Help Net Security
Cyber insurance 2.0: The systemic changes required for future security
Digitalization has evolved into a systemic risk for organizations – and, therefore, cyber insurers. With the global cost of cybercrime skyrocketing, something has to change. …
Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver
ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. This threat, which ESET …
Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Faulty CrowdStrike update takes out Windows machines worldwide Hundreds of …
GenAI network acceleration requires prior WAN optimization
As GenAI models used for natural language processing, image generation, and other complex tasks often rely on large datasets that must be transmitted between distributed …
One-third of dev professionals unfamiliar with secure coding practices
Attackers consistently discover and exploit software vulnerabilities, highlighting the increasing importance of robust software security, according to OpenSSF and the Linux …
CISOs must shift from tactical defense to strategic leadership
Cyber threats are advancing quickly in size and sophistication, largely because of the rapid evolution of technology, increasing sophistication of cyber attackers, and the …
New infosec products of the week: July 19, 2024
Here’s a look at the most interesting products from the past week, featuring releases from AuditBoard, BlueVoyant, Druva, Invicti Security, and Rezonate. AuditBoard’s …
eBook: How CISSP turns career goals into reality
CISSP carries clout. As the world’s leading cybersecurity certification, it opens many professional opportunities worldwide. Find out what led 14 successful CISSPs around the …
Fighting AI-powered synthetic ID fraud with AI
Aided by the emergence of generative artificial intelligence models, synthetic identity fraud has skyrocketed, and now accounts for a staggering 85% of all identity fraud …
Grype: Open-source vulnerability scanner for container images, filesystems
Grype is an open-source vulnerability scanner designed for container images and filesystems that seamlessly integrates with Syft, a powerful Software Bill of Materials (SBOM) …
Signatures should become cloud security history
It’s becoming evident that the legacy practice of signature-based threat detection needs to be improved for cloud security challenges. In this Help Net Security video, …
Most GitHub Actions workflows are insecure in some way
Most GitHub Actions are susceptible to exploitation; they are overly privileged or have risky dependencies, according to Legit Security. GitHub Actions security flaws pose …
Featured news
Resources
Don't miss
- Building a healthcare cybersecurity strategy that works
- AI-generated images have a problem of credibility, not creativity
- The five-minute guide to OT cyber resilience
- Another remotely exploitable Oracle EBS vulnerability requires your attention (CVE-2025-61884)
- Apple offers $2 million for zero-click exploit chains