Help Net Security
Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti …
January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance
January 2025 Patch Tuesday is now live: Microsoft fixes actively exploited Windows Hyper-V zero-day flaws Welcome to 2025 and a new year of patch excitement! In my December …
The SBI fake banking app shows that SMS authentication has had its day
As a company fortunate enough to have and maintain our own pentesting team, we often do outreach with other organizations to assist with or provide our expertise in offensive …
Wireshark 4.4.3 released: Updated protocol support, bug fixes
Wireshark, the popular network protocol analyzer, has reached version 4.4.3. Wireshark offers deep inspection across hundreds of protocols, live and offline analysis, and …
The ongoing evolution of the CIS Critical Security Controls
For decades, the CIS Critical Security Controls (CIS Controls) have simplified enterprises’ efforts to strengthen their cybersecurity posture by prescribing prioritized …
Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd
As we look ahead to cybersecurity developments in 2025, there’s bad news and good—expect to see new challenging attacks and the cybersecurity community increasingly working …
Why an “all gas, no brakes” approach for AI use won’t work
Machine learning and generative AI are changing the way knowledge workers do their jobs. Every company is eager to be “an AI company,” but AI can often seem like a black box, …
The top target for phishing campaigns
Despite organizations’ repeated attempts at security awareness training, with a particular emphasis on how employees can avoid being phished, in 2024 enterprise users …
Making the most of cryptography, now and in the future
Enterprise cryptography faces risks beyond just the advent of quantum computers. For starters, there is no guarantee that the traditional algorithms have not been broken. …
Cyberbro: Open-source tool extracts IoCs and checks their reputation
Cyberbro is an open-source application that extracts IoCs from garbage input and checks their reputation using multiple services. Cyberbro features Input handling: Paste raw …
Open source worldwide: Critical maintenance gaps exposed
Lineaje recently released a report identifying the US and Russia as the leading generators of open-source projects, with both countries also having the highest numbers of …
Only 26% of Europe’s top companies earn a high rating for cybersecurity
With the EU’s Digital Operational Resilience Act (DORA) deadline approaching on 17th January, 2025, Europe’s top 100 companies face an urgent cybersecurity challenge, …
Featured news
Resources
Don't miss
- The AI safety conversation is focused on the wrong layer
- Critical NetScaler ADC, Gateway flaw may soon be exploited (CVE-2026-3055)
- GitHub-hosted malware campaign uses split payload to evade detection
- Measuring security performance in real-time, not once a quarter
- Attackers are handing off access in 22 seconds, Mandiant finds