IoT needs more respect for its consumers, creations, and itself
Yet again, connected devices are in the news for all the wrong reasons. In October, security researchers found that robot vacuums from Chinese company, Ecovacs, can be …
How agentic AI handles the speed and volume of modern threats
In this Help Net Security interview, Lior Div, CEO at Seven AI, discusses the concept of agentic AI and its application in cybersecurity. He explains how it differs from …
99% of CISOs work extra hours every week
The most common challenge for CISOs is resource constraints: not enough staff, budget or technology to support the security program needed or meet compliance requirements, …
Ransomware hits web hosting servers via vulnerable CyberPanel instances
A threat actor – or possibly several – has hit approximately 22,000 vulnerable instances of CyberPanel and encrypted files on the servers running it with the PSAUX …
Product showcase: Shift API security left with StackHawk
With the proliferation of APIs, and the speed at which AI functionality is helping fuel innovation, a strategic approach for securing APIs is no longer a nice to have, it’s a …
Russian hackers deliver malicious RDP configuration files to thousands
Midnight Blizzard – a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) – is targeting government, academia, defense, …
Risk hunting: A proactive approach to cyber threats
Cybersecurity is an overly reactive industry. Too often we act like firefighters, rushing from blaze to blaze, extinguishing flames hoping to keep the damage to a minimum, …
Simplifying decentralized identity systems for everyday use
In this Help Net Security interview, Carla Roncato, VP of Identity at WatchGuard Technologies, discusses how companies can balance privacy, security, and usability in digital …
6 key elements for building a healthcare cybersecurity response plan
Medical practices remain vulnerable to cyberattacks, with over a third unable to cite a cybersecurity incident response plan, according to Software Advice. This gap exposes …
US charges suspected Redline infostealer developer, admin
The identity of a suspected developer and administrator of the Redline malware-as-a-service operation has been revealed: Russian national Maxim Rudometov. Infrastructure …
Phishers reach targets via Eventbrite services
Crooks are leveraging the event management and ticketing website Eventbrite to deliver their phishing emails to potential targets. “Since July, these attacks have …
Patching problems: The “return” of a Windows Themes spoofing vulnerability
Despite two patching attempts, a security issue that may allow attackers to compromise Windows user’s NTLM (authentication) credentials via a malicious Windows themes …