APT29 revamps its techniques to breach cloud environments
Russian threat actors APT29 are changing their techniques and expanding their targets to access cloud environments, members of the Five Eyes intelligence alliance have warned. …
NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure
The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The …
Using AI to reduce false positives in secrets scanners
As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an …
Overcoming the pressures of cybersecurity startup leadership
In this Help Net Security interview, Kunal Agarwal, CEO at Dope Security, offers a look into the CEO’s leadership philosophy, the process of building a high-caliber …
Enterprises’ progress in digital trust implementation is far from great
A growing divide separates leaders with a firm grasp on digital trust from those at the bottom of the pool, according to DigiCert. While digital trust overwhelmingly remains a …
Unmanaged third-party access threatens OT environments
Many industrial organizations lack the resources, expertise, and collaborative processes to effectively mitigate threats and ensure secure access to operational technology …
LockBit leak site is back online
LockBitSupp, the individual running the LockBit ransomware-as-a-service operation, has made good on one promise: the LockBit leak site is back online on backup domains, with …
Pikabot returns with new tricks up its sleeve
After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign. About the Pikabot loader Pikabot is a loader …
ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)
The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of …
Web Check: Open-source intelligence for any website
Web Check offers thorough open-source intelligence and enables users to understand a website’s infrastructure and security posture, equipping them with the knowledge to …
It’s time for security operations to ditch Excel
Security teams are hiding an embarrassing secret from the outside world: despite their position at the vanguard of technology, security risks and threats, their actual war …
CVE count set to rise by 25% in 2024
The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 …
Featured news
Resources
Don't miss
- When security decisions come too late, and attackers know it
- OpenClaw Scanner: Open-source tool detects autonomous AI agents
- Ivanti EPMM exploitation: Researchers warn of “sleeper” webshells
- Microsoft begins Secure Boot certificate update for Windows devices
- Microsoft Patch Tuesday: 6 exploited zero-days fixed in February 2026