Help Net Security

With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks exploiting the flaw are incoming and possibly already happening. According to the Shadowserver Foundation, there is no lack of possible targets: around 84,000 internet-facing installations – predominantly in Europe, Asia, and North America – are still unpatched. What is Roundcube? Roundcube is a free and open-source web-based email client that’s … More →

The post Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113) appeared first on Help Net Security.

In this Help Net Security interview, Renana Friedlich-Barsky, EVP and CISO at LPL Financial, discusses how threat actors are targeting high-net-worth clients and exploiting digital touchpoints in wealth management. She explains why firms must embed security from the start to protect sensitive assets and ensure seamless, secure client experiences. How are threat actors evolving their tactics to target high-net-worth clients or exploit digital touchpoints in wealth management platforms? Threat actors are becoming more targeted and … More →

The post Balancing cybersecurity and client experience for high-net-worth clients appeared first on Help Net Security.

The threat landscape in the bioeconomy is different from what most CISOs are used to. It includes traditional risks like data breaches, but the consequences are more complex. A compromise of genomic databases, for example, does not just expose personal health data. It can also leak proprietary genetic sequences that represent years of research and investment. These are not just privacy violations; they are breaches that can cripple a business’s future R&D pipeline. One example … More →

The post CISOs, are you ready for cyber threats in biotech? appeared first on Help Net Security.

fiddleitm is an open-source tool built on top of mitmproxy that helps find malicious web traffic. It works by checking HTTP requests and responses for known patterns that might point to malware, phishing, or other threats. fiddleitm features “I created fiddleitm because I needed a replacement for a similar project I ran for years using Fiddler. It needed to be cross platform compatible and highly extensible. This is a web proxy and debugging tool by … More →

The post fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic appeared first on Help Net Security.

Using the MITRE ATT&CK framework as a baseline, organizations are generally improving year-over-year in understanding security information and event management (SIEM) detection coverage and quality, but plenty of room for improvement remains, according to CardinalOps. MITRE ATT&CK enhances SOC visibility Founded in 2013, the framework’s underlying goal remains unchanged–to help defenders align their defenses and prepare to detect and prevent a wide range of tactics, techniques, and procedures (TTPs) observed in real-life attack scenarios. Mapping … More →

The post Enterprise SIEMs miss 79% of known MITRE ATT&CK techniques appeared first on Help Net Security.

In just 12 months, attackers attempted to steal more than $300 million via vendor email compromise (VEC), with 7% of engagements coming from employees who had engaged with a previous attack, according to Abnormal AI. Vendor email compromise risks increase with organization size Employees struggle to differentiate between legitimate messages and attacks, especially when those emails appear to come from a trusted vendor. Employees in the largest organizations, with workforces of 50,000 or more, had … More →

The post Employees repeatedly fall for vendor email compromise attacks appeared first on Help Net Security.

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: June 2025 Patch Tuesday forecast: Second time is the charm? Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout May. Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419) Google has fixed two Chrome vulnerabilities, including a zero-day flaw (CVE-2025-5419) with an in-the-wild exploit. Rethinking governance in a decentralized identity world Decentralized identity (DID) is gaining traction, and … More →

The post Week in review: Google fixes exploited Chrome zero-day, Patch Tuesday forecast appeared first on Help Net Security.

Millions of Internet-of-Things (IoT) devices running the open-source version of the Android operating system are part of the Badbox 2.0 botnet, the FBI has warned. Cyber criminals are using the botnet to perform ad fraud and click fraud. Access to and use of the compromised devices is also offered for sale through residential proxy services, which facilitate malware distribution, DDoS attacks, account takeover attacks, fake account creation, etc. “The Badbox 2.0 threat in particular is … More →

The post Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them? appeared first on Help Net Security.

Approximately 145 darknet and conventional internet domains, along with cryptocurrency funds linked to the BidenCash marketplace, have been seized by the U.S. Attorney’s Office for the Eastern District of Virginia. The operators of the BidenCash marketplace use the platform to simplify the process of buying and selling stolen credit cards and associated personal information. BidenCash seized after $17 million in illicit sales BidenCash commenced operations in March 2022. BidenCash administrators charged a fee for every … More →

The post 145 criminal domains linked to BidenCash Marketplace seized appeared first on Help Net Security.

Microsoft has been busy releasing more out-of-band (OOB) patches than usual throughout May. The May Patch Tuesday release of updates was typical in number of vulnerabilities addressed with 41 in both Windows 10 and 11, and their associated servers. They also did a great job finally fixing most of the reported issues that have been carried out for a while. But it appears something was not quite right, because there were some issues reported from … More →

The post June 2025 Patch Tuesday forecast: Second time is the charm? appeared first on Help Net Security.

Pathlock announced a major expansion of its SAP cybersecurity offerings, introducing a new portfolio of value-driven and easy-to-deploy SAP cybersecurity solutions, including a Free Edition. Designed to deliver maximum value and fast time-to-protection, the launch marks a significant step toward democratizing SAP security for organizations of all sizes. Meeting the urgent need for SAP cybersecurity As SAP ERP continues to serve as the digital core for thousands of enterprises worldwide, the need for easy, effective … More →

The post Pathlock helps organizations protect their SAP environments from development to deployment appeared first on Help Net Security.

Claroty announced new capabilities in its SaaS-based Claroty xDome platform that provide organizations with an impact-centric view of their CPS environment. The new additions, Device Purpose and Risk Benchmarking, allow users to see how the overall risk of an environment is affected by the processes involved in a device’s use – as production lines, building floors, hospital wings, and more – and prioritize risk reduction efforts based on potential impact to business outcomes, while bridging … More →

The post Claroty enhances xDome platform with Device Purpose and Risk Benchmarking capabilities appeared first on Help Net Security.

In this Help Net Security interview, Benny Porat, CEO at Twine Security, discusses applying AI agents to security decisions. He explains why identity and access management (IAM) is the ideal starting point for both augmentation and automation, and shares advice on building trust in AI agents and integrating them into existing workflows.

The post Why IAM should be the starting point for AI-driven cybersecurity appeared first on Help Net Security.

Patient data is often stored or processed outside the country where it was collected. When that happens, the data falls under the laws of the country where it resides. Depending on those laws, local governments may have legal access to that data. For healthcare organizations and CISOs, knowing where data lives and who controls it is key to keeping it safe. The flow of medical data through foreign infrastructure Despite growing national security concerns and … More →

The post Protecting patient data starts with knowing where it’s stored appeared first on Help Net Security.

Ransomware, trojans, and malware delivered through USB devices are putting growing pressure on industrial systems, according to the Honeywell 2025 Cyber Threat Report, which draws on data from monitoring tools deployed across industrial sites around the world. The findings highlight persistent and serious risks to OT environments that keep critical infrastructure running. Findings from the Honeywell Advanced Monitoring and Incident Response (AMIR) service The numbers aren’t great Researchers recorded a 46 percent increase in ransomware … More →

The post Ransomware and USB attacks are hammering OT systems appeared first on Help Net Security.

Ransomware breaches continue to rise even as fewer victims pay, according to a Delinea report. 69% of organizations globally have fallen victim to ransomware, with 27% being hit more than once. While only 57% of organizations paid ransoms, down from 76% in 2024, the frequency and impact of attacks continued to grow as threat actors turned to other tactics like extortion, with 85% of ransomware victims threatened with exposure. Paying the ransom doesn’t always bring … More →

The post AI becomes key player in enterprise ransomware defense appeared first on Help Net Security.

Here’s a look at the most interesting products from the past week, featuring releases from Akamai, AttackIQ, Barracuda Networks, Bitdefender, Fortinet, Malwarebytes, and Varonis. Bitdefender unifies security, risk management, and compliance in a single platform Bitdefender announced GravityZone Compliance Manager, a new addition to its GravityZone platform that helps organizations reduce the burden of compliance and streamline audit readiness. The solution provides real-time visibility, automated remediation, audit-ready reports, and one-click compliance documentation fully integrated with … More →

The post New infosec products of the week: June 6, 2025 appeared first on Help Net Security.

Bitdefender announced GravityZone Compliance Manager, a new addition to its GravityZone platform that helps organizations reduce the burden of compliance and streamline audit readiness. Designed specifically for today’s complex regulatory landscape, the solution provides real-time visibility, automated remediation, audit-ready reports, and one-click compliance documentation fully integrated with Bitdefender endpoint security and risk analytics. “GravityZone Compliance Manager performed well for us during early access. The continuous monitoring and assessment feature reduced our reliance on manual scans, … More →

The post Bitdefender unifies security, risk management, and compliance in a single platform appeared first on Help Net Security.

Dynatrace is accelerating the generational shift in enterprise software development by extending the Dynatrace platform with agentic AI capabilities. Designed to predict and prevent disruptions, protect systems and data, and optimize operations autonomously, these advancements mark a new era of productivity and agility, fundamentally redefining how businesses manage digital transformation. Enterprise organizations are significantly increasing investment in AI to enhance productivity, particularly in software development. Despite these efforts, developers still spend up to 80% of … More →

The post Dynatrace extends platform with agentic AI capabilities appeared first on Help Net Security.

Fortinet has enhanced its data and productivity security portfolio, expanding FortiMail with the launch of the FortiMail Workspace Security suite. These new capabilities extend protection not only to email but also to browser and collaboration security. These advancements, combined with new features in FortiDLP, Fortinet’s data loss prevention (DLP) and insider risk management solution, deliver a unified, AI-powered approach to safeguarding users and sensitive data across today’s dynamic work environments. “Securing user productivity and sensitive data … More →

The post FortiMail Workspace Security expands protection beyond email to web and collaboration tools appeared first on Help Net Security.