Turning plain language into firewall rules
Firewall rules often begin as a sentence in someone’s head. A team needs access to an application. A service needs to be blocked after hours. Translating those ideas into …
NIST issues guidance on securing smart speakers
Smart home devices, such as voice-activated digital assistants, are increasingly used in home health care, with risks involved. An attacker could change a prescription, steal …
LLMs work better together in smart contract audits
Smart contract bugs continue to drain real money from blockchain systems, even after years of tooling and research. A new academic study suggests that large language models …
Microsoft 365 users targeted in device code phishing attacks
Attackers are targeting Microsoft 365 users with device code authorization phishing, a technique that fools users into approving access tokens, Proofpoint warns. The method …
The soft underbelly of space isn’t in orbit, it’s on the ground
In this Help Net Security interview, Øystein Thorvaldsen, CISO at KSAT, discusses how adversaries view the ground segment as the practical way to reach space systems and why …
Why vulnerability reports stall inside shared hosting companies
Security teams keep sending vulnerability notifications, and the same pattern keeps repeating. Many alerts land, few lead to fixes. A new qualitative study digs into what …
Social data puts user passwords at risk in unexpected ways
Many CISOs already assume that social media creates new openings for password guessing, but new research helps show what that risk looks like in practice. The findings reveal …
Heineken CISO champions a new risk mindset to unlock innovation
In this Help Net Security interview, Marina Marceta, CISO at Heineken, discusses what it takes for CISOs to be seen as business-aligned leaders rather than technical …
How an AI meltdown could reset enterprise expectations
In this Help Net Security interview, Graham McMillan, CTO at Redgate Software, discusses AI, security, and the future of enterprise oversight. He explains why past incidents …
MacOS DigitStealer malware poses as DynamicLake, targets Apple Silicon M2/M3 devices
A new infostealer is targeting macOS users by masquerading as the legitimate DynamicLake UI enhancement and productivity utility and possibly Google’s Drive for desktop app. …
How to cut security tool sprawl without losing control
In this Help Net Security video, Jon Taylor, Director and Principal of Security at Versa Networks, talks about how organizations can deal with security tool sprawl. He …
What security pros should know about insurance coverage for AI chatbot wiretapping claims
AI-powered chatbots raise profound concerns under federal and state wiretapping and eavesdropping statutes that is being tested by recent litigation, creating greater exposure …