Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
Phani Dasari
Strengthening security posture with comprehensive cybersecurity assessments

In this Help Net Security interview, Phani Dasari, CISO at HGS, discusses key aspects of cybersecurity assessments, including effective tools and methodologies, the role of AI …

1Password
Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)

Two vulnerabilities (CVE-2024-42219, CVE-2024-42218) affecting the macOS version of the popular 1Password password manager could allow malware to steal secrets stored in the …

software
Finding software flaws early in the development process provides ROI

Enterprises spend enormous effort fixing software vulnerabilities that make their way into their publicly-facing applications. The Consortium for Information and Software …

ResumeLooters
ResumeLooters target job search sites in extensive data heist

Group-IB identified a large-scale malicious campaign primarily targeting job search and retail websites of companies in the Asia-Pacific region. The group, dubbed …

template
MVSP: A minimum cybersecurity baseline to simplify vendor security assessment

Any organization that’s actively working on managing its cybersecurity risk can’t ignore the risk that goes with third-party vendors having access to its critical …

connected car
CAM sector cybersecurity challenges and how to mitigate them

ENISA discloses an in-depth analysis of the cybersecurity challenges faced by the connected and automated mobility (CAM) sector and provides actionable recommendations to …

building
MythBusters: What pentesting is (and what it is not)

You’ve probably seen the term pentesting pop up in security research and articles, but do you know what it really means? Simply put, penetration testing is a security …

template
Third-party risk management programs still largely a checkbox exercise

Enterprise third-party risk management (TPRM) programs have been around for a half-decade or longer, and at this point most large organizations run one. However, many of these …

PCI
PCI SSC releases PCI Secure Software Lifecycle (SLC) Standard 1.1

The PCI Security Standards Council (PCI SSC) has published version 1.1 of the PCI Secure Software Lifecycle (SLC) Standard and its supporting program documentation. The PCI …

seismic wave
The cybersecurity issues of seismic monitoring devices

Seismic monitoring devices linked to the internet are vulnerable to cyberattacks that could disrupt data collection and processing, say researchers who have probed the devices …

organize
How do I select a security assessment solution for my business?

A recent research shows high-risk vulnerabilities at 84% of companies across finance, manufacturing, IT, retail, government, telecoms and advertising. One or more hosts with a …

face
How security theater misses critical gaps in attack surface and what to do about it

Bruce Schneier coined the phrase security theater to describe “security measures that make people feel more secure without doing anything to actually improve their security.” …

Don't miss

Cybersecurity news