Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

Sinisa Markovic

target
MuddyWater cyber campaign adds new backdoors in latest wave of attacks

ESET researchers say an Iran aligned threat group is refining its playbook again, and the latest activity shows how much its tactics have shifted. MuddyWater is a long running …

world map
Offensive cyber power is spreading fast and changing global security

Offensive cyber activity has moved far beyond a handful of major powers. More governments now rely on digital operations to project influence during geopolitical tension, …

passwords
Enterprise password audits made practical for busy security teams

Security teams carry a heavy load, and password risk is one of the most overlooked parts of that workload. Every year new systems, cloud tools, and shared services add more …

machine learning privacy
New observational auditing framework takes aim at machine learning privacy leaks

Machine learning (ML) privacy concerns continue to surface, as audits show that models can reveal parts of the labels (the user’s choice, expressed preference, or the result …

PCI DSS
Why password management defines PCI DSS success

Most CISOs spend their days dealing with noisy dashboards and vendor pitches that all promise a shortcut to compliance. It can be overwhelming to sort out what matters. When …

LLM
Small language models step into the fight against phishing sites

Phishing sites keep rising, and security teams are searching for ways to sort suspicious pages at speed. A recent study explores whether small language models (SLMs) can scan …

DeepTeam
DeepTeam: Open-source LLM red teaming framework

Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an …

Tor
Tor Project is rolling out Counter Galois Onion encryption

People who rely on Tor expect their traffic to move through the network without giving away who they are. That trust depends on the strength of the encryption that protects …

Microsoft
Microsoft cracks down on malicious meeting invites

Phishing is shifting into places people rarely check. Meeting invites that plant themselves on calendars can survive long after the malicious email is gone. That leaves a …

aircraft cabin
Aircraft cabin IoT leaves vendor and passenger data exposed

The expansion of IoT devices in shared, multi-vendor environments, such as aircraft cabins, has created tension between the benefits of data collaboration and the risks to …

cnspec
cnspec: Open-source, cloud-native security and policy project

cnspec is an open source tool that helps when you are trying to keep a sprawling setup of clouds, containers, APIs and endpoints under control. It checks security and …

password
Is your password manager truly GDPR compliant?

Passwords sit at the core of every critical system, but many organizations still overlook how fragile their password workflows can be. When something goes wrong, security …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools