Help Net Security
Week in review: QNAP NAS ransomware, threat modeling, the realities of working in cybersecurity
Here’s an overview of some of last week’s most interesting news, articles and interviews: Attackers can teach you to defend your organization against phishing Using the kill …
Shedding light on the threat posed by shadow admins
Few organizations would purposefully hand a huge responsibility to a junior staff member before letting them fly solo on their own personal projects, but that’s effectively …
APIs in the insurance industry: Accessing a growing world of data
The insurance industry is vast and varied. It can be found in nearly every country in the world, with the earliest references dating back as early as 1750 BC. Modern …
What is threat modeling and why should you care?
While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system …
Researchers develop program that helps assess encryption systems’ vulnerabilities
Anastasia Malashina, a doctoral student at HSE University, has proposed a new method to assess vulnerabilities in encryption systems, which is based on a brute-force search of …
Lack of visibility into IT assets impacting security priorities
Axonius released a report which reveals the extremes to which the pandemic escalated lack of visibility into IT assets and how that is impacting security priorities. According …
AI can alter geospatial data to create deepfake geography
A fire in Central Park seems to appear as a smoke plume and a line of flames in a satellite image. Colorful lights on Diwali night in India, seen from space, seem to show …
PKI market valuation to cross $7 billion by 2027
The market valuation of public key infrastructure will cross $7 billion by 2027, according to Global Market Insights. Rising digital interaction and reliance on digital …
MythBusters: What pentesting is (and what it is not)
You’ve probably seen the term pentesting pop up in security research and articles, but do you know what it really means? Simply put, penetration testing is a security …
The realities of working in and pursuing a career in cybersecurity
(ISC)² released a study which provides insights on how to successfully staff up a balanced and diverse cybersecurity team with a broad range of skills. Cybersecurity career …
Penetration testing leaving organizations with too many blind spots
While organizations invest significantly and rely heavily on penetration testing for security, the widely used approach doesn’t accurately measure their overall security …
Middle market companies facing a record number of data breaches
Middle market companies possess a significant amount of valuable data but continue to lack appropriate levels of protective controls and staffing, according to a report from …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)