Help Net Security
US government puts cybersecurity at forefront with newly announced National Strategy
The National Cybersecurity Strategy was unveiled today by the Biden-Harris Administration. The Strategy recognizes that government must use all tools of national power in a …
BlackLotus UEFI bootkit disables Windows security mechanisms
ESET researchers have published the first analysis of a UEFI bootkit capable of circumventing UEFI Secure Boot, a critical platform security feature. The functionality of the …
Uncovering the most pressing cybersecurity concerns for SMBs
In this Help Net Security video interview, James Edgar, CISO at Fleetcor, discusses what consequences SMBs are most concerned about when it comes to cyberattacks, what …
Moving target defense must keep cyber attackers guessing
A cybersecurity technique that shuffles network addresses like a blackjack dealer shuffles playing cards could effectively befuddle hackers gambling for control of a military …
Don’t be fooled by a pretty icon, malicious apps hide in plain sight
Apps, whether for communication, productivity or gaming, are one of the biggest threats to mobile security, according to McAfee. The end of 2022 saw the release of some …
Cyber resilience in focus: EU act to set strict standards
With the EU Cyber Resilience Act (CRA), the industry is dealing with one of the strictest regulatory requirements. Manufacturers, importers and even distributors of products …
Developers can make a great extension of your security team
Developers care about the quality and security of their code, and when empowered to help, developers make great security advocates who can help harden your supply chain …
5 open source Burp Suite penetration testing extensions you should check out
When it comes to assessing the security of computer systems, penetration testing tools are critical for identifying vulnerabilities that attackers may exploit. Among these …
A modern-day look at AppSec testing tools
In this Help Net Security video, Frank Catucci, CTO, and Dan Murphy, Distinguished Architect at Invicti Security, break down the different types of application security …
Covert cyberattacks on the rise as attackers shift tactics for maximum impact
2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 …
Dormant accounts are a low-hanging fruit for attackers
Successful attacks on systems no longer require zero-day exploits, as attackers now focus on compromising identities through methods such as bypassing MFA, hijacking sessions, …
Infosec products of the month: February 2023
Here’s a look at the most interesting products from the past month, featuring releases from: Arkose Labs, Cequence Security, CyberGRX, CyberSaint, Deepwatch, DigiCert, Finite …