Mirko Zorz
Review: Effective Vulnerability Management
Effective Vulnerability Management offers a view of a key part of cybersecurity, showing how practices, tools, and processes can help organizations reduce risk. About the …
Why SMEs can no longer afford to ignore cyber risk
In this Help Net Security interview, Steven Furnell, Professor of Cyber Security at the University of Nottingham, illustrates how small and medium-sized businesses (SMEs) must …
Preparing for the next wave of machine identity growth
Machine identities are multiplying fast, and many organizations are struggling to keep up. In this Help Net Security interview, Wendy Wu, CMO at SailPoint, explains why …
Villain: Open-source framework for managing and enhancing reverse shells
Villain is an open-source Stage 0/1 command-and-control (C2) framework designed to manage multiple reverse TCP and HoaxShell-based shells. Beyond simply handling connections, …
What’s worth automating in cyber hygiene, and what’s not
Cyber hygiene sounds simple. Patch your systems, remove old accounts, update your software. But for large organizations, this gets messy fast. Systems number in the thousands. …
Want faster products and stronger trust? Build security in, not bolt it on
In this Help Net Security interview, Christopher Kennedy, CISO at Group 1001, discusses how cybersecurity initiatives are reshaping enterprise cybersecurity strategy. He …
DDoS attacks jump 358% compared to last year
Cloudflare says it mitigated 20.5 million DDoS attacks in the first quarter of 2025. This is a 358% increase compared to the same time last year. Their Q1 2025 DDoS report …
Skyhawk Security brings preemptive cloud app defense to RSAC 2025
Skyhawk Security is adding new protection for custom-built cloud applications. The company announced the update to its AI-powered Autonomous Purple Team for RSAC 2025 …
Review: Artificial Intelligence for Cybersecurity
Artificial Intelligence for Cybersecurity is a practical guide to how AI and machine learning are changing the way we defend digital systems. The book aims to explain how AI …
SWE-agent: Open-source tool uses LLMs to fix issues in GitHub repositories
By connecting powerful language models like GPT-4o and Claude Sonnet 3.5 to real-world tools, the open-source tool SWE-agent allows them to autonomously perform complex tasks: …
The legal blind spot of shadow IT
Shadow IT isn’t just a security risk, it’s a legal one. When teams use unsanctioned tools, they can trigger compliance violations, expose sensitive data, or break contracts. …
Email authentication simplified: How PowerDMARC makes DMARC effortless
Email is still the top way attackers get into organizations. Now, big players like Google, Yahoo, and Microsoft are cracking down. They’re starting to require email …