Forward-thinking CISOs are shining a light on shadow IT
In this Help Net Security interview, Curtis Simpson, CISO and Chief Advocacy Officer at Armis, discusses how CISOs can balance security and innovation while managing the risks …
Connected cars drive into a cybersecurity crisis
Technology has entered all areas of life, and our cars are no exception. They have become computers on wheels, equipped with sensors, software, and connectivity that provide …
Benefits from privacy investment are greater than the cost
Cisco released its 2025 Data Privacy Benchmark Study. The report looks at global trends in data privacy and how they affect businesses. The study gathered responses from 2,600 …
Inside the AI-driven threat landscape
In this Help Net Security video, Nick Barter, Chief Strategy Officer at Nothreat, discusses how AI is no longer just a tool for defenders, it’s now a powerful weapon in the …
New infosec products of the week: April 4, 2025
Here’s a look at the most interesting products from the past week, featuring releases from 1touch.io, Bitsight, Bluefin, CyberQP, and Exabeam. Exabeam Nova accelerates threat …
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances …
Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)
CVE-2024-20439, a static credential vulnerability in the Cisco Smart Licensing Utility, is being exploited by attackers in the wild, CISA has confirmed on Monday by adding the …
Phishers are increasingly impersonating electronic toll collection companies
Steam was the most imitated brands by phishers in the first quarter of 2025, followed by Microsoft and Facebook/Meta, Guardio researchers have revealed. “Historically, …
Beware fake AutoCAD, SketchUp sites dropping malware
Malware peddlers are saddling users with the TookPS downloader and the Lapmon and TeviRat backdoors via malicious sites that mimic official ones and ostensibly offer …
7 ways to get C-suite buy-in on that new cybersecurity tool
You’re in the middle of a sprint, juggling deadlines, debugging code, fine-tuning pipelines, and then it happens—you stumble across the perfect cybersecurity tool. It promises …
Building a cybersecurity strategy that survives disruption
Cybersecurity isn’t what it used to be. Attackers are moving quicker, disruptions happen all the time, and many security plans built for more predictable times just can’t keep …
Cybercriminals exfiltrate data in just three days
In 56% of Sophos managed detection and response (MDR) and incident response (IR) cases, attackers gained initial access to networks by exploiting external remote services, …