Collaborate Disseminate
It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers in the aerospace industry by impersonating job recruiters on the popular emp… Continue reading Aerospace employees targeted with malicious “dream job” offers
In this Help Net Security interview, Daniel Schwalbe, CISO at DomainTools, discusses the intensifying regulatory demands that have reshaped CISO accountability and daily decision-making. He outlines the skill sets future CISOs need, their key prioritie… Continue reading CISOs in 2025: Balancing security, compliance, and accountability
AI can expose your work secrets. The same goes for AI-generated content, which has revolutionized workplace productivity but comes with hidden risks. As more employees use AI models to streamline tasks—whether drafting reports, building code, or design… Continue reading Cyber professionals face an IP loss reckoning in 2025
Whether you’re looking to enhance your existing cybersecurity skills or just beginning your journey in the field, cybersecurity offers a wide range of career opportunities. If you’re considering a career shift, exploring new job opportunities, or aimin… Continue reading Tips for a successful cybersecurity job interview
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers. The exploited vulnerabilities (… Continue reading Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
If you’re wondering whether your personal and financial data has been compromised in the massive Hot Topic breach, you can use two separate online tools to check: Have I Been Pwned? or DataBreach.com. Which data was compromised? News of a potenti… Continue reading Hot Topic breach: Has your credit card info been compromised?
A threat actor who goes by the online moniker “Nam3L3ss” has leaked employee data belonging to a number of corporations – including Amazon, 3M, HSBC and HP – ostensibly compromised during the May 2023 MOVEit hack by the Cl0p ran… Continue reading Massive troves of Amazon, HSBC employee data leaked
It’s easy to see why identity security is often synonymous with user security. Social engineering tactics are the mainstay of the threat actor’s arsenal, and it’s rare to find an attack that doesn’t feature them to some degree. Getting hold of privileg… Continue reading The changing face of identity security
In this Help Net Security interview, Chris Wysopal, Chief Security Evangelist at Veracode, discusses strategies for CISOs to quantify application risk in financial terms. Wysopal outlines the need for continuous risk management practices and robust str… Continue reading Evaluating your organization’s application risk management journey
Powerpipe is an open-source solution designed to streamline DevOps management with powerful visualization and compliance tools, making it simple to track, assess, and act on key data for smarter decision-making and continuous compliance monitoring. Dyn… Continue reading Powerpipe: Open-source dashboards for DevOps