cybersecurity
EU adopts first cybersecurity certification scheme for safer tech
The European Commission adopted the implementing regulation concerning the EU cybersecurity certification scheme on Common Criteria (EUCC). The outcome aligns with the …
Malicious logins from suspicious infrastructure fuel identity-based incidents
69% of identity-based incidents involved malicious logins from suspicious infrastructure, which are hosting providers or proxies that aren’t expected for a user or …
Custom rules in security tools can be a game changer for vulnerability detection
In this Help Net interview, Isaac Evans, CEO at Semgrep, discusses the balance between speed and thoroughness in CI/CD pipeline security scanning. Stressing the need to avoid …
CVEMap: Open-source tool to query, browse and search CVEs
CVEMap is an open-source command-line interface (CLI) tool that allows you to explore Common Vulnerabilities and Exposures (CVEs). It’s designed to offer a streamlined …
Unpacking the challenges of AI cybersecurity
As organizations handle increasing amounts of data daily, AI offers advanced capabilities that would be harder to achieve with traditional methods. In this Help Net Security …
Payment fraud is hitting organizations harder than ever before
96% of US companies were targeted with at least one fraud attempt in the past year, according to Trustpair. 83% of US companies saw an increase in cyber fraud attempts on …
Free ransomware recovery tool White Phoenix now has a web version
White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. It was tested on BlackCat/ALPHV Ransomware, Play …
Does CVSS 4.0 solve the exploitability problem?
The newest version of the vulnerability scoring system CVSS 4.0 is here! After a lengthy gap between version 3 (released in 2015), as of November 2023 version 4.0 is …
Proactive cybersecurity: A strategic approach to cost efficiency and crisis management
In this Help Net Security interview, Stephanie Hagopian, VP of Security at CDW, discusses offensive strategies in the face of complex cyberattacks and the role of the …
Cybercriminals replace familiar tactics to exfiltrate sensitive data
Ransomware attacks are increasing again as cybercriminals’ motivation shifts to data exfiltration, according to Delinea. The familiar tactics of crippling a company and …
Hundreds of network operators’ credentials found circulating in Dark Web
After the recent incident involving Orange España and the leakage of credentials from the RIPE NCC portal, which led to a major outage, the cybersecurity community needs to …
Great security or great UX? Both, please
A new user is signing up for a SaaS application. On the one hand, UX teams want that user to get into the app as quickly as possible. On the other hand, security teams want …
Featured news
Resources
Don't miss
- Commix: Open-source OS command injection exploitation tool
- Review: The Chief AI Officer’s Handbook
- How QR code attacks work and how to protect yourself
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)
- OSPS Baseline: Practical security best practices for open source software projects