Help Net Security
Ransomware groups shift to quadruple extortion to maximize pressure
Threat actors are using a new quadruple extortion tactic in ransomware campaigns, while double extortion remains the most common approach, according to Akamai. Ransomware …
The surprising truth about identity security confidence
Organizations most confident in their identity security are often the least prepared, according to a new report from BeyondID. The study reveals a troubling gap between what …
Week in review: Food sector cybersecurity risks, cyber threats to space infrastructure
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: LLM Engineer’s Handbook For all the excitement around LLMs, …
What attackers know about your company thanks to AI
In this Help Net Security video, Tom Cross, Head of Threat Research at GetReal Security, explores how generative AI is empowering threat actors. He breaks down three key …
Why stolen credentials remain cybercriminals’ tool of choice
It’s often the case that the simplest tools have the longest staying power, because they ultimately get the job done. Take duct tape, for example: it’s a sturdy household …
Beyond Passwords: A Guide to Advanced Enterprise Security Protection
Credentials, not firewalls, are now the front line of enterprise security. Attackers are bypassing traditional defenses using stolen passwords, infostealer malware, and MFA …
Ransomware will thrive until we change our strategy
We have reached a stage where ransomware isn’t simply a cybercrime issue: it is now clearly a business disruptor, a threat to societal trust, and increasingly, a national …
Your supply chain security strategy might be missing the biggest risk
Third-party involvement in data breaches has doubled this year from 15 percent to nearly 30 percent. In response, many organizations have sharpened their focus on third-party …
How to fight document fraud with the latest tech tools
In this Help Net Security video, Thomas Berndorfer, CEO of Connecting Software, explores cutting-edge technologies designed to detect and prevent document forgery and digital …
Week in review: Microsoft SharePoint servers under attack, landing your first cybersecurity job
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft pins on-prem SharePoint attacks on Chinese threat actors As …
Six months into DORA, most financial firms are still not ready
It’s been six months since the EU’s Digital Operational Resilience Act (DORA) came into effect, but a new Censuswide survey shows that nearly all financial services …
Autoswagger: Open-source tool to expose hidden API authorization flaws
Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises …
Featured news
Resources
Don't miss
- Can your earbuds recognize you? Researchers are working on it
- Dependency-Track: Open-source component analysis platform
- DDoS, data theft, and malware are storming the gaming industry
- Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287)
- Microsoft blocks risky file previews in Windows File Explorer