Fortinet warns about FortiSIEM vulnerability with in-the-wild exploit code (CVE-2025-25256)
Fortinet has released patches for a critical OS command injection vulnerability (CVE-2025-25256) in FortiSIEM, after practical exploit code surfaced in the wild. About …
Tired of gaps in your security? These open-source tools can help
When it comes to spotting threats, security teams need tools that can pull data from all over and make it easier to analyze. In this article, we’ll take a look at some popular …
Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)
Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. …
Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques
Using the MITRE ATT&CK framework as a baseline, organizations are generally improving year-over-year in understanding security information and event management (SIEM) …
Spring clean your security data: The case for cybersecurity data hygiene
Spring cleaning isn’t just for your closets; security teams should take the same approach to their security operations data, where years of unchecked log growth have created a …
MISP: Open-source threat intelligence and sharing platform
MISP is an open-source threat intelligence and sharing platform for collecting, storing, distributing, and sharing cybersecurity indicators and threats related to incident and …
5 ways to keep API integrations secure
API integrations often handle sensitive data, such as employees’ personally identifiable information (PII), companies’ financial information, or even clients’ payment card …
Three security data predictions for 2024
How do companies protect their digital environments in a world where everything is growing more complex, quickly – data, customer expectations, cyber threats and more? It’s …
How security observability can help you fight cyber attacks
Security observability uses the external outputs of a system, its logs, metrics, and traces to infer risk, monitor threats, and alert on breaches. Security professionals use …
Wazuh: Free and open-source XDR and SIEM
Wazuh is an open-source platform designed for threat detection, prevention, and response. It can safeguard workloads in on-premises, virtual, container, and cloud settings. …
The blueprint for a highly effective EASM solution
In this Help Net Security interview, Adrien Petit, CEO at Uncovery, discusses the benefits that organizations can derive from implementing external attack surface management …
Inability to prevent bad things from happening seen as the worst part of a security job
83% of organizations experienced more than one data breach in 2022. However, 97% of respondents feel confident that they are well-equipped with the tools and processes needed …
Featured news
Resources
Don't miss
- China-linked Murky Panda targets and moves laterally through cloud services
- Five ways OSINT helps financial institutions to fight money laundering
- DevOps in the cloud and what is putting your data at risk
- Russian threat actors using old Cisco bug to target critical infrastructure orgs
- AWS Trusted Advisor flaw allowed public S3 buckets to go unflagged