research
Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits
GitGuardian scanned 1.027 billion new GitHub commits in 2022 (+20% compared to 2021) and found 10,000,000 secrets occurrences (+67% compared to 2022). What is interesting …
Vulnerability in DJI drones may reveal pilot’s location
Serious security vulnerabilities have been identified in multiple DJI drones. These weaknesses had the potential to allow users to modify crucial drone identification details …
BlackLotus UEFI bootkit disables Windows security mechanisms
ESET researchers have published the first analysis of a UEFI bootkit capable of circumventing UEFI Secure Boot, a critical platform security feature. The functionality of the …
Moving target defense must keep cyber attackers guessing
A cybersecurity technique that shuffles network addresses like a blackjack dealer shuffles playing cards could effectively befuddle hackers gambling for control of a military …
Vulnerabilities open Korenix JetWave industrial networking devices to attack
Three vulnerabilities found in a variety of Korenix JetWave industrial access points and LTE cellular gateways may allow attackers to either disrupt their operation or to use …
ICS vulnerabilities: Insights from advisories, how CVEs are reported
SynSaber recently released its second Industrial Control Systems (ICS) Vulnerabilities & CVEs Report. In this Help Net Security video, Ronnie Fabela, CTO at SynSaber, …
6 oversights that enable data breaches
Personal employee or customer data accounted for nearly 45% of all data stolen between July 2021 and June 2022, while companies’ source code and proprietary information …
UID smuggling: A new technique for tracking users online
Advertisers and web trackers have been able to aggregate users’ information across all of the websites they visit for decades, primarily by placing third-party cookies in …
What happens once scammers receive funds from their victims
In this Help Net Security video, Ronnie Tokazowski, Principal Threat Advisor at Cofense, offers insight into the world’s most lucrative cybercrime – business email …
Cybercriminals are scamming each other, tipping off law enforcement
Cybercriminals are scamming each other out of millions of dollars and use arbitration to settle disputes about the scams, according to Sophos. For this report, Sophos experts …
How compliance leaders can encourage employees to report misconduct
As Chief Compliance Officers (CCOs) continue to face challenges in restoring employee misconduct reporting to pre-pandemic levels, there are three strategies they should …
The psychological fallout of a ransomware crisis
Northwave has conducted scientific research into the psychological fallout of a ransomware crisis on both organizations and individuals. The findings reveal the deep marks …
Featured news
Resources
Don't miss
- Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
- Android financial threats: What businesses need to know to protect themselves and their customers
- Post-quantum cryptography and the future of online safety
- How to manage and protect your biometric data
- UK NCSC offers security guidance for domain and DNS registrars