Picking an AI red teaming vendor is getting harder
Vendor noise is already a problem in traditional security testing. AI red teaming has added another layer of confusion, with providers offering everything from consulting …
That “summarize with AI” button might be manipulating you
Microsoft security researchers discovered a growing trend of AI memory poisoning attacks used for promotional purposes, referred to as AI Recommendation Poisoning. The MITRE …
The hidden cost of putting off security decisions
In this Help Net Security video, Hanah Darley, Chief AI Officer, Geordie AI, talks about how putting off security risk decisions creates long-term costs that often stay …
Cybersecurity planning keeps moving toward whole-of-society models
National governments already run cybersecurity through a mix of ministries, regulators, law enforcement, and private operators that own most critical systems. In that …
Why incident response breaks down when it matters most
In this Help Net Security video, Jon David, Managing Director, NR Labs, discusses why incident response often breaks down during a breach. Drawing on years of experience …
ShinyHunters flip the script on MFA in new data theft attacks
Multi-factor authentication (MFA) is supposed to defend against phishing attacks, but threat actors operating under the ShinyHunters banner are using it as a pretext in …
Where NSA zero trust guidance aligns with enterprise reality
The NSA has published Phase One and Phase Two of its Zero Trust Implementation Guidelines, providing structured guidance for organizations working to implement zero trust …
A practical take on cyber resilience for CISOs
In this Help Net Security video, Shebani Baweja, CISO, Wealth and Retail Banking & Markets at Standard Chartered, explains how security leaders should think about cyber …
A new framework helps banks sort urgent post-quantum crypto work from the rest
Financial institutions now have a concrete method for deciding where post-quantum cryptography belongs on their security roadmaps. New research coordinated by Europol sets out …
The NSA lays out the first steps for zero trust adoption
Security pros often say that zero trust sounds straightforward until they try to apply it across real systems, real users, and real data. Many organizations are still sorting …
Turning plain language into firewall rules
Firewall rules often begin as a sentence in someone’s head. A team needs access to an application. A service needs to be blocked after hours. Translating those ideas into …
NIST issues guidance on securing smart speakers
Smart home devices, such as voice-activated digital assistants, are increasingly used in home health care, with risks involved. An attacker could change a prescription, steal …