Help Net Security
The holy trifecta for developing a secure API
It’s hard to write good API specifications, and since most API gateways use them as IAC, they should be carefully checked for common mistakes. Writing an API that sticks …
3 types of attack paths in Microsoft Active Directory environments
A common question we are asked by clients after deploying is, “Are attack paths in Active Directory this bad for everyone?” The answer is usually “Yes,” which doesn’t make …
A personal perspective on investing in cybersecurity
Cyber threats worldwide continue to escalate and drive continued innovation and investment in cybersecurity. Cyber budgets remain high, and how the cyber market continues to …
Wolfi Linux provides the control needed to fix modern supply chain threats
There’s been a massive push for supply chain security in the last few years: integrity protection, vulnerability management, and transparency. This push has left …
Businesses find remote work security risks less daunting than before
After two years of the pandemic, confidence in addressing certain security risks and threats arising from hybrid and remote work has improved among businesses and …
Scams targeting crypto enthusiasts are becoming increasingly common
Group-IB has noted a fivefold increase in the number of domains used for crypto giveaway scams that involve fake YouTube streams in the first half of 2022. This Help Net …
The various ways ransomware impacts your organization
Despite increased investment in tools to fight ransomware, 90% of organizations were affected by ransomware in some capacity over the past 12 months, according to …
Making a business case for security in a world of tightening budgets
With talk of a possible recession approaching (if one isn’t already upon us), many businesses are already applying a higher level of scrutiny to spending—even for …
The key differences between a business continuity plan and a disaster recovery plan
In this Help Net Security video, Chip Gibbons, CISO at Thrive, illustrates the differences between a business continuity plan and a disaster recovery plan. While these terms …
Open source projects under attack, with enterprises as the ultimate targets
Sonatype has found a massive year-over-year increase in cyberattacks aimed at open source projects. According to early data from Sonatype’s 8th annual State of the …
Why zero trust should be the foundation of your cybersecurity ecosystem
For cybersecurity professionals, it is a huge challenge to separate the “good guys” from the “villains”. In the past, most cyberattacks could simply be traced to external …
3 ways to gauge your company’s preparedness to recover from data loss
Use these three questions to assess your company’s preparedness to retrieve lost data. 1. Do you have backups of your data? This fundamental question is the basis of …
Featured news
Resources
Don't miss
- State-backed phishing attacks targeting military officials and journalists on Signal
- Poland’s energy control systems were breached through exposed VPN access
- CISA orders US federal agencies to replace unsupported edge devices
- Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)
- February 2026 Patch Tuesday forecast: Lots of OOB love this month