Help Net Security

Industrial security is on shaky ground and leaders need to pay attention
44% of industrial organizations claim to have strong real-time cyber visibility, but nearly 60% have low to no confidence in their OT and IoT threat detection capabilities, …

GenAI is everywhere, but security policies haven’t caught up
Nearly three out of four European IT and cybersecurity professionals say staff are already using generative AI at work, up ten points in a year, but just under a third of …

How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
This article shares initial findings from internal Bitdefender Labs research into Living off the Land (LOTL) techniques. Our team at Bitdefender Labs, comprised of hundreds of …

How exposure-enriched SOC data can cut cyberattacks in half by 2028
Gartner projects that by 2028, organizations enriching their Security Operations Center (SOC) data with exposure insights will reduce the frequency and impact of cyberattacks …

Why AI agents could be the next insider threat
In this Help Net Security video, Arun Shrestha, CEO of BeyondID, explains how AI agents, now embedded in daily operations, are often over-permissioned, under-monitored, and …

Third-party breaches double, creating ripple effects across industries
Supply chain risks remain top-of-mind for the vast majority of CISOs and cybersecurity leaders, according to SecurityScorecard. Their findings reveal that the way most …

Week in review: Backdoor found in SOHO devices running Linux, high-risk WinRAR RCE flaw patched
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Stealthy backdoor found hiding in SOHO devices running Linux …

After a hack many firms still say nothing, and that’s a problem
Attackers are more inclined to “log in rather than break in,” using stolen credentials, legitimate tools, and native access to stealthily blend into their …

We know GenAI is risky, so why aren’t we fixing its flaws?
Even though GenAI threats are a top concern for both security teams and leadership, the current level of testing and remediation for LLM and AI-powered applications isn’t …

Breaking the cycle of attack playbook reuse
Threat actors have learned an old business trick: find what works, and repeat it. Across countless cyberattacks, Bitdefender has observed adversaries consistently applying the …

Kanister: Open-source data protection workflow management tool
Kanister is an open-source tool that lets domain experts define how to manage application data using blueprints that are easy to share and update. It handles the complex parts …

Most AI and SaaS apps are outside IT’s control
60% of enterprise SaaS and AI applications operate outside IT’s visibility, according to CloudEagle.ai. This surge in invisible IT is fueling a crisis in AI identity …
Featured news
Resources
Don't miss
- August 2025 Patch Tuesday forecast: Try, try again
- Third-party partners or ticking time bombs?
- What GPT‑5 means for IT teams, devs, and the future of AI at work
- Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)
- SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls