Microsoft is right, mandatory password changes are obsolete
Microsoft has recently come out and said that mandatory password changing is ancient and obsolete. This goes directly against everything we were trained to think for the last …
Solving security problems: Security advice for those with limited resources
In this interview, Mark Sangster, VP & Industry Security Strategist at eSentire, gives SMBs advice on how to minimize the risk of a data breach through better security …
Security or compliance? Stop choosing between them
The difference between security and compliance is more than just process. It’s philosophy and practice. Compliance can be one tactical execution of a great security strategy …
Securing modern web apps: A case for framework-aware SAST
If you were to write a web application entirely by yourself, it would be a rather daunting task. You would need to write the UI elements from lower-level APIs, set up and …
Do you have what it takes to be a hardware hacker?
If you ask Yago Hansen, a hacker specialized in Wi-Fi and RF security, curiosity and a willingness to learn and improve your skills are the two things that you absolutely must …
Cybersecurity crisis communication: How to do it well
Riviera Beach is one of the several cities and towns in Florida which have recently been hit with ransomware. Its local government, like that of Lake City before it, decided …
How human bias impacts cybersecurity decision making
The human brain is a fantastic machine, but we’re all subject to cognitive bias and reasoning errors – and cybersecurity pros are no exception. In a newly released …
Best practices when implementing SD-WAN
Telecoms is an overall complex business – delivering network circuits and optimizing connections – but SD-WAN has its own very specific set of obstacles. SD-WAN involves many …
Too fast, too insecure: Securing Mongo Express web administrative interfaces
Mongo Express is a lightweight web-based administrative interface deployed to manage MongoDB databases interactively. It is authored using Node.js, Express and Bootstrap …
Employee cybersecurity essentials part 2: Lost devices and unsafe connections
Security is only as strong as its weakest link, and as we have seen, that includes your employees. Faulting workers for behavior they’ve become accustomed to in their private …
Secure workloads without slowing down your DevOps flows
In this Help Net Security podcast recorded at RSA Conference 2019, David Meltzer, CTO at Tripwire, and Lamar Bailey, Senior Director of Security Research at Tripwire, discuss …
Employee cybersecurity essentials part 1: Passwords and phishing
Your company may have state-of-the-art monitoring and the latest anti-malware and anti-virus programs, but that doesn’t mean you’re not at risk for a breach, or that – as an …
Featured news
Resources
Don't miss
- Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
- June 2025 Patch Tuesday forecast: Second time is the charm?
- Why IAM should be the starting point for AI-driven cybersecurity
- Protecting patient data starts with knowing where it’s stored
- Ransomware and USB attacks are hammering OT systems