Help Net Security
Ukrainian hacker gets prison for infostealer operations
Ukrainian national Mark Sokolovsky was sentenced to 60 months in federal prison for one count of conspiracy to commit computer intrusion. According to court documents, he …
Are threat feeds masking your biggest security blind spot?
Security teams that subscribe to threat feeds get lists of known malicious domains, IPs, and file signatures that they can leverage to blacklist and prevent attacks from those …
CISO accountability: Navigating a landscape of responsibility
What was once primarily a technical role, CISOs now find themselves accountable for organizational risk, regulatory compliance, and even legal liabilities across the entire …
Vanir: Open-source security patch validation for Android
Google’s open-source tool Vanir enables Android developers to quickly scan custom platform code for missing or applicable security patches. By automating patch …
Consumers wrongly attribute all data breaches to cybercriminals
Breaches in 2024 had less impact on consumers’ trust in brands compared to the previous year (a 6.5% decrease from 62% in 2023 to 58% in 2024), according to a recent Vercara …
Kali Linux 2024.4 released! 14 new shiny tools added
Kali Linux 2024.4 includes a broad set of updates and changes. The summary of the changelog since the 2024.3 release from September: Python 3.12 – New default Python …
The shifting security landscape: 2025 predictions and challenges
As the borderless threat ecosystem poses new challenges for companies and governments worldwide, CISA’s 2025-2026 International Plan aims to address this problem. CISA’s …
With DORA approaching, financial institutions must strengthen their cyber resilience
The clock is ticking for financial institutions across the EU as the January 17, 2025, deadline for the Digital Operational Resilience Act (DORA) approaches. This regulation …
Overlooking platform security weakens long-term cybersecurity posture
Platform security – securing the hardware and firmware of PCs, laptops and printers – is often overlooked, weakening cybersecurity posture for years to come, according to HP. …
Week in review: Microsoft fixes exploited 0-day, top cybersecurity books for your holiday gift list
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes exploited zero-day (CVE-2024-49138) On December 2024 Patch …
FuzzyAI: Open-source tool for automated LLM fuzzing
FuzzyAI is an open-source framework that helps organizations identify and address AI model vulnerabilities in cloud-hosted and in-house AI models, like guardrail bypassing and …
CISOs need to consider the personal risks associated with their role
70% of cybersecurity leaders felt that stories of CISOs being held personally liable for cybersecurity incidents have negatively affected their opinion of the role, according …
Featured news
Resources
Don't miss
- Hanko: Open-source authentication and user management
- Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel
- CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)
- Deepfake attacks could cost you more than money
- Coinbase suffers data breach, gets extorted (but won’t pay)