Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

News

cybercrime
Inside PlugValley: How this AI vishing-as-a-service group operates

In this Help Net Security video, Alexis Ober, Threat Intel Analyst at Fortra, discusses the threat actor group PlugValley, which is now offering AI-powered …

Hands-On Industrial IoT
Review: Hands-On Industrial Internet of Things

Hands-On Industrial Internet of Things is a practical guide designed specifically for professionals building and securing industrial IoT (IIoT) systems. About the authors …

Biohazard
Cozy Bear targets EU diplomats with wine-tasting invites (again)

APT29 (aka Cozy Bear, aka Midnight Blizzard) is, once again, targeting European diplomats with fake invitations to wine-tasting events, Check Point researchers have shared. …

CVE
Funding uncertainty may spell the end of MITRE’s CVE program

The future of the Common Vulnerabilities and Exposures (CVE) program hangs in the balance: MITRE, the not-for-profit US organization that runs it, could lose the US federal …

When companies merge, so do their cyber threats

For CISOs, mergers and acquisitions (M&A) bring both potential and risk. These deals can drive growth, but they also open the door to serious cybersecurity threats that …

brain
Strategic AI readiness for cybersecurity: From hype to reality

AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity. Many companies could encounter serious …

Attack Flow
Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques

MITRE’s Attack Flow project aims to translate complex cyber operations into a structured language. By describing how adversaries sequence and combine offensive …

The future of authentication: Why passwordless is the way forward

By now, most CISOs agree: passwords are the weakest link in the authentication chain. They’re easy to guess, hard to manage, and constantly reused. Even the most complex …

network
Browser extensions make nearly every employee a potential attack vector

Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have …

Hertz
Hertz data breach: Customers in US, EU, UK, Australia and Canada affected

American car rental company Hertz has suffered a data breach linked to last year’s exploitation of Cleo zero-day vulnerabilities by a ransomware gang. The breach …

Nagios Log Server
Critical flaws fixed in Nagios Log Server

The Nagios Security Team has fixed three critical vulnerabilities affecting popular enterprise log management and analysis platform Nagios Log Server. About the flaws The …

certificates
Why shorter SSL/TLS certificate lifespans matter

Digital certificates are the unsung heroes of the internet, silently verifying that the websites, apps, and services you use are legit and your data is safe. For years, we’ve …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools