Review: Attack Surface Management
Attack Surface Management (ASM) has become one of those buzzwords that gets used a lot but rarely explained in detail. The authors of this book offer a practical guide that …
New technique detects tampering or forgery of a PDF document
Researchers from the University of Pretoria presented a new technique for detecting tampering in PDF documents by analyzing the file’s page objects. The technique employs a …
New hires, new targets: Why attackers love your onboarding process
In this Help Net Security video, Ozan Ucar, CEO of Keepnet Labs, highlights a critical cybersecurity blind spot: the vulnerability of new hires during onboarding. He explains …
AI tools are everywhere, and most are off your radar
80% of AI tools used by employees go unmanaged by IT or security teams, according to Zluri’s The State of AI in the Workplace 2025 report. AI is popping up all over the …
Cybersecurity essentials for the future: From hype to what works
Cybersecurity never stands still. One week it’s AI-powered attacks, the next it’s a new data breach, regulation, or budget cut. With all that noise, it’s easy to get …
Why AI agents could be the next insider threat
In this Help Net Security video, Arun Shrestha, CEO of BeyondID, explains how AI agents, now embedded in daily operations, are often over-permissioned, under-monitored, and …
Why should companies or organizations convert to FIDO security keys?
In this Help Net Security interview, Alexander Summerer, Head of Authentication at Swissbit, explains how FIDO security keys work, what threats they address, and why they’re …
Hackers love events. Why aren’t more CISOs paying attention?
When CISOs think about risk, they usually think about cloud platforms, laptops, and data centers. But live events like conferences, trade shows, product launches, and …
CISOs brace for a surge in domain-based cyber threats
Cybersecurity threats are growing more complex, and domain-based attacks are at the center of this shift. CSC’s CISO Outlook 2025 report, based on a survey of 300 security …
Virtual kidnapping scams prey on our worst fears
Getting a call saying a family member has been kidnapped is terrifying. Fear and panic take over, making it hard to think clearly. That’s exactly what criminals count on when …
Why CISOs need to understand the AI tech stack
As AI spreads, so do the risks. Security leaders are being asked to protect systems they don’t fully understand yet, and that’s a problem. A new report from the Paladin Global …
19 ways to build zero trust: NIST offers practical implementation guide
The National Institute of Standards and Technology (NIST) has released a new guide that offers practical help for building zero trust architectures (ZTA). The guidance, titled …