Help Net Security

Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user install from an official and nominally safe online marketplace can escalate into full remote access. Huntress researchers found that it downloads a previously undocumented Windows remote access trojan (RAT) onto domain-joined machines, which are “typically corporate … More → The post Fake browser crash alerts turn Chrome extension into enterprise backdoor appeared first on Help Net Security.

Law enforcement agencies in Ukraine and Germany have identified two members of a Russian-affiliated ransomware group and carried out searches in western Ukraine. Search (Source: Cyber ​​Police of Ukraine) Investigators also named the alleged organizer, a Russian national, and placed him on an international wanted list through INTERPOL. Foreign law enforcement agencies said the individual may have connections to activity associated with the Conti ransomware operation. Technical roles inside the group According to investigators, the … More → The post Law enforcement tracks ransomware group blamed for massive financial losses appeared first on Help Net Security.

Keepnet launched its Agentic AI for Behavioral Microlearning solution, which moves success metrics from “completion rates” to behavior change and verifiable incident reduction. Agentic AI autonomously plans, creates, delivers, and optimizes training based on real-time risk data, eliminating manual intervention. Organizations using Keepnet’s Agentic AI frameworks have achieved up to a 47% reduction in human-driven incidents within 90 days, giving organizations measurable risk reduction while employees receive short, contextual coaching instead of extra courses. At … More → The post Keepnet bets on agentic AI behavioral training to curb security mistakes appeared first on Help Net Security.

The British Army has announced a new permanent base for its cyber regiment, backed by £279 million in government spending. The plan centres on 13 Signal Regiment, the unit responsible for defending Army networks and supporting cyber operations. The regiment will relocate to Duke of Gloucester Barracks in Gloucestershire, where new facilities will support cyber training, operations, and intelligence work. The site will also host the Army’s Cyber, Information and Security Operations Centre. “We are … More → The post British Army to spend £279 million on permanent cyber regiment base appeared first on Help Net Security.

SEON has unveiled the launch of its AI-powered Identity Verification solution, bringing ID verification, liveness detection and proof of address checks into its unified risk platform. SEON’s solution is built on more than 900 real-time fraud signals, helping organizations assess not just whether an ID is real, but whether the person can be confidently approved based on identity and risk signals. Most identity verification tools focus on validating documents, but lack the risk context needed … More → The post SEON Identity Verification combines KYC checks with real-time fraud intelligence appeared first on Help Net Security.

Cybersecurity is inseparable from geopolitics. Ongoing conflicts, sanctions, trade wars, geoeconomic rivalry, and technological competition have pushed state competition into cyberspace. States use cyber operations to exert pressure on rivals, enabling disruption without resorting to conventional weapons. Infrastructure vulnerabilities in a geopolitical context 72% of IT leaders worry that nation-state cyber capabilities could tip into a full-scale cyberwar, and that critical infrastructure would be hit hardest. Although the cause was not a cyberattack, the large-scale … More → The post Global tensions are pushing cyber activity toward dangerous territory appeared first on Help Net Security.

Rubrik announced Rubrik Security Cloud Sovereign, an offering that gives global organizations control over their data to support national security and operational continuity. Rubrik Security Cloud Sovereign gives customers the ability to maintain control over where data resides and who has access to it as regulations change. “Our customers have been clear about what they need,” said Anneka Gupta, Chief Product Officer at Rubrik. “They want certainty that no foreign entity, whether government or vendor, … More → The post Rubrik introduces Security Cloud Sovereign for data sovereignty and regulatory compliance appeared first on Help Net Security.

AI Strategy and Security is a guide for organizations planning enterprise AI programs. The book targets technology leaders, security professionals, and executives responsible for strategy, governance, and operational execution. It treats AI adoption as an organizational discipline that spans planning, staffing, security engineering, risk management, and ongoing operations. About the author Dr. Donnie W. Wendt is a Lecturer at Columbus State University and a distinguished AI and cybersecurity professional. He is the author of The … More → The post Review: AI Strategy and Security appeared first on Help Net Security.

Bytebase is a DevOps platform for managing database schema and data changes through a structured workflow. It provides a central place for teams to submit change requests, run reviews, and track executions across environments. The open-source edition is designed for organizations that want to run the software on their own infrastructure. Organizing work through change requests Bytebase structures activity around change requests. A request includes SQL statements, the target database, and the environment where the … More → The post Bytebase: Open-source database DevOps tool appeared first on Help Net Security.

The European Telecommunications Standards Institute (ETSI) has released a new European Standard that addresses a growing concern for security teams working with AI. The standard, ETSI EN 304 223, sets baseline cybersecurity requirements for AI models and systems intended for real-world use. Addressing security risks specific to AI ETSI EN 304 223 treats AI as a distinct category of technology from a security perspective. AI systems introduce risks tied to their data pipelines, model behavior, … More → The post A new European standard outlines security requirements for AI appeared first on Help Net Security.