Help Net Security
It’s time to embrace GDPR
The noise around the General Data Protection Regulation (GDPR) has been unavoidable, and for good reason. GDPR is coming into effect in a few short days (May 25 to be exact). …
Verifying data processing for privacy and GDPR
GDPR has been a topic of conversation in the security risk and management world since the regulatory action was proposed in 2012. Recent events have led to a greater interest …
High-level vulnerabilities discovered in 84% of Android shopping apps
More than 84% of the shopping apps have three or more high-level security vulnerabilities, according to a security assessment by Appknox and Seworks. A total of 274 …
America’s most cyber insecure cities exposed
Coronet researchers identified Las Vegas, Memphis and Charlotte as America’s most cyber insecure cities. “While big companies may have the budgets, personnel and …
Fighting ransomware with network segmentation as a path to resiliency
Recent cybersecurity events involving the use of ransomware (WannaCry and similar variants) represent the latest examples highlighting the need for organizations to not only …
The operations and economics of organized criminal email groups
Nine of the 10 captured organized criminal email groups operate out of Nigeria, they all leverage a multitude of attack methods, and business email compromise (BEC) is far …
The ethical and legal dilemmas of threat researchers
Threat intelligence is mainstreaming into a de-facto everyday tool of cyber-defense. But all that intelligence must be collected, analyzed, and prepared by someone. Enter …
Are you ready for the GDPR deadline?
The General Data Protection Regulation (GDPR) compliance deadline looms four days away, but only 29 percent of companies will be ready, according to a new global survey by …
Don’t let attackers worm their way in: Increase password security
Passwords are inherently the weakest form of authentication, yet they remain the most prevalent. Many organizations realize that moving beyond this single point of …
PCI Security Standards Council publishes PCI DSS 3.2.1
PCI DSS version 3.2.1 replaces version 3.2 to account for effective dates and SSL/early TLS migration deadlines that have passed. No new requirements are added in PCI DSS …
Week in review: Office 365 phishing threats, companies ditch data as GDPR approaches
Here’s an overview of some of last week’s most interesting news, podcasts and articles: How can Office 365 phishing threats be addressed? The frequency of phishing …
Internet of Things: Who is watching you?
An overwhelming number of IT security professionals (85%) see a cyberattack on critical infrastructure happening in the next five years. Pwnie Express CEO Todd DeSisto says …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)