News – Help Net Security

Google and its Mandiant threat intelligence unit have released AuraInspector, an open-source tool aimed at auditing data access paths in Salesforce Experience Cloud applications. The tool focuses on the Aura framework, which underpins many Salesforce user interfaces and plays a central role in how data is retrieved and displayed. Focus on Aura endpoints in Experience Cloud AuraInspector is designed to examine how Salesforce Aura endpoints expose data through standard application functions. Experience Cloud sites rely … More → The post AuraInspector: Open-source tool to audit Salesforce Aura access control misconfigurations appeared first on Help Net Security.

Browser-in-the-Browser (BitB) phishing attacks are on the rise, with attackers reviving and refining the technique to bypass user skepticism and traditional security controls. BitB phishing: Dangerous and effective For BitB phishing, attackers create a pop-up window inside a real web page (browser) by using HTML, CSS, and JavaScript. The goal is to trick users into entering login credentials by making them believe they are on a legitimate login page. The technique is being used to … More → The post Browser-in-the-Browser phishing is on the rise: Here’s how to spot it appeared first on Help Net Security.

Canonical has released Minimal Ubuntu Pro images for use on public cloud platforms, aiming to give teams a smaller base image with a narrower software footprint. The solution is designed for organizations that want tighter control over what runs inside production cloud workloads. The image starts with a limited set of packages required to boot, connect, and support common cloud use cases. What Minimal Ubuntu Pro includes Minimal Ubuntu Pro is based on Ubuntu Pro, … More → The post Minimal Ubuntu Pro expands Canonical’s cloud security offerings appeared first on Help Net Security.

Parrot OS is a Debian-based Linux distribution built for cybersecurity work. Security practitioners use it for penetration testing, digital forensics, malware analysis, and privacy-focused research. The operating system bundles security tools, development utilities, and privacy features into a maintained platform used in labs, training environments, and day-to-day testing workflows. Current focus areas for the platform Parrot OS development continues to center on maintaining the core operating system and keeping bundled tools aligned with upstream projects. … More → The post Parrot OS shares its 2026 plans for security tools and platform support appeared first on Help Net Security.

Security teams are dealing with pressures tied to AI use, geopolitical instability, and expanding cybercrime that reach beyond technical controls, according to findings from the World Economic Forum’s Global Cybersecurity Outlook 2026. AI drives risk growth and defensive change Respondents view AI as accelerating change on both the defensive and offensive sides of cybersecurity. New AI driven tools help security teams process alerts, detect phishing, and respond to incidents faster. AI adoption also introduces weaknesses … More → The post Enterprise security faces a three-front war: cybercrime, AI misuse, and supply chains appeared first on Help Net Security.

In this Help Net Security interview, Liad Shnell, CISO and CTO at Rakuten Viber, discusses how messaging platforms have become critical infrastructure during crises and conflicts. He explains how it influences cybersecurity priorities, from encryption and abuse prevention to incident response and user protection. Shnell also outlines how Viber assesses and mitigates risks that blend technical threats with human behavior. Messaging platforms increasingly function as de facto critical infrastructure during crises and conflicts. How does … More → The post Rakuten Viber CISO/CTO on balancing encryption, abuse prevention, and platform resilience appeared first on Help Net Security.

In this Help Net Security video, Bryan Sacks, Field CISO at Myriad360, explains how security leaders can measure cybersecurity in ways that matter to executives and boards. He argues that metrics should support decisions, not exist for reporting alone. The discussion focuses on aligning security work with business priorities, especially those driven by CEOs and boards. Sacks walks through a practical example using AI as a business priority. He explains that once leadership decides to … More → The post Turning cyber metrics into decisions leaders can act on appeared first on Help Net Security.

Cybersecurity students show higher engagement when the work feels tangible. A new study from Airbus Cybersecurity and Dauphine University describes what happens when courses move beyond lectures and place students inside structured hacking scenarios, social engineering exercises, and competitive games. From theory fatigue to hands on pressure Cybersecurity courses often emphasize tools, frameworks, and technical controls. The study highlights that common incidents still involve human behavior. Phishing emails, weak password practices, policy shortcuts, and misplaced … More → The post Teaching cybersecurity by letting students break things appeared first on Help Net Security.

Technology shifts, policy decisions, and attacker behavior are changing at the same time, and their effects increasingly overlap. Insurers, brokers, and security teams are feeling that pressure across underwriting, claims, and risk management. A new global study by CyberCube examines how these changes are expected to influence cyber risk through 2026. AI moves from promise to practice AI remains a top priority across the insurance sector, though adoption still trails ambition. 82% of insurance leaders … More → The post What insurers expect from cyber risk in 2026 appeared first on Help Net Security.

CISO CSIRO | Australia | Remote – View job details As a CISO, you will lead and manage CSIRO’s cyber security strategy and program in alignment with the broader protective security framework. You will establish, maintain, and mature the information security governance framework, including the cyber policy suite, in line with regulatory and compliance requirements. Cyber Defence Specialist – Vulnerability Airbus Protect | France | Hybrid – View job details As a Cyber Defence Specialist … More → The post Cybersecurity jobs available right now: January 13, 2026 appeared first on Help Net Security.