Collaborate Disseminate
When employees stop falling for phishing emails, it is rarely luck. A new study shows that steady, mandatory phishing training can cut risky behavior over time. After one year of continuous simulations and follow-up lessons, employees were half as like… Continue reading What keeps phishing training from fading over time
When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into leaking data or generating harmful content? That question is driving a wave of rese… Continue reading OpenGuardrails: A new open-source model aims to make AI safer for real-world use
Keeping older software versions secure often means backporting patches from newer releases. It is a routine but tedious job, especially for large open-source projects such as the Linux kernel. A new research effort has built a tool that uses a large la… Continue reading PortGPT: How researchers taught an AI to backport security patches automatically
In this Help Net Security interview, Dilek Çilingir, Global Forensic & Integrity Services Leader at EY, discusses how AI is transforming third-party assessments and due diligence. She explains how machine learning and behavioral analytics help org… Continue reading AI can flag the risk, but only humans can close the loop
In this Help Net Security interview, Dr. Bernhards Blumbergs, Lead Cyber Security Expert at CERT.LV, discusses how cyberspace has become an integral part of national and military operations. He explains how countries develop capabilities to act and def… Continue reading How nations build and defend their cyberspace capabilities
Static credentials have been a weak point in cloud security for years. A new paper by researchers from SentinelOne takes direct aim at that issue with a practical model for authenticating workloads without long-lived secrets. Instead of relying on stat… Continue reading A new way to think about zero trust for workloads
Heisenberg is an open-source tool that checks the health of a software supply chain. It analyzes dependencies using data from deps.dev, Software Bills of Materials (SBOMs), and external advisories to measure package health, detect risks, and generate r… Continue reading Heisenberg: Open-source software supply chain health check tool
In this Help Net Security interview, Arun Singh, CISO at Tyro, discusses what it takes to secure real-time payments without slowing them down. He explains how analytics, authentication, and better industry cooperation can help stay ahead of fraud. Sing… Continue reading Securing real-time payments without slowing them down
In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and governance. He explains why AI presents both defensive opportunities and emerging risk… Continue reading You can’t audit how AI thinks, but you can audit what it does
Even with strong wireless encryption, privacy in connected homes may be thinner than expected. A new study from Leipzig University shows that someone in an adjacent apartment could learn personal details about a household without breaking any encryptio… Continue reading How neighbors could spy on smart homes