The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), an initiative under the NIS2 Directive aimed at enhancing digital security across the EU. The database serves as a centralized repository offering aggregated and actionable information…
Tag: Help Net Security
Ransomware spreads faster, not smarter
The fall of two of the most dominant ransomware syndicates, LockBit and AlphV, triggered a power vacuum across the cybercriminal landscape, acccording to a Black Kite survey. In their place, dozens of new actors emerged, many of them lacking the…
Patch Tuesday: Microsoft fixes 5 actively exploited zero-days
On May 2025 Patch Tuesday, Microsoft has released security fixes for 70+ vulnerabilities, among them five actively exploited zero-days and two publicly disclosed (but not exploited) vulnerabilities. The zero-days and the publicly disclosed flaws Among the zero-days patched is a…
Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)
Fortinet has patched a critical vulnerability (CVE-2025-32756) that has been exploited in the wild to compromise FortiVoice phone / conferencing systems, the company’s product security incident response team has revealed on Tuesday. About CVE-2025-32756 CVE-2025-32756 is a stack-based overflow vulnerability…
Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
Attackers have exploited vulnerabilities in open-source libraries to compromise on-prem Ivanti Endpoint Manager Mobile (EPMM) instances of a “very limited” number of customers, Ivanti has confirmed on Tuesday, and urged customers to install a patch as soon as possible. “The…
Lenovo intoduces ThinkShield Solutions to secure organizations with limited IT resources
Lenovo introduced ThinkShield Solutions, security offerings tailored to protect small and medium sized business (SMBs), schools, and other organizations with limited IT resources facing significant risks. The new offering is part of Lenovo ThinkShield’s portfolio of enterprise-grade cybersecurity solutions. Cybercriminals…
Tufin TOS Discovery automates device discovery and onboarding
Tufin launched Tufin Orchestration Suite (TOS) Discovery, a new solution that helps security teams ensure their network topology is always accurate and up-to-date. Maintaining up-to-date network topology is a crucial task – one that enables proper enforcement of security policies…
Product showcase: Go beyond VPNs and Tor with NymVPN
If you care about online privacy, you probably already know: Centralized VPNs and even Tor aren’t enough anymore. Traditional VPNs require you to trust a single company with your internet activity. Even if they promise “no logs,” you’re still handing…
DefectDojo boosts unified vulnerability management
DefectDojo launched risk-based prioritization capabilities for DefectDojo Pro. This new feature enables application and infrastructure security teams to prioritize vulnerabilities based on real-world risk—not just severity scores—using a range of factors including exploitability, reachability, revenue impact, potential compliance penalties, user…
CISOs must speak business to earn executive trust
In this Help Net Security interview, Pritesh Parekh, VP, CISO at PagerDuty talks about how CISOs can change perceptions of their role, build influence across the organization, communicate risk in business terms, and use automation to support business goals. What…