Is the remote IT worker you recently hired really who he says he is? Fake IT workers are slipping into companies around the world, gaining access to sensitive data. Recently, more of these schemes have been linked to North Korea.…
Category: Help Net Security
Cybersecurity jobs available right now: May 27, 2025
Application Security Engineer, SDO AppSec Amazon | EMEA | Hybrid – View job details As an Application Security Engineer, SDO AppSec, you will be responsible for creating, updating, and maintaining threat models across a diverse range of software projects. Part…
Why layoffs increase cybersecurity risks
A wave of layoffs has swept through the tech industry, leaving IT teams in a rush to revoke all access those employees may have had. Additionally, 54% of tech hiring managers say their companies are likely to conduct layoffs within…
LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks
LlamaFirewall is a system-level security framework for LLM-powered applications, built with a modular design to support layered, adaptive defense. It is designed to mitigate a wide spectrum of AI agent security risks including jailbreaking and indirect prompt injection, goal hijacking,…
NIST proposes new metric to gauge exploited vulnerabilities
NIST has introduced a new way to estimate which software vulnerabilities have likely been exploited, and it’s calling on the cybersecurity community to help improve and validate the method. The new metric, “Likely Exploited Vulnerabilities” (LEV), aims to close a…
Cyber threats are changing and here’s what you should watch for
In this Help Net Security video, Stefan Tanase, Cyber Intelligence Expert at CSIS, gives an overview of how cybercriminals are changing their tactics, including using legitimate tools to avoid detection and developing more advanced info-stealing malware. Tanase also talks about…
AI forces security leaders to rethink hybrid cloud strategies
Hybrid cloud infrastructure is under mounting strain from the growing influence of AI, according to Gigamon. Cyberthreats grow in scale and sophistication As cyberthreats increase in both scale and sophistication, breach rates have surged to 55% during the past year,…
Week in review: Trojanized KeePass allows ransomware attacks, cyber risks of AI hallucinations
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Trojanized KeePass opens doors for ransomware attackers A suspected initial access broker has been leveraging trojanized versions of the open-source KeePass password manager to set…
Chinese cyber spies are using Ivanti EPMM flaws to breach EU, US organizations
CVE-2025-4427 and CVE-2025-4428 – the two Ivanti Endpoint Manager Mobile (EPMM) vulnerabilities that have been exploited in the wild as zero-days and patched by Ivanti last week – are being leveraged by a Chinese cyber espionage group that has been…
TikTok videos + ClickFix tactic = Malware infection
Malware peddlers are using TikTok videos and the ClickFix tactic to trick users into installing infostealer malware on their computers, Trend Micro researchers have warned. The videos are getting published by a number of TikTok user accounts, seem AI-made, and…