Help Net Security
CIS Controls v8: Safeguards to mitigate the most prevalent cyber-attacks
The CIS Critical Security Controls (CIS Controls) are a prioritized set of safeguards to mitigate cyber-attacks against systems and networks. They are mapped to and referenced …
Average company with data in the cloud faces $28 million in data-breach risk
Hard-to-control collaboration, complex SaaS permissions, and risky misconfigurations — such as admin accounts without multi-factor authentication (MFA) — have left a dangerous …
When transparency is also obscurity: The conundrum that is open-source security
Open-source software (OSS) has a lot of advocates. After all, why would we continuously try and write code that solves problems that others have already solved? Why not share …
Why digital trust is the bedrock of business relationships
In this Help Net Security video, David Samuelson, CEO at ISACA, talks about how enterprises approach digital trust. While nearly 98% of respondents to an ISACA survey say that …
What should investing in cybersecurity look like for a technology organization?
To withstand cyberattacks, businesses must continually update internal systems and avoid hasty tech upgrades that might open the door to attackers. In this Help Net Security …
Is mandatory password expiration helping or hurting your password security?
For decades cybersecurity professionals held tight to the idea that passwords needed to be changed on a regular basis. In recent years, however, organizations such as NIST and …
Incident responders increasingly seek out mental health assistance
Incident responders are primarily driven by a strong sense of duty to protect others. This responsibility that’s increasingly challenged by the surge of disruptive attacks, …
HTTP request smuggling vulnerability in Node.js (CVE-2022-35256)
In this Help Net Security video, Austin Jones, Principal Software Engineer at ThreatX, explains what HTTP request smuggling is, and discusses a recently uncovered HTTP request …
Financial crises boost fraud rates, making online consumers more cautious
59% of consumers are more concerned about becoming a victim of fraud now than they were in 2021, according to a research released by Paysafe. This Help Net Security video …
Researchers outline the Lazarus APT offensive toolset
ESET researchers uncovered and analyzed a set of malicious tools that were used by the Lazarus APT group in attacks during the end of 2021. The campaign started with spear …
Detecting fileless malware infections is becoming easier
For some analysts, memory analysis is only an optional step in cybersecurity investigations. Their reasons are simple. One: Handling memory and volatile data is a complex …
The impact of DevSecOps practices on software development
A trending practice for application security, DevSecOps includes integrating security early in the software development life cycle (SDLC) and enables the delivery of reliable …
Featured news
Resources
Don't miss
- The tech that turns supply chains from brittle to unbreakable
- Strix: Open-source AI agents for penetration testing
- Product showcase: SecAlerts – Relevant, actionable, up-to-the-minute vulnerability alerts
- The year ahead in cyber: What’s next for cybersecurity in 2026
- Chinese cyber spies used Claude AI to automate 90% of their attack campaign, Anthropic claims