Half of red flags in third-party deals never reach compliance teams
Third-party risk management (TPRM) is compromised in many organizations because those holding the relationship with the third-party (relationship owners) don’t escalate red …
Preparing for the next wave of machine identity growth
Machine identities are multiplying fast, and many organizations are struggling to keep up. In this Help Net Security interview, Wendy Wu, CMO at SailPoint, explains why …
Online fraud peaks as breaches rise
Data breaches played a key role in significant financial losses faced by consumers due to fraud. In this Help Net Security video, Steve Yin, Global Head of Fraud at …
Low-tech phishing attacks are gaining ground
Cybercriminals are increasingly favoring low-tech, human-centric attacks to bypass email scanning technologies, according to VIPRE Security. The report is based on an analysis …
Mobile security is a frontline risk. Are you ready?
The mobile threat landscape has shifted. According to Zimperium’s 2025 Global Mobile Threat Report, attackers are now prioritizing mobile devices over desktops. For …
Why cyber resilience must be part of every organization’s DNA
As AI brings about excitement and transformative potential, the report reveals that organizations are forging ahead with innovations despite increased security concerns, …
44% of the zero-days exploited in 2024 were in enterprise solutions
In 2024, threat actors exploited 75 zero-days – i.e., vulnerabilities previously unknown to vendors, thus without a readily available patch – in a wide variety of …
Investing in security? It’s not helping you fix what matters faster
Automation and structured collaboration have a strong, positive influence on the efficiency of vulnerability management, according to Seemplicity. However, manual processes, …
Ransomware attacks are getting smarter, harder to stop
Ransomware attacks are becoming more refined and pervasive, posing significant challenges to organizations globally. A Veeam report reveals that while the percentage of …
Most critical vulnerabilities aren’t worth your attention
Web applications face a wide range of risks, including known-exploitable vulnerabilities, supply chain attacks, and insecure identity configurations in CI/CD, according to the …
Flexible working models fuel surge in device theft
76% of respondents have been impacted by incidents of device theft in the past two years, with incidents more common in organizations with more flexible working models, …
Exposure validation emerges as critical cyber defense component
Organizations have implemented various aspects of threat exposure validation, including security control validation (51%) and filtering threat exposures based on the …
Featured news
Resources
Don't miss
- China-linked Murky Panda targets and moves laterally through cloud services
- Five ways OSINT helps financial institutions to fight money laundering
- DevOps in the cloud and what is putting your data at risk
- Russian threat actors using old Cisco bug to target critical infrastructure orgs
- AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged