Why DNS threats should be on every CISO’s radar in 2025
DNS is once again in the crosshairs of threat actors. According to the 2025 DNS Threat Landscape Report by Infoblox,...
Read more →Category: HelpnetSecurity
Win-DDoS: Attackers can turn public domain controllers into DDoS agents
SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain...
Read more →
WinRAR zero day exploited by RomCom hackers in targeted attacks
ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you...
Read more →
Breaches are up, budgets are too, so why isn’t healthcare safer?
A new report from Resilience outlines a growing cyber crisis in the U.S. healthcare sector, where ransomware attacks, vendor compromise,...
Read more →
Review: From Day Zero to Zero Day
From Day Zero to Zero Day is a practical guide for cybersecurity pros who want to move beyond reading about...
Read more →
Pentesting is now central to CISO strategy
Security leaders are rethinking their approach to cybersecurity as digital supply chains expand and generative AI becomes embedded in critical...
Read more →
Week in review: SonicWall firewalls targeted in ransomware attacks, Black Hat USA 2025
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Black Hat USA 2025Black Hat...
Read more →
August 2025 Patch Tuesday forecast: Try, try, again
July turned into a surprisingly busy month. It started slowly with a fairly ‘calm’ Patch Tuesday as I forecasted in...
Read more →
Fraud controls don’t guarantee consumer trust
Over a third of companies say they are using AI, including generative AI, to fight fraud, according to Experian. As...
Read more →
From fake CAPTCHAs to RATs: Inside 2025’s cyber deception threat trends
Cybercriminals are getting better at lying. That’s the takeaway from a new LevelBlue report, which outlines how attackers are using...
Read more →
New infosec products of the week: August 8, 2025
Here’s a look at the most interesting products from the past week, featuring releases from Black Kite, Descope, Elastic, ExtraHop,...
Read more →
What GPT‑5 means for IT teams, devs, and the future of AI at work
OpenAI has released GPT‑5, the newest version of its large language model. It’s now available to developers and ChatGPT users,...
Read more →