Help Net Security
API authentication failures demonstrate the need for zero trust
The use of application programming interfaces (APIs) has exploded as businesses deploy mobile apps, containers, serverless computing, microservices, and expand their cloud …
Assessing the state of the internet to make smart security decisions
The internet constantly changes as new technologies are developed, and vulnerabilities are discovered. At the same time, organizations expand their operations that interact …
7 cybersecurity audiobooks you should listen to this year
Audiobooks have gained enormous popularity among book lovers for a variety of factors, including their convenience, which enables listeners to learn while running errands or …
CIS Controls v8: Safeguards to mitigate the most prevalent cyber-attacks
The CIS Critical Security Controls (CIS Controls) are a prioritized set of safeguards to mitigate cyber-attacks against systems and networks. They are mapped to and referenced …
Average company with data in the cloud faces $28 million in data-breach risk
Hard-to-control collaboration, complex SaaS permissions, and risky misconfigurations — such as admin accounts without multi-factor authentication (MFA) — have left a dangerous …
When transparency is also obscurity: The conundrum that is open-source security
Open-source software (OSS) has a lot of advocates. After all, why would we continuously try and write code that solves problems that others have already solved? Why not share …
Why digital trust is the bedrock of business relationships
In this Help Net Security video, David Samuelson, CEO at ISACA, talks about how enterprises approach digital trust. While nearly 98% of respondents to an ISACA survey say that …
What should investing in cybersecurity look like for a technology organization?
To withstand cyberattacks, businesses must continually update internal systems and avoid hasty tech upgrades that might open the door to attackers. In this Help Net Security …
Is mandatory password expiration helping or hurting your password security?
For decades cybersecurity professionals held tight to the idea that passwords needed to be changed on a regular basis. In recent years, however, organizations such as NIST and …
Incident responders increasingly seek out mental health assistance
Incident responders are primarily driven by a strong sense of duty to protect others. This responsibility that’s increasingly challenged by the surge of disruptive attacks, …
HTTP request smuggling vulnerability in Node.js (CVE-2022-35256)
In this Help Net Security video, Austin Jones, Principal Software Engineer at ThreatX, explains what HTTP request smuggling is, and discusses a recently uncovered HTTP request …
Financial crises boost fraud rates, making online consumers more cautious
59% of consumers are more concerned about becoming a victim of fraud now than they were in 2021, according to a research released by Paysafe. This Help Net Security video …
Featured news
Resources
Don't miss
- Job-seeking devs targeted with fake CrowdStrike offer via email
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
- The SBI fake banking app shows that SMS authentication has had its day
- Preventing the next ransomware attack with help from AI
- Banshee Stealer variant targets Russian-speaking macOS users