enterprise
Win-DDoS: Attackers can turn public domain controllers into DDoS agents
SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one …
From legacy to SaaS: Why complexity is the enemy of enterprise security
In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the …
Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)
“In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the …
Open-source server management platform Proxmox VE 9.0 released
Proxmox Virtual Environment (VE) 9.0 introduces advancements in both storage and networking capabilities, addressing critical enterprise demands. A highlight is the …
Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987)
Unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting the on-premise version of Trend Micro’s Apex One endpoint security platform …
What’s keeping risk leaders up at night? AI, tariffs, and cost cuts
Enterprise risk leaders are most concerned about rising tariffs and trade tensions heading into the second half of 2025, according to a new report from Gartner. The firm’s …
Secrets are leaking everywhere, and bots are to blame
Secrets like API keys, tokens, and credentials are scattered across messaging apps, spreadsheets, CI/CD logs, and even support tickets. According to Entro Security’s NHI …
Boards shift focus to tech and navigate cautious investors
Corporate boards are adjusting to a more uncertain proxy landscape, according to EY’s 2025 Proxy Season Review. The report highlights four key 2025 proxy season trends shaping …
Fighting AI with AI: How Darwinium is reshaping fraud defense
AI agents are showing up in more parts of the customer journey, from product discovery to checkout. And fraudsters are also putting them to work, often with alarming success. …
Why behavioral intelligence is becoming the bank fraud team’s best friend
In this Help Net Security interview, Seth Ruden, Senior Director of Global Advisory at BioCatch, discusses how financial institutions are addressing fraud. He explains how …
Microsoft rolls out Windows 11 “quick recovery” feature
With the latest Windows 11 update, Microsoft is saying goodbye to the infamous “Blue Screen of Death” and has enabled the quick machine recovery feature by default …
Critical CrushFTP vulnerability exploited. Have you been targeted? (CVE-2025-54309)
Unknown attackers have exploited a vulnerability (CVE-2025‑54309) in the CrushFTP enterprise file-transfer server solution to gain administrative access to vulnerable …