Help Net Security
Week in review: F5 BIG-IP RCE exploitation, URL spoofing flaws in Zoom, Google Docs
Here’s an overview of some of last week’s most interesting news, articles and interviews: Microsoft patches Windows LSA spoofing zero-day under active attack (CVE-2022-26925) …
A 10-point plan to improve the security of open source software
The Linux Foundation and the Open Source Software Security Foundation, with input provided by executives from 37 companies and many U.S. government leaders, delivered a …
The state of mental health in the cybersecurity community
A report from Tines revealed the state of mental health among cybersecurity professionals. The past few years have been particularly challenging. Remote work, talent shortage, …
The SaaS-to-SaaS supply chain is a wild, wild mess
Cloud migration and IT democratization have created a continuously growing network of interconnected business applications, integrated to digitize and automate business …
Why are DDoS attacks so easy to launch and so hard to defend against?
DDoS attacks are an underappreciated residual risk for most organizations today. While most people are concerned about ransomware, it typically takes a ransomware attacks …
Top tech for enterprise identity governance and security
Clear Skye and Gradient Flow announced the findings of their survey exploring the state of identity governance and security in the enterprise. The survey questioned 500+ …
63% of cybersecurity pros say their stress levels have risen over the past year
Tines has released the findings from a report to shine light on mental health in the cybersecurity community. The increased pressures of the past few years, remote work, the …
Secure your CMS-based websites against pervasive attacks
Sucuri Security’s 2021 Website Threat Research Report has revealed that payment card skimmers are becoming more common in exploit kits affecting WordPress websites, and …
Shrinking healthcare cybersecurity gaps between hospitals and manufacturers
The relationship between medical device manufacturers (MDMs) and healthcare delivery organizations (HDOs) has always been challenged by a lack of good communication, mostly to …
How to avoid headaches when publishing a CVE
You have discovered a vulnerability. Congratulations! So, what happens next? Finding a CVE (Common Vulnerabilities and Exposures) is the first step in a process which starts …
10 best practices to reduce the probability of a material breach
ThoughtLab announced the findings of its 2022 cybersecurity benchmarking study which analyzed the cybersecurity strategies and results of 1,200 large organizations across 14 …
Ransomware works fast, you need to be faster to counter it
Since the pandemic hit and organizations had to quickly adjust to widespread remote work and stand up hybrid environments, ransomware gangs have been having a field day. In …
Featured news
Resources
Don't miss
- CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)
- Deepfake attacks could cost you more than money
- Coinbase suffers data breach, gets extorted (but won’t pay)
- Samsung patches MagicINFO 9 Server vulnerability exploited by attackers
- Building cybersecurity culture in science-driven organizations