Help Net Security
Social engineering attacks anybody could fall victim to
Social engineering – also known as human hacking – is an expression that encompasses a number of methods and vectors attackers use to manipulate targets into …
Shadowserver: Get free access to timely, critical Internet security data
The Shadowserver Foundation fulfills a unique role in the cybersecurity ecosystem by supplying vital security information to Internet defenders and law enforcement at no cost. …
cert-manager: Automatically provision and manage TLS certificates in Kubernetes
cert-manager adds certificates and certificate issuers as resource types in Kubernetes clusters and simplifies the process of obtaining, renewing, and using those …
Consumer behaviors are the root of open source risk
Sonatype unveiled its eighth annual State of the Software Supply Chain Report which, in addition to a massive surge in open source supply, demand, and malicious attacks, found …
Week in review: CISA releases RedEye, Apache Commons Text flaw, Medibank data breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Medibank hack turned into a data breach: The attackers are demanding money …
Data visualization: An invaluable tool in a defender’s arsenal
Visibility is always a priority, but it’s vital when responding to an incident. Time is always working against incident responders. Looking through rows of text data and …
How supply chain threats will evolve in 2023
Software supply chain risk has grown to be a significant concern for organizations as cyber attackers look to take advantage of the accelerating digitalization that has seen …
How phishing campaigns abuse Google Ad click tracking redirects
PhishLabs by HelpSystems has identified attackers leveraging a weakness in Google’s ad service to carry out phishing campaigns on financial institutions. In this Help Net …
The companies most likely to lose your data
Web companies are most likely to lose your data, a study shows. The study, conducted by VPN Overview, analysed major data breaches that have been registered since 2004 to …
(ISC)² to aid cybersecurity professional development in emerging economies
(ISC)² has signed a Memorandum of Understanding (MOU) with the Korea Internet & Security Agency (KISA) to strenghten cybersecurity professional development in emerging …
Why chasing risk assessments will have you chasing your tail
Third-party risk assessments are often described as time-consuming, repetitive, overwhelming, and outdated. Think about it: organizations, on average, have over 5,000 third …
Product showcase: ImmuniWeb Discovery – attack surface management with dark web monitoring
Organizations around the globe struggle to identify their IT assets hosted in a multicloud environment, on premise or managed by numerous third parties. The lack of visibility …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)