Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

APT
APT groups are getting personal, and CISOs should be concerned

Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members …

CISO
What makes a security program mature and how to get there faster

Security leaders are flush with tools and data, but it’s not helping their programs mature. In this Help Net Security video, PlexTrac’s Dan DeCloss outlines the 3 key …

EntraGoat
EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations

EntraGoat is a purpose-built tool that sets up a vulnerable Microsoft Entra ID environment to mimic real-world identity security issues. It’s designed to help security …

DNS
Why DNS threats should be on every CISO’s radar in 2025

DNS is once again in the crosshairs of threat actors. According to the 2025 DNS Threat Landscape Report by Infoblox, attackers are changing tactics, and enterprises are …

cybersecurity jobs
Cybersecurity jobs available right now: August 12, 2025

Cloud Platforms Engineering Manager Mozn | UAE | Remote – No longer accepting applications As a Cloud Platforms Engineering Manager, you will lead the design, …

network
What the Matter 1.4.2 update means for smart home security

Matter is built on the idea that smart home devices should be secure, reliable, and easy to use. It is based on Internet Protocol (IP), which allows devices, mobile apps, and …

world
Win-DDoS: Attackers can turn public domain controllers into DDoS agents

SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one …

WinRAR
WinRAR zero-day exploited by RomCom hackers in targeted attacks

ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components …

lock
How Brandolini’s law informs our everyday infosec reality

Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: “The amount of energy needed to refute bullshit is an order of magnitude …

Robert Buljevic
From legacy to SaaS: Why complexity is the enemy of enterprise security

In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the …

From Day Zero to Zero Day
Review: From Day Zero to Zero Day

From Day Zero to Zero Day is a practical guide for cybersecurity pros who want to move beyond reading about vulnerabilities and start finding them. It gives a methodical look …

security
Pentesting is now central to CISO strategy

Security leaders are rethinking their approach to cybersecurity as digital supply chains expand and generative AI becomes embedded in critical systems. A recent survey of 225 …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools