19 ways to build zero trust: NIST offers practical implementation guide
The National Institute of Standards and Technology (NIST) has released a new guide that offers practical help for building zero trust architectures (ZTA). The guidance,…
Category: HelpnetSecurity
Researchers warn of ongoing Entra ID account takeover campaign
Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have discovered. “Proofpoint’s research…
LockBit panel data leak shows Chinese orgs among the most targeted
The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a…
Identifying high-risk APIs across thousands of code repositories
In this Help Net Security interview, Joni Klippert, CEO of StackHawk, discusses why API visibility is a major blind spot for security teams, how legacy…
Lemony mitigates privacy and compliance risks associated with cloud-based AI
Lemony announced its on-premise artificial intelligence solution that is redefining how organizations deploy generative AI. Lemony’s secure, hardware-based node offers enterprise-grade ‘AI in a Box,’…
Build a mobile hacking rig with a Pixel and Kali NetHunter
A cybersecurity hobbyist has built a compact, foldable mobile hacking rig that runs Kali NetHunter on a Google Pixel 3 XL. It’s called the NetHunter…
Cybercriminals are turning stolen data into a thriving black market
Cybercriminals are stealing data and running full-scale businesses around it. Europol’s latest Internet Organised Crime Threat Assessment (IOCTA) report reveals how personal data is now…
Want fewer security fires to fight? Start with threat modeling
CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When…
CISOs call for operational threat intelligence integration
98% of CISOs face challenges when using threat intelligence, according to Trellix. The biggest problems are keeping up with changing threats, integration difficulties, and regulatory…
Email security risks healthcare IT can’t afford to ignore
92% of healthcare IT leaders say they’re confident in their ability to prevent email-based data breaches, but according to Paubox, they’re not. Healthcare compliance confidence…
44% of mobile users encounter scams every day
Nearly half of of mobile users encounter mobile scams daily, with people in the US and UK more likely to be targeted than those in…
Infostealer crackdown: Operation Secure takes down 20,000 malicious IPs and domains
More than 20,000 malicious IP addresses and domains used by information-stealing malware were taken down during an international cybercrime crackdown led by INTERPOL. Called Operation…