46% of financial institutions had a data breach in the past 24 months
As the financial industry is the most targeted sector for data breaches in 2024, it’s now more important than ever to strengthen the industry moving into 2025, according to …
New infosec products of the week: December 20, 2024
Here’s a look at the most interesting products from the past week, featuring releases from Appdome, GitGuardian, RunSafe Security, Stairwell, and Netwrix. GitGuardian launches …
Cryptocurrency hackers stole $2.2 billion from platforms in 2024
$2.2 billion worth of cryptocurrency was stolen from various platforms in 2024, Chainalysis’ 2025 Crypto Crime Report has revealed. Of that sum, $1.34 billion was stolen …
CISA orders federal agencies to secure their Microsoft cloud environments
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD 25-01) requiring federal civilian agencies to secure their …
Ukrainian hacker gets prison for infostealer operations
Ukrainian national Mark Sokolovsky was sentenced to 60 months in federal prison for one count of conspiracy to commit computer intrusion. According to court documents, he …
Are threat feeds masking your biggest security blind spot?
Security teams that subscribe to threat feeds get lists of known malicious domains, IPs, and file signatures that they can leverage to blacklist and prevent attacks from those …
Leadership skills for managing cybersecurity during digital transformation
In this Help Net Security interview, Dan Lohrmann, CISO at Presidio, discusses the need for organizations to rethink their leadership and operational strategies and the …
Ransomware in 2024: New players, bigger payouts, and smarter tactics
In 2024, ransomware remained the top cybersecurity threat to organizations worldwide. New groups filled the void left by law enforcement crackdowns, targeting businesses with …
European companies hit with effective DocuSign-themed phishing emails
A threat actor looking to take over the Microsoft Azure cloud infrastructure of European companies has successfully compromised accounts of multiple victims in different …
BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)
BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow …
CISO accountability: Navigating a landscape of responsibility
What was once primarily a technical role, CISOs now find themselves accountable for organizational risk, regulatory compliance, and even legal liabilities across the entire …
Key steps to scaling automated compliance while maintaining security
In this Help Net Security interview, Vivek Agarwal, Privacy Program Manager at Meta Platforms, shares insights on strategies for reducing time to market, improving vendor …
Featured news
Resources
Don't miss
- The unseen side of malware and how to find it
- SonicWall says attackers compromised some firewall configuration backup files
- Google fixes actively exploited Chrome zero-day vulnerability (CVE-2025-10585)
- LinkedIn now uses your data for AI by default, opt out now!
- Behind the scenes of cURL with its founder: Releases, updates, and security