Collaborate Disseminate
It’s often the case that the simplest tools have the longest staying power, because they ultimately get the job done. Take duct tape, for example: it’s a sturdy household classic that wasn’t invented to be elegant or high tech. It was made to work whet… Continue reading Why stolen credentials remain cybercriminals’ tool of choice
Credentials, not firewalls, are now the front line of enterprise security. Attackers are bypassing traditional defenses using stolen passwords, infostealer malware, and MFA fatigue tactics. Enzoic’s Beyond Passwords guide shows how to shift to identity… Continue reading Beyond Passwords: A Guide to Advanced Enterprise Security Protection
We have reached a stage where ransomware isn’t simply a cybercrime issue: it is now clearly a business disruptor, a threat to societal trust, and increasingly, a national security crisis. As James Babbage, Director General (Threats) at the UK’s Nationa… Continue reading Ransomware will thrive until we change our strategy
Third-party involvement in data breaches has doubled this year from 15 percent to nearly 30 percent. In response, many organizations have sharpened their focus on third-party risk management, carefully vetting the security practices of their vendors. H… Continue reading Your supply chain security strategy might be missing the biggest risk
In this Help Net Security video, Thomas Berndorfer, CEO of Connecting Software, explores cutting-edge technologies designed to detect and prevent document forgery and digital fraud. He presents four key approaches to verifying document authenticity: ID… Continue reading How to fight document fraud with the latest tech tools
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft pins on-prem SharePoint attacks on Chinese threat actors As Microsoft continues to update its customer guidance for protecting on-prem SharePoin… Continue reading Week in review: Microsoft SharePoint servers under attack, landing your first cybersecurity job
It’s been six months since the EU’s Digital Operational Resilience Act (DORA) came into effect, but a new Censuswide survey shows that nearly all financial services organizations in EMEA still feel unprepared. An overwhelming 96% of respondents said th… Continue reading Six months into DORA, most financial firms are still not ready
Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises with mature security teams, and are especially dangerous because they can be ex… Continue reading Autoswagger: Open-source tool to expose hidden API authorization flaws
Application-layer attacks have become one of the most common and consequential methods adversaries use to gain access and compromise organizations, according to Contrast Security. These attacks target the custom code, APIs, and logic that power applica… Continue reading Your app is under attack every 3 minutes
The Identity Theft Resource Center (ITRC) reports 1,732 publicly disclosed data breaches in H1 2025, marking a 5% increase over the same period in 2024. The ITRC could track a record number of compromises in 2025 if the current data breach trend contin… Continue reading Most data breaches have unknown causes as transparency continues to fall