WithSecure
Trojanized KeePass opens doors for ransomware attackers
A suspected initial access broker has been leveraging trojanized versions of the open-source KeePass password manager to set the stage for ransomware attacks, WithSecure …
When ransomware strikes, what’s your move?
Should we negotiate? Should we pay? These are the questions every organization faces when cybercriminals lock their data. By the time attackers have encrypted your systems, …
Chainsaw: Open-source tool for hunting through Windows forensic artefacts
Chainsaw is an open-source first-response tool for quickly detecting threats in Windows forensic artefacts, including Event Logs and the MFT file. It enables fast keyword …
How ransomware tactics are shifting, and what it means for your business
In this Help Net Security interview, Tim West, Director of Threat Intelligence and Outreach at WithSecure, discusses Ransomware-as-a-Service (RaaS) with a focus on how these …
The changing dynamics of ransomware as law enforcement strikes
After peaking in late 2023, the ransomware industry is beginning to stabilize in productivity, with notable developments in ransomware targets, and industry dynamics, …
Edge services are extremely attractive targets to attackers
The cyber threat landscape in 2023 and 2024 has been dominated by mass exploitation, according to WithSecure. Edge service KEV vulnerability trends 64% of all edge service and …
Expand your library with these cybersecurity books
In this Help Net Security video round-up, authors discuss their cybersecurity books and provide an inside look at each title. Complete videos George Finney, CSO at Southern …
How exposure management elevates cyber resilience
Attackers are adept at identifying and exploiting the most cost-effective methods of compromise, highlighting the critical need for organizations to implement asset …
Drozer: Open-source Android security assessment framework
Drozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier. Drozer features The …
Government organizations’ readiness in the face of cyber threats
Cyber threats targeting government organizations have become increasingly sophisticated, posing significant risks to national security, public infrastructure, and sensitive …
The impact of prompt injection in LLM agents
Prompt injection is, thus far, an unresolved challenge that poses a significant threat to Language Model (LLM) integrity. This risk is particularly alarming when LLMs are …
CISOs can marry security and business success
With an endless string of cyber fires to be put out, it’s easy to forget that the cybersecurity function in an organization doesn’t exist in a vacuum. Its main purpose is to …
Featured news
Resources
Don't miss
- Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools
- iOS zero-click attacks used to deliver Graphite spyware (CVE-2025-43200)
- Unpacking the security complexity of no-code development platforms
- Researchers warn of ongoing Entra ID account takeover campaign
- LockBit panel data leak shows Chinese orgs among the most targeted