By Help Net Security In this Help Net Security video, Jon David, Managing Director, NR Labs, discusses why incident response often breaks down during a breach. Drawing on years of experience watching real attackers operate across many industries, he walks through what tends

Why incident response breaks down when it matters most Read More »

ShinyHunters flip the script on MFA in new data theft attacks

ShinyHunters flip the script on MFA in new data theft attacks 2026-02-02 at 18:50 By Zeljka Zorz Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in ongoing social engineering attacks aimed at bypassing it. Among those successfully targeted in

ShinyHunters flip the script on MFA in new data theft attacks Read More »

Where NSA zero trust guidance aligns with enterprise reality

Where NSA zero trust guidance aligns with enterprise reality 2026-02-02 at 09:10 By Sinisa Markovic The NSA has published Phase One and Phase Two of its Zero Trust Implementation Guidelines, providing structured guidance for organizations working to implement zero trust cybersecurity practices. The documents are part of a larger series designed to support adoption of

Where NSA zero trust guidance aligns with enterprise reality Read More »

A practical take on cyber resilience for CISOs

A practical take on cyber resilience for CISOs 2026-01-29 at 08:06 By Help Net Security In this Help Net Security video, Shebani Baweja, CISO for Consumer, Private, Wealth & Business Banking at Standard Chartered, explains how security leaders should think about cyber resilience. She outlines why preparation for extreme events matters as much as day

A practical take on cyber resilience for CISOs Read More »

A new framework helps banks sort urgent post-quantum crypto work from the rest

A new framework helps banks sort urgent post-quantum crypto work from the rest 2026-01-22 at 04:57 By Sinisa Markovic Financial institutions now have a concrete method for deciding where post-quantum cryptography belongs on their security roadmaps. New research coordinated by Europol sets out a scoring framework that helps banks rank systems and business use cases

A new framework helps banks sort urgent post-quantum crypto work from the rest Read More »

The NSA lays out the first steps for zero trust adoption

The NSA lays out the first steps for zero trust adoption 2026-01-15 at 07:28 By Anamarija Pogorelec Security pros often say that zero trust sounds straightforward until they try to apply it across real systems, real users, and real data. Many organizations are still sorting out what they own, how access works, and where authority

The NSA lays out the first steps for zero trust adoption Read More »

Turning plain language into firewall rules

Turning plain language into firewall rules 2026-01-06 at 09:00 By Sinisa Markovic Firewall rules often begin as a sentence in someone’s head. A team needs access to an application. A service needs to be blocked after hours. Translating those ideas into vendor specific firewall syntax usually involves detailed knowledge of zones, objects, ports, and rule

Turning plain language into firewall rules Read More »

NIST issues guidance on securing smart speakers

NIST issues guidance on securing smart speakers 2025-12-22 at 07:02 By Sinisa Markovic Smart home devices, such as voice-activated digital assistants, are increasingly used in home health care, with risks involved. An attacker could change a prescription, steal medical data, or connect a patient to an impostor. To reduce cybersecurity risks tied to this use,

NIST issues guidance on securing smart speakers Read More »

LLMs work better together in smart contract audits

LLMs work better together in smart contract audits 2025-12-19 at 08:42 By Sinisa Markovic Smart contract bugs continue to drain real money from blockchain systems, even after years of tooling and research. A new academic study suggests that large language models can spot more of those flaws when they work in coordinated groups instead of

LLMs work better together in smart contract audits Read More »

Microsoft 365 users targeted in device code phishing attacks

Microsoft 365 users targeted in device code phishing attacks 2025-12-18 at 16:12 By Zeljka Zorz Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method abuses Microsoft’s OAuth 2.0 device authorization grant flow by presenting users with device codes that, when

Microsoft 365 users targeted in device code phishing attacks Read More »

The soft underbelly of space isn’t in orbit, it’s on the ground

The soft underbelly of space isn’t in orbit, it’s on the ground 2025-12-18 at 09:08 By Mirko Zorz In this Help Net Security interview, Øystein Thorvaldsen, CISO at KSAT, discusses how adversaries view the ground segment as the practical way to reach space systems and why stations remain a focal point for security efforts. He

The soft underbelly of space isn’t in orbit, it’s on the ground Read More »

Why vulnerability reports stall inside shared hosting companies

Why vulnerability reports stall inside shared hosting companies 2025-12-17 at 09:24 By Mirko Zorz Security teams keep sending vulnerability notifications, and the same pattern keeps repeating. Many alerts land, few lead to fixes. A new qualitative study digs into what happens after those reports arrive and explains why remediation so often stops short. The research

Why vulnerability reports stall inside shared hosting companies Read More »

Social data puts user passwords at risk in unexpected ways

Social data puts user passwords at risk in unexpected ways 2025-11-28 at 09:08 By Anamarija Pogorelec Many CISOs already assume that social media creates new openings for password guessing, but new research helps show what that risk looks like in practice. The findings reveal how much information can be reconstructed from public profiles and how

Social data puts user passwords at risk in unexpected ways Read More »

Heineken CISO champions a new risk mindset to unlock innovation

Heineken CISO champions a new risk mindset to unlock innovation 2025-11-26 at 09:16 By Mirko Zorz In this Help Net Security interview, Marina Marceta, CISO at Heineken, discusses what it takes for CISOs to be seen as business-aligned leaders rather than technical overseers. She shares how connecting security to business impact can shift perceptions and

Heineken CISO champions a new risk mindset to unlock innovation Read More »

Scroll to Top