Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source – subscribe here!

Please turn on your JavaScript for this page to function normally.
Android
Google patches actively exploited Android vulnerability (CVE-2024-43093)

Google has delivered fixes for two vulnerabilities endangering Android users that “may be under limited, targeted exploitation”: CVE-2024-43047, a flaw affecting …

Voice of Practitioners 2024
Report: Voice of Practitioners 2024 – The True State of Secrets Security

In this study, GitGuardian and CyberArk reveal the stark reality of secrets management across 1,000 organizations. With 79% experiencing secrets leaks and an average …

open source
Open-source software: A first attempt at organization after CRA

The open-source software (OSS) industry is developing the core software for the global infrastructure, to the point that even some proprietary software giants adopt Linux …

Barry Mainz
Maximizing security visibility on a budget

In this Help Net Security interview, Barry Mainz, CEO at Forescout, discusses the obstacles organizations encounter in attaining security visibility, particularly within cloud …

cybersecurity jobs
Cybersecurity jobs available right now: November 5, 2024

Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Application Security Engineer MassMutual | USA | …

breach
AI learning mechanisms may lead to increase in codebase leaks

The proliferation of non-human identities and the complexity of modern application architectures have created significant security challenges, particularly in managing …

Synology
Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)

Synology has released fixes for an unauthenticated “zero-click” remote code execution flaw (CVE-2024-10443, aka RISK:STATION) affecting its popular DiskStation and …

Rachel Barouch
Hiring guide: Key skills for cybersecurity researchers

In this Help Net Security interview, Rachel Barouch, an Organizational Coach for VCs and startups and a former VP HR in both a VC and a Cybersecurity startup, discusses the …

Whispr
Whispr: Open-source multi-vault secret injection tool

Whispr is an open-source CLI tool designed to securely inject secrets from secret vaults, such as AWS Secrets Manager and Azure Key Vault, directly into your application’s …

eye
Strong privacy laws boost confidence in sharing information with AI

53% of consumers report being aware of their national privacy laws, a 17-percentage point increase compared to 2019, according to Cisco. Informed consumers are also much more …

cybersecurity week in review
Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patching problems: The “return” of a Windows Themes spoofing vulnerability …

vulnerability
50% of financial orgs have high-severity security flaws in their apps

Security debt, defined for this report as flaws that remain unfixed for longer than a year, exists in 76% of organizations in the financial services sector, with 50% of …

Don't miss

Cybersecurity news