Help Net Security
After a hack many firms still say nothing, and that’s a problem
Attackers are more inclined to “log in rather than break in,” using stolen credentials, legitimate tools, and native access to stealthily blend into their …
We know GenAI is risky, so why aren’t we fixing its flaws?
Even though GenAI threats are a top concern for both security teams and leadership, the current level of testing and remediation for LLM and AI-powered applications isn’t …
Breaking the cycle of attack playbook reuse
Threat actors have learned an old business trick: find what works, and repeat it. Across countless cyberattacks, Bitdefender has observed adversaries consistently applying the …
Kanister: Open-source data protection workflow management tool
Kanister is an open-source tool that lets domain experts define how to manage application data using blueprints that are easy to share and update. It handles the complex parts …
Most AI and SaaS apps are outside IT’s control
60% of enterprise SaaS and AI applications operate outside IT’s visibility, according to CloudEagle.ai. This surge in invisible IT is fueling a crisis in AI identity …
Why the SOC needs its “Moneyball” moment
In the classic book and later Brad Pitt movie Moneyball, the Oakland A’s didn’t beat baseball’s giants by spending more – they won by thinking differently, scouting …
Companies negotiate their way to lower ransom payments
Nearly 50% of companies paid the ransom to recover their data, the second-highest rate in six years, according to Sophos. How actual payments stack up with the initial demand …
Users lack control as major AI platforms share personal info with third parties
Some of the most popular generative AI and large language model (LLM) platforms, from companies like Meta, Google, and Microsoft, are collecting sensitive data and sharing it …
Reconmap: Open-source vulnerability assessment, pentesting management platform
Reconmap is an open source tool for vulnerability assessments and penetration testing. It helps security teams plan, carry out, and report on security tests from start to …
The real story behind cloud repatriation in 2025
In this Help Net Security video, Mark Wilson, Technology and Innovation Director at Node4, shares key insights from the company’s 2025 mid-market report. He explores the …
Medical device cyberattacks push hospitals into crisis mode
22% of healthcare organizations have experienced cyberattacks that directly impacted medical devices, according to RunSafe Security. Three-quarters of these incidents …
Week in review: Keyloggers found on Outlook login pages, police shut down dark web drug market
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Researchers unearth keyloggers on Outlook login pages Unknown threat actors …