Help Net Security

Vulnerabilities in mPOS devices could lead to fraud and theft
Vulnerabilities in mPOS (mobile point-of-sale) machines could allow malicious merchants to defraud customers and attackers to steal payment card data, Positive Technologies …

Enterprises as modern software factories: Infusing security throughout the app dev process
The DevOps methodology is ready to take the next step in its evolution. The first instance incorporated an operational approach to application development to create in-house, …

August Patch Tuesday forecast: Looking ahead after a frustrating July
Approaching August Patch Tuesday, we are supposed to be in the ‘dog days’ of summer where everything slows down. Unfortunately, July was full of CVEs and stability fixes with …

The future of OT security in critical infrastructure
Both the likelihood and consequences of cyberattacks to OT/ICS components continue to grow for modern industrial operations. While current advances in OT/ICS cyber security …

Photo gallery: Black Hat USA 2018, part 2
Black Hat USA 2018 is underway at Las Vegas. Here are a few photos from the Business Hall. Featured companies: LogRhythm, Carbon Black, Swimlane, Qualys, Cofense, Vectra, …

A botnet of smart irrigation systems can deplete a city’s water supply
Ben-Gurion University of the Negev (BGU) cyber security researchers warn of a potential distributed attack against urban water services that uses a botnet of smart irrigation …

There’s a global divide in how organizations assess cyber risk
Nearly 48 percent of organizations globally have embraced strategic vulnerability assessment – defined as mature or moderately mature programs that include targeted and …

Cyber hygiene: Where do organizations fall behind on basics?
Tripwire released its State of Cyber Hygiene report, which examined how organisations are implementing security controls that the Center for Internet Security (CIS) refers to …

Photo gallery: Black Hat USA 2018
Black Hat USA 2018 is underway at Las Vegas. Here are a few photos from the Business Hall and the Arsenal. Featured companies: ZeroFOX, LogRhythm, Qualys, Rapid7, Irdeto, …

IoT security: Lessons we can learn from the evolution of road safety
I was recently chatting with my father about his life as a young boy growing up in rural Ireland in the middle of the last century, and the conversation moved onto cars and …

Nearly 15% of US security budgets go to remediating active compromises
Malwarebytes and Osterman Research have polled 900 senior IT decision-makers and IT security professionals in Australia, Germany, the US, UK, and Singapore about the impact of …

Where should companies focus as they begin their machine learning journey?
As machine learning has become more widely adopted across industries, O’Reilly set out to learn more about how companies approach this work. By surveying more than 11,000 data …
Featured news
Resources
Don't miss
- Why we must go beyond tooling and CVEs to illuminate security blind spots
- Making security and development co-owners of DevSecOps
- Review: Passwork 7.0, self-hosted password manager for business
- What a mature OT security program looks like in practice
- Machine unlearning gets a practical privacy upgrade