“Security researcher” offers to delete data stolen by ransomware attackers
When organizations get hit by ransomware and pay the crooks to decrypt the encrypted data and delete the stolen data, they can never be entirely sure the criminals will do as …
If you prepare, a data security incident will not cause an existential crisis
Why is it that when a company becomes aware of a potential data security incident, the team working on it (and others who are made aware that “something” is going on) have an …
Understanding zero-trust design philosophy and principles
In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security …
Securing AI systems against evasion, poisoning, and abuse
Adversaries can intentionally mislead or “poison” AI systems, causing them to malfunction, and developers have yet to find an infallible defense against this. In …
Accelerate essential cyber hygiene for your small business
Think you’re too small to experience a cyber attack? That’s not the case. In fact, cyber threat actors (CTAs) are increasingly setting their sights on small …
Social engineer reveals effective tricks for real-world intrusions
In this Help Net Security interview, Jayson E. Street, Chief Adversarial Officer at Secure Yeti, discusses intriguing aspects of social engineering and unconventional methods …
Review: Engineering-grade OT security: A manager’s guide
Andrew Ginter is a widely-read author on industrial security and a trusted advisor for industrial enterprises. He holds a BSc. in Applied Mathematics and an MSc. in Computer …
AuthLogParser: Open-source tool for analyzing Linux authentication logs
AuthLogParser is an open-source tool tailored for digital forensics and incident response, specifically crafted to analyze Linux authentication logs (auth.log). The tool …
Vim 9.1 released: New features and bug fixes
Vim, a highly adaptable text editor, is designed to efficiently create and modify all types of text. It comes included as vi in most UNIX systems and macOS. Renowned for its …
Week in review: 15 open-source cybersecurity tools, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Wi-Fi 7’s mission-critical role in enterprise, industrial networking In this …
January 2024 Patch Tuesday forecast: A Focus on Printing
Update: January 9, 15:08 ET – January 2024 Patch Tuesday is now live: Microsoft fixes critical flaws in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700). Happy …
Escalating cyber threats: Bots, fraud farms, and cryptojacking surge, urgently requiring attention
The motivations behind cyberattacks are as diverse as the methods employed. Whether driven by financial gain, political agendas, or sheer malice, cybercriminals exploit …
Featured news
Resources
Don't miss
- Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)
- 1Password open sources a benchmark to stop AI agents from leaking credentials
- Apple fixes zero-day flaw exploited in targeted attacks (CVE-2026-20700)
- When security decisions come too late, and attackers know it
- OpenClaw Scanner: Open-source tool detects autonomous AI agents