Help Net Security

Love for sports could lead to poor password practices
33% of Americans have used a sports-related term in a password, according to Bitwarden. Those who have are twice as likely to have used one inspired by a professional sports …

Ransomware in 2024: Anticipated impact, targets, and landscape shift
As ransomware continues to be on the rise, we can expect groups to continue to evolve their attacks and operate at a larger scale for bigger profits. This will put …

Using AI and automation to manage human cyber risk
Despite advanced security protocols, many cybersecurity incidents are still caused by employee actions. In this Help Net Security video, John Scott, Lead Cybersecurity …

OpenTofu: Open-source alternative to Terraform
OpenTofu is an open-source alternative to Terraform’s widely used Infrastructure as Code provisioning tool. Previously named OpenTF, OpenTofu is an open and …

Third-party breaches shake the foundations of the energy sector
90% of the world’s largest energy companies experienced a third-party breach in the past 12 months, according to SecurityScorecard. Powering the global economy and everyday …

Product showcase: Apiiro unifies AppSec and SSCS in a deep ASPM
With the rapidly evolving threat landscape and complexity of interconnected applications, identifying real, business-critical application risks is more challenging than ever. …

21 high-risk vulnerabilities in OT/IoT routers found
Forescout detailed the discovery of 21 new vulnerabilities in OT/IoT routers and open-source software elements. The “SIERRA:21 – Living on the Edge” report features research …

Three security data predictions for 2024
How do companies protect their digital environments in a world where everything is growing more complex, quickly – data, customer expectations, cyber threats and more? It’s …

5 open-source tools for pentesting Kubernetes you should check out
Kubernetes, often called K8s, is an open-source platform designed to automate the deployment, scaling, and operations of containerized applications. Kubernetes has become a …

Why zero-trust segmentation is critical for cloud resilience
Nearly all organizations rely on the cloud to store sensitive data and run critical systems. But for many, cloud security hasn’t kept up. 93% agree that zero-trust …

Businesses gain upper hand with GenAI integration
Firms that actively harness generative AI to enhance experiences, offerings, and productivity will realize outsized growth and will outpace their competition, according to …

How AI is revolutionizing “shift left” testing in API security
Catching coding errors in API preproduction, before they are spun up and go live is critical in preventing exploitable vulnerabilities. It’s why we’ve seen “shift left” become …