NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure
The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The …
Using AI to reduce false positives in secrets scanners
As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an …
Overcoming the pressures of cybersecurity startup leadership
In this Help Net Security interview, Kunal Agarwal, CEO at Dope Security, offers a look into the CEO’s leadership philosophy, the process of building a high-caliber …
Enterprises’ progress in digital trust implementation is far from great
A growing divide separates leaders with a firm grasp on digital trust from those at the bottom of the pool, according to DigiCert. While digital trust overwhelmingly remains a …
Unmanaged third-party access threatens OT environments
Many industrial organizations lack the resources, expertise, and collaborative processes to effectively mitigate threats and ensure secure access to operational technology …
LockBit leak site is back online
LockBitSupp, the individual running the LockBit ransomware-as-a-service operation, has made good on one promise: the LockBit leak site is back online on backup domains, with …
Pikabot returns with new tricks up its sleeve
After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign. About the Pikabot loader Pikabot is a loader …
ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)
The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of …
Web Check: Open-source intelligence for any website
Web Check offers thorough open-source intelligence and enables users to understand a website’s infrastructure and security posture, equipping them with the knowledge to …
It’s time for security operations to ditch Excel
Security teams are hiding an embarrassing secret from the outside world: despite their position at the vanguard of technology, security risks and threats, their actual war …
CVE count set to rise by 25% in 2024
The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 …
Cybersecurity crisis in schools
Primary school systems handle sensitive data concerning minors, while higher education institutions must safeguard intellectual property data, making them prime targets for …
Featured news
Resources
Don't miss
- Banshee Stealer variant targets Russian-speaking macOS users
- Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)
- GitLab CISO on proactive monitoring and metrics for DevSecOps success
- Sara: Open-source RouterOS security inspector
- Cybersecurity in 2025: Global conflict, grown-up AI, and the wisdom of the crowd