Help Net Security
Diversifying cyber teams to tackle complex threats
Technologies such as GenAI, ML and IoT are giving threat actors new tools that make it easier to target consumers and organizations. From Savvy Seahorse which lures victims …
73% of security pros use unauthorized SaaS applications
73% of security professionals admit to using SaaS applications that had not been provided by their company’s IT team in the past year, according to Next DLP. Unauthorized tool …
GuardZoo spyware used by Houthis to target military personnel
Lookout discovered GuardZoo, Android spyware targeting Middle Eastern military personnel. This campaign leverages malicious apps with military and religious themes to lure …
Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack
A new critical security vulnerability in the RADIUS protocol, dubbed BlastRADIUS (CVE-2024-3596), leaves most networking equipment open to Man-in-the-Middle (MitM) attacks. …
Microsoft’s cybersecurity dilemma: An open letter to Satya Nadella
Microsoft is suffering cybersecurity failures due to systemic problems with strategic leadership. The world is witnessing an alarming trend of cybersecurity issues with …
Shadow engineering exposed: Addressing the risks of unauthorized engineering practices
Shadow engineering is present in many organizations, and it can lead to security, compliance, and risk challenges. In this Help Net Security video, Darren Meyer, Staff …
Monocle: Open-source LLM for binary analysis search
Monocle is open-source tooling backed by a large language model (LLM) for performing natural language searches against compiled target binaries. Monocle can be provided with a …
Organizations change recruitment strategies to find cyber talent
An estimated 4 million professionals are needed to fill the growing cybersecurity workforce gap, according to Fortinet. At the same time, Fortinet’s 2024 Global …
Week in review: A need for a DDoS response plan, human oversight in AI-enhanced software development
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 4 key steps to building an incident response plan In this Help Net Security …
Infostealing malware masquerading as generative AI tools
Over the past six months, there has been a notable surge in Android financial threats – malware targeting victims’ mobile banking funds, whether in the form of …
99% of IoT exploitation attempts rely on previously known CVEs
The explosion of Internet of Things (IoT) devices has brought about a wide range of security and privacy challenges, according to Bitdefender and NETGEAR. The report is based …
47% of corporate data stored in the cloud is sensitive
As the use of the cloud continues to be strategically vital to many organizations, cloud resources have become the biggest targets for cyberattacks, with SaaS applications …
Featured news
Resources
Don't miss
- AI is changing cybersecurity roles, and entry-level jobs are at risk
- From cleaners to creepers: The risk of mobile privilege escalation
- Researchers unearth keyloggers on Outlook login pages
- Hackers love events. Why aren’t more CISOs paying attention?
- Before scaling GenAI, map your LLM usage and risk zones