Help Net Security
Strategic AI readiness for cybersecurity: From hype to reality
AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity. Many companies could encounter serious …
Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques
MITRE’s Attack Flow project aims to translate complex cyber operations into a structured language. By describing how adversaries sequence and combine offensive …
Browser extensions make nearly every employee a potential attack vector
Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have …
Why shorter SSL/TLS certificate lifespans matter
Digital certificates are the unsung heroes of the internet, silently verifying that the websites, apps, and services you use are legit and your data is safe. For years, we’ve …
94% of firms say pentesting is essential, but few are doing it right
Organizations are fixing less than half of all exploitable vulnerabilities, with just 21% of GenAI app flaws being resolved, according to Cobalt. Big firms take longer to fix …
Chief Legal Officers step up in cybersecurity oversight
In this Help Net Security video, Jennifer Chen, Executive Director of the Association of Corporate Counsel (ACC) Foundation, discusses how globally, Chief Legal Officers …
Organizations can’t afford to be non-compliant
Non-compliance can cost organizations 2.71 times more than maintaining compliance programs, according to Secureframe. That’s because non-compliance can result in business …
Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) …
Ransomware groups push negotiations to new levels of uncertainty
Ransomware attacks increased by nearly 20% in 2024, and the severity rose by 13%, according to At-Bay. The blast radius of ransomware continues to grow as businesses impacted …
iOS devices face twice the phishing attacks of Android
2024 brought about countless new cybersecurity challenges including significant growth of the mobile threat landscape, according to Lookout. Threat actors, ranging from …
How to find out if your AI vendor is a security risk
One of the most pressing concerns with AI adoption is data leakage. Consider this: An employee logs into their favorite AI chatbot, pastes sensitive corporate data, and asks …
Enzoic AD Lite Password Audit Report
Enzoic for AD Lite Password Auditor is an innovative tool designed to integrate with an organization’s Active Directory environment seamlessly. Enzoic analyzed the 2024 AD …
Featured news
Resources
Don't miss
- What 35 years of privacy law say about the state of data protection
- 40 open-source tools redefining how security teams secure the stack
- Password habits are changing, and the data shows how far we’ve come
- Product showcase: Tuta – secure, encrypted, private email
- Henkel CISO on the messy truth of monitoring factories built across decades