cybersecurity
Signatures should become cloud security history
It’s becoming evident that the legacy practice of signature-based threat detection needs to be improved for cloud security challenges. In this Help Net Security video, …
Overlooked essentials: API security best practices
In this Help Net Security interview, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID …
SubSnipe: Open-source tool for finding subdomains vulnerable to takeover
SubSnipe is an open-source, multi-threaded tool to help find subdomains vulnerable to takeover. It’s simpler, produces better output, and has more fingerprints than …
Most GitHub Actions workflows are insecure in some way
Most GitHub Actions are susceptible to exploitation; they are overly privileged or have risky dependencies, according to Legit Security. GitHub Actions security flaws pose …
ChatGPTriage: How can CISOs see and control employees’ AI use?
It’s been less than 18 months since the public introduction of ChatGPT, which gained 100 million users in less than two months. Given the hype, you would expect enterprise …
Managing exam pressure: Tips for certification preparation
In this Help Net Security interview, Seth Hodgson, SVP of Engineering at Udemy, discusses effective study techniques for cybersecurity certification exams. Hodgson discusses …
Firmware update hides Bluetooth fingerprints
A smartphone’s unique Bluetooth fingerprint could be used to track the device’s user–until now. A team of researchers has developed a simple firmware update that can …
Paris 2024 Olympics to face complex cyber threats
While previous Olympic games have faced cybersecurity threats, the Games of the XXXIII Olympiad, also known as Paris 2024, will see the largest number of threats, the most …
Risk related to non-human identities: Believe the hype, reject the FUD
The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and …
Realm: Open-source adversary emulation framework
Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation. It’s designed to handle engagements of any size. “Realm …
Discover the growing threats to data security
In this Help Net Security interview, Pranava Adduri, CEO at Bedrock Security, discusses how businesses can identify and prioritize their data security risks. Adduri emphasizes …
Pressure mounts for C-Suite executives to implement GenAI solutions
87% of C-Suite executives feel under pressure to implement GenAI solutions at speed and scale, according to RWS. Despite these pressures, 76% expressed an overwhelming …
Featured news
Resources
Don't miss
- LLMs can boost cybersecurity decisions, but not for everyone
- The unseen side of malware and how to find it
- SonicWall says attackers compromised some firewall configuration backup files
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!