cybersecurity
As-a-Service tools empower criminals with limited tech skills
As-a-service attacks continue to dominate the threat landscape, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools making up the majority of malicious …
Prowler: Open-source security tool for AWS, Google Cloud Platform, Azure
Prowler is an open-source security tool designed to assess, audit, and enhance the security of AWS, GCP, and Azure. It’s also equipped for incident response, continuous …
Enhancing adversary simulations: Learn the business to attack the business
In this Help Net Security interview, Jamieson O’Reilly, Founder of DVULN, discusses adversary simulations, shedding light on challenges rooted in human behavior, …
Demystifying SOC-as-a-Service (SOCaaS)
Threat actors aren’t looking for companies of specific sizes or industries, they are looking for opportunities. Given that many companies operate in the dark and overlook …
Cybersecurity teams hesitate to use automation in TDIR workflows
Despite reported threat detection, investigation, and response (TDIR) improvements in security operations, more than half of organizations still experienced significant …
ResumeLooters target job search sites in extensive data heist
Group-IB identified a large-scale malicious campaign primarily targeting job search and retail websites of companies in the Asia-Pacific region. The group, dubbed …
How CISOs navigate policies and access across enterprises
In this Help Net Security interview, Marco Eggerling, Global CISO at Check Point, discusses the challenge of balancing data protection with diverse policies, devices, and …
3 ways to achieve crypto agility in a post-quantum world
Working at the speed of digital business is a constant challenge. But in today’s increasingly automated operational environment, crypto agility—i.e., an organization’s ability …
10 must-read cybersecurity books for 2024
Our list of cybersecurity books has been curated to steer your professional growth in 2024. This selection aims to provide comprehensive information security insights and …
Latio Application Security Tester: Use AI to scan your code
Latio Application Security Tester is an open-source tool that enables the usage of OpenAI to scan code from the CLI for security and health issues. Features and future plans …
Researchers discover exposed API secrets, impacting major tech tokens
Escape’s security research team scanned 189.5 million URLs and found more than 18,000 exposed API secrets. 41% of exposed secrets were highly critical, i.e. could lead to …
How cybersecurity strategies adapt to evolving threats
Cybersecurity strategies are essential components of modern organizations, designed to protect digital assets, sensitive information, and overall business continuity from …