Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been leveraging publicly available PoC exploit code. What can be done? CVE-2025-2825, affecting CrushFTP versions 10.0.0 through…
Tag: Help Net Security
Building a reasonable cyber defense program
If you do business in the United States, especially across state lines, you probably know how difficult it is to comply with U.S. state data privacy laws. The federal government and many U.S. state governments require you to implement “reasonable”…
Stellar Cyber Open Cybersecurity Alliance enhances threat detection and response
Stellar Cyber launched its Open Cybersecurity Alliance based on its award-winning Open XDR platform. This initiative streamlines security operations, improves interoperability, and enhances threat detection and response for enterprises and MSSPs. The new alliance challenges the idea that in order…
ExaGrid announces three models and additional security features in software version update
ExaGrid announced three new models: the EX20, EX81, and EX135 to its line of Tiered Backup Storage appliances, as well as the release of ExaGrid software version 7.2.0. ExaGrid tiered backup storage appliance models ExaGrid’s line of 2U appliances now…
LoftLabs vNode simplifies Kubernetes operations
LoftLabs launched vNode to redefine secure tenant isolation in Kubernetes. By introducing a new layer of virtualization on the node level, vNode ensures workloads remain fully isolated, allowing platform teams to enforce stricter security boundaries while optimizing shared infrastructure. On…
Attackers are probing Palo Alto Networks GlobalProtect portals
Cybersecurity company GreyNoise is warning about a significant increase of scanning activity targeting internet-facing Palo Alto Networks GlobalProtect portals in the last 30 days, and has urged organizations with exposed systems to secure them and look for signs of compromise.…
Why global tensions are a cybersecurity problem for every business
With global tensions climbing, cyber attacks linked to nation-states and their allies are becoming more common, sophisticated, and destructive. For organizations, cybersecurity can’t be treated as separate from world events anymore, they’re closely connected. Conflict between countries is spilling into…
The human side of insider threats: People, pressure, and payback
While cybercriminals are often in the spotlight, one of the most dangerous threats to your company might be hiding in plain sight, within your own team. Employees, contractors, or business partners who have access to sensitive information can use that…
How to build an effective cybersecurity simulation
Most people groan at the prospect of security training. It’s typically delivered through dull online videos or uninspiring exercises that fail to capture real-world urgency. To make a real difference in cyber crisis readiness, personnel need the opportunity to test…
Generative AI Is reshaping financial fraud. Can security keep up?
In this Help Net Security interview, Yinglian Xie, CEO at DataVisor, explains how evolving fraud tactics require adaptive, AI-driven prevention strategies. With fraudsters using generative AI to launch sophisticated attacks, financial institutions must adopt adaptive AI solutions to stay ahead.…