Help Net Security
How to design a third-party risk management framework
Most organizations focus on securing routers, servers, firewalls, and other endpoints, but threats can also arise from unfamiliar sources such as third-party networks, which …
Top priorities for compliance leaders this year
Legal, compliance and privacy leaders list strengthening their personal impact on company strategy as their top priority for 2024, according to Gartner. Improving third party …
New infosec products of the week: July 12, 2024
Here’s a look at the most interesting products from the past week, featuring releases from AttackIQ, IT-Harvest, Pentera, Prompt Security, and Quantum Xchange. AttackIQ …
How AI helps decode cybercriminal strategies
With terms like “AI washing” making their way into mainstream business consciousness, the hype surrounding AI is making it harder to differentiate between the true …
Travel scams exposed: How to recognize and avoid them
In this Help Net Security video, Aaron Walton, Threat Intel Analyst at Expel, discusses travel scams. For the past 18 months, the Expel SOC team has observed a campaign …
Diversifying cyber teams to tackle complex threats
Technologies such as GenAI, ML and IoT are giving threat actors new tools that make it easier to target consumers and organizations. From Savvy Seahorse which lures victims …
73% of security pros use unauthorized SaaS applications
73% of security professionals admit to using SaaS applications that had not been provided by their company’s IT team in the past year, according to Next DLP. Unauthorized tool …
GuardZoo spyware used by Houthis to target military personnel
Lookout discovered GuardZoo, Android spyware targeting Middle Eastern military personnel. This campaign leverages malicious apps with military and religious themes to lure …
Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack
A new critical security vulnerability in the RADIUS protocol, dubbed BlastRADIUS (CVE-2024-3596), leaves most networking equipment open to Man-in-the-Middle (MitM) attacks. …
Microsoft’s cybersecurity dilemma: An open letter to Satya Nadella
Microsoft is suffering cybersecurity failures due to systemic problems with strategic leadership. The world is witnessing an alarming trend of cybersecurity issues with …
Shadow engineering exposed: Addressing the risks of unauthorized engineering practices
Shadow engineering is present in many organizations, and it can lead to security, compliance, and risk challenges. In this Help Net Security video, Darren Meyer, Staff …
Monocle: Open-source LLM for binary analysis search
Monocle is open-source tooling backed by a large language model (LLM) for performing natural language searches against compiled target binaries. Monocle can be provided with a …