February 2024
Akira, LockBit actively searching for vulnerable Cisco ASA devices
Akira and Lockbit ransomware groups are trying to breach Cisco ASA SSL VPN devices by exploiting several older vulnerabilities, security researcher Kevin Beaumont is warning. …
VikingCloud introduces CCS Advantage to boost PCI compliance program value
VikingCloud announced CCS Advantage, a self-service Payment Card Industry Data Security Standard (PCI DSS) compliance and cybersecurity program for Level 4 (L4) businesses. …
Kyndryl and Google Cloud expand partnership to develop responsible generative AI solutions
Kyndryl announced an expanded partnership with Google Cloud to develop responsible generative AI solutions and to accelerate adoption among customers. Kyndryl and Google Cloud …
10 tips for creating your security hackathon playbook
For more than 12 years, I’ve been organizing and running hackathons with the goal of finding security vulnerabilities and fixing them before a product hits the market. These …
Choosing the right partner when outsourcing cybersecurity
In this Help Net Security interview, Anya Shpilman, Senior Executive, Cyber Security Services at WDigital, discusses the benefits and potential risks of outsourcing …
SOAPHound: Open-source tool to collect Active Directory data via ADWS
SOAPHound is an open-source data collection tool capable of enumerating Active Directory environments through the Active Directory Web Services (ADWS) protocol. How SOAPHound …
How threat actors abuse OAuth apps
OAuth apps have become prominent in several attack groups’ TTPs in recent years. OAuth apps are used for every part of the attack process. In this Help Net Security …
As-a-Service tools empower criminals with limited tech skills
As-a-service attacks continue to dominate the threat landscape, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools making up the majority of malicious …
Securiti AI enables organizations to safely use AI
Securiti AI released AI Security & Governance offering, providing a solution to enable safe adoption of AI. It combines comprehensive AI discovery, AI risk ratings, …
Chinese hackers breached Dutch Ministry of Defense
Chinese state-sponsored hackers have breached the Dutch Ministry of Defense (MOD) last year and deployed a new remote access trojan (RAT) malware to serve as a backdoor. …
Qualys TotalCloud 2.0 measures cyber risk in cloud and SaaS apps
Qualys unveiled TotalCloud 2.0. This significant upgrade to Qualys’ AI-powered cloud native application protection platform (CNAPP) delivers a single prioritized view of …
SolarWinds offers complete hybrid visibility across on-premises and cloud networks
SolarWinds announced enhancements to its SaaS-based and self-hosted, on-premises observability solutions built to monitor and observe complex, distributed environments from …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM