vCISO services thrive, but challenges persist
While 75% of service providers report high customer demand for vCISO functionality, a new Cynomi report reveals that only 21% are actively offering it—opening a window onto a …
North Korean hackers’ social engineering tricks
“North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several …
Vulnerability allows Yubico security keys to be cloned
Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the …
Samba 4.21 comes with upgraded security features
Samba is the standard suite of programs that enables seamless interoperability between Linux/Unix and Windows systems. Version 4.21 has been officially released. Hardening In …
Protecting national interests: Balancing cybersecurity and operational realities
With cyber threats becoming increasingly sophisticated and targeting critical infrastructure, in this Help Net Security interview, David Ferbrache, managing director of Beyond …
OpenBAS: Open-source breach and attack simulation platform
OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations. Compliant with …
Cybersecurity jobs available right now: September 4, 2024
Some of the jobs listed here are no longer accepting applications. For a fresh list of open cybersecurity jobs, go here. Cyber Systems Operations United States Air Force | USA …
Ransomware attacks escalate as critical sectors struggle to keep up
Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly. Recent reports highlight alarming trends, including increased …
Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)
Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute …
Transport for London is dealing with a cyber security incident
Transport for London (TfL) has sent out notifications to customers on Sunday evening saying that they “are currently dealing with an ongoing cyber security …
Managing low-code/no-code security risks
Continuous threat exposure management (CTEM) – a concept introduced by Gartner – monitors cybersecurity threats continuously rather than intermittently. This …
How ransomware tactics are shifting, and what it means for your business
In this Help Net Security interview, Tim West, Director of Threat Intelligence and Outreach at WithSecure, discusses Ransomware-as-a-Service (RaaS) with a focus on how these …
Featured news
Resources
Don't miss
- State-backed phishing attacks targeting military officials and journalists on Signal
- Poland’s energy control systems were breached through exposed VPN access
- CISA orders US federal agencies to replace unsupported edge devices
- Ransomware attackers are exploiting critical SmarterMail vulnerability (CVE-2026-24423)
- February 2026 Patch Tuesday forecast: Lots of OOB love this month