May 2024
MITRE EMB3D improves security for embedded devices
MITRE released EMB3D, a cybersecurity threat model for embedded devices. The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a …
Black Basta target orgs with new social engineering campaign
Black Basta, one of the most prolific ransomware-as-a-service operators, is trying out a combination of email DDoS and vishing to get employees to download remote access …
Palo Alto Networks and Accenture help organizations accelerate AI adoption
Palo Alto Networks and Accenture announced an expansion of their long-standing strategic alliance. New offerings will combine Precision AI technology from Palo Alto Networks …
Red teaming: The key ingredient for responsible AI
Developing responsible AI isn’t a straightforward proposition. On one side, organizations are striving to stay at the forefront of technological advancement. On the other …
Establishing a security baseline for open source projects
In this Help Net Security interview, Dana Wang, Chief Architect at OpenSSF, discusses the most significant barriers to improving open-source software security (OSS security) …
AI’s rapid growth puts pressure on CISOs to adapt to new security risks
The increased use of AI further complicates CISO role as industries begin to realize the full potential of GenAI and its impact on cybersecurity, according to Trellix. …
How AI affects vulnerability management in open-source software
In this Help Net Security video, Itamar Sher, CEO of Seal Security, discusses how AI affects the risk and operational aspects of managing vulnerabilities in open-source …
Critical vulnerabilities take 4.5 months on average to remediate
Over a third of organizations had at least one known vulnerability in 2023, with nearly a quarter of those facing five or more, and 60% of vulnerabilities remained unaddressed …
Securing the future through cybersecurity education
In this Help Net Security round-up, we present excerpts from previously recorded videos in which security experts talk about the cybersecurity talent shortage and the role …
Download: The Ultimate Guide to the CISSP
The Ultimate Guide to the CISSP covers everything you need about the world’s premier cybersecurity leadership certification. Learn how CISSP and ISC2 will help you navigate …
Week in review: Veeam fixes RCE flaw in backup management platform, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam fixes RCE flaw in backup management platform (CVE-2024-29212) Veeam has …
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2024-4671)
Google has fixed a Chrome zero-day vulnerability (CVE-2024-4671), an exploit for which exists in the wild. About CVE-2024-4671 CVE-2024-4671 is a use after free vulnerability …
Featured news
Resources
Don't miss
- Attackers are exploiting critical SAP S/4HANA vulnerability (CVE-2025-42957)
- Stealthy attack serves poisoned web pages only to AI agents
- September 2025 Patch Tuesday forecast: The CVE matrix
- Google fixes actively exploited Android vulnerabilities (CVE-2025-48543, CVE-2025-38352)
- CyberFlex: Flexible Pen testing as a Service with EASM