Help Net Security
Stolen credentials are the most common attack vector companies face
60% of IT security decision makers believe their overall security strategy does not keep pace with the threat landscape, and that they are either lagging behind (20%), …
Implementing zero trust for a secure hybrid working enterprise
In this Help Net Security video, Kevin Peterson, Cybersecurity Strategist at Xalient, provides an overview of the early days of zero trust, illustrates where we are today, and …
SquarePhish: Advanced phishing tool combines QR codes and OAuth 2.0 device code flow
In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines …
Why SAP systems need to be brought into the cybersecurity fold
SAP’s status as a leading business process management software provider is undeniable. Today, the company serves over 230 million cloud users and 99 of the top 100 companies …
As the cost of cyber insurance rises, the number of organizations who can’t afford it is set to double
The number of organizations that will be either unable to afford cyber insurance, be declined cover, or experience significant coverage limitations is set to double in 2023, …
Majority of SMBs lack 24/7 security operations to detect threats
Cybercriminals and threat actors work around the clock, with attacks originating from around the world. Therefore, all businesses, including SMBs, need to be always on alert …
AWSGoat: Easy to deploy vulnerable AWS infrastructure for pentesters
Compromising an organization’s cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web …
Identity is the killer context: 4 ways to stay in control
The COVID-19 pandemic sounded the death knell for the traditional perimeter. Work is now an activity, not a place, meaning the concept of an encircling wall of security is as …
36% of orgs expose insecure FTP protocol to the internet, and some still use Telnet
A significant percentage of organizations expose insecure or highly sensitive protocols, including SMB, SSH, and Telnet, to the public internet, the ExtraHop Benchmarking …
LogoKit update: The phishing kit leveraging open redirect vulnerabilities
Resecurity identified threat actors leveraging open redirect vulnerabilities in online services and apps to bypass spam filters to ultimately deliver phishing content. Using …
Three ransomware gangs consecutively attacked the same network
Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacked the same network, according to Sophos. The first two attacks took place within two hours, …
Cyber syndicates are working with amateur attackers to target businesses
Cybercrime is being supercharged through “plug and play” malware kits that make it easier than ever to launch attacks. Cyber syndicates are collaborating with amateur …
Featured news
Resources
Don't miss
- Security work keeps expanding, even with AI in the mix
- Ivanti provides temporary patches for actively exploited EPMM zero-day (CVE-2026-1281)
- Google disrupts proxy network used by 550+ threat groups
- eScan AV users targeted with malicious updates
- Google agrees to pay $135 million over Android data harvesting claims