Help Net Security

Most SaaS adopters exposed to browser-borne attacks
Even though the adoption of SaaS apps started more than ten years ago, CISOs are still finding it challenging to tackle the accumulated security debt. Significant deficiencies …

Attackers are logging in instead of breaking in
Cyberattackers leveraged more than 500 unique tools and tactics in 2022, according to Sophos. The data, analyzed from more than 150 Sophos Incident Response (IR) cases, …

AI tools help attackers develop sophisticated phishing campaigns
Phishing scams are a growing threat, and cybercriminals’ methods are becoming increasingly sophisticated, making them harder to detect and block, according to Zscaler report. …

The silent killers in digital healthcare
As digital transformation revolutionizes the healthcare industry, its use of API (application programming interfaces) technology is skyrocketing. APIs, which help users and …

Securing the rapidly developing edge ecosystem
In this Help Net Security video interview, Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Business, discusses the 12th annual Cybersecurity Insights Report, …

Rethinking the effectiveness of current authentication initiatives
As user credentials continue to be a top vector for cyberattacks, organizations are under tremendous pressure to rethink the effectiveness of current authentication …

The double-edged sword of open-source software
The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming …

Organizations are stepping up their game against cyber threats
Global median dwell time drops to just over two weeks, reflecting the essential role partnerships and the exchange of information play in building a more resilient …

How product security reached maturity
Product security has been driving major changes throughout the automotive, medical, and industrial sectors. However, just a few short years ago, it was a term few knew and …

Unlocking the passwordless era
Although interest in passwordless technology, which aims to eliminate the need for passwords, is relatively low, 65% of consumers are receptive to using new technology that …

A third-party’s perspective on third-party InfoSec risk management
More than ever, organizations are relying on third parties to streamline operations, scale their business, expand and leverage expertise, and reduce costs. In the complex and …

How CISOs navigate security and compliance in a multi-cloud world
Due to the increasing importance of multi-cloud and the intricate nature of cloud infrastructure, obtaining a comprehensive understanding of the various cloud workloads …
Featured news
Resources
Don't miss
- PoC exploit for SysAid pre-auth RCE released, upgrade quickly!
- Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)
- Digital welfare fraud: ALTSRUS syndicate exploits the financially vulnerable
- Rethinking AppSec: How DevOps, containers, and serverless are changing the rules
- Autorize: Burp Suite extension for automatic authorization enforcement detection