Help Net Security

Securing OTA with Harman International’s Michal Geva
The once far-off vision of remotely updating software without needing to bring it into a service center was initially designed for bug fixes and cybersecurity updates. Today, …

Access control in cloud-native applications in multi-location environments (NIST SP 800-207)
NIST released Special Publication (SP) 800-207A – “A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Location …

Great security training is a real challenge
All employees need security training, yet it’s generally a resented afterthought. A variety of studies over years show that human error is generally felt to be the largest …

The critical role of authorization in safeguarding financial institutions
According to a recent Cost of Data Breach report, the financial industry has the second highest average cost for a data breach, making the value well worth financial …

Mobile Verification Toolkit: Forensic analysis of Android and iOS devices to identify compromise
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of …

Download: Ultimate guide to Certified in Cybersecurity
The ultimate guide covers everything you need to know about the entry-level Certified in Cybersecurity certification and how to get started with FREE training and exam through …

Serial cybersecurity founders get back in the game
“I didn’t really have a choice,” says Ben Bernstein, the former CEO and co-founder of Twistlock (acquired by Palo Alto Networks in 2019) and the CEO and co-founder of a new …

The rise and evolution of supply chain attacks
A supply chain attack is a cyberattack that focuses on a third-party supplier providing essential services or software to the supply chain. In this Help Net Security video, …

Latest fraud schemes targeting the payments ecosystem
Threat actors continued to exploit technical misconfigurations through various fraud schemes, according to a new report from Visa. These include the use of malvertising and …

Privacy concerns cast a shadow on AI’s potential for software development
Organizations are optimistic about AI, but AI adoption requires attention to privacy and security, productivity, and training, according to GitLab. “The transformational …

17 free AWS cybersecurity courses you can take right now
Amazon Web Services (AWS) is the most extensive and widely-used cloud platform in the world, providing more than 200 services through global data centers. It serves millions …

Strategies for harmonizing DevSecOps and AI
The same digital automation tools that have revolutionized workflows for developers are creating an uphill battle regarding security. From data breaches and cyberattacks to …
Featured news
Resources
Don't miss
- Attackers exploited old flaws to breach SonicWall SMA appliances (CVE-2024-38475, CVE-2023-44221)
- New Microsoft accounts will be “passwordless by default”
- Why SMEs can no longer afford to ignore cyber risk
- Preparing for the next wave of machine identity growth
- Hottest cybersecurity open-source tools of the month: April 2025