Cybersecurity
Password crisis in healthcare: Meeting and exceeding HIPAA requirements – Help Net Security
In 2025, healthcare organizations are facing a new wave of password security risks. Recent data from the HIMSS Cybersecurity Survey reveals that 74% experienced at least one significant security incident over the last year. More than half of responders (52%) expect their IT budgets to grow in 2025. Notably, 55% of health systems plan to…
Shared secret: EDR killer in the kill chain
In today’s multi-stage attacks, neutralizing endpoint security solutions is a critical step in the process, allowing threat actors to operate undetected. Since 2022, we’ve seen an increase in the sophistication of malware designed to disable EDR systems on an infected system. Some of these tools are developed by ransomware groups. Others are purchased from underground…
Update WinRAR tools now: RomCom and others exploiting zero-day vulnerability
ESET researchers have discovered a previously unknown vulnerability in WinRAR, being exploited in the wild by Russia-aligned group RomCom. This is at least the third time that RomCom has been caught exploiting a significant zero-day vulnerability in the wild. Previous examples include the abuse of CVE-2023-36884 via Microsoft Word in June 2023, and the combined…
⚡ Weekly Recap: NFC Fraud, Curly COMrades, N-able Exploits, Docker Backdoors & More
Aug 18, 2025Ravie LakshmananCybersecurity / Hacking News Power doesn’t just disappear in one big breach. It slips away in the small stuff—a patch that’s missed, a setting that’s wrong, a system no one is watching. Security usually doesn’t fail all at once; it breaks slowly, then suddenly. Staying safe isn’t about knowing everything—it’s about acting…
Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme – Krebs on Security
Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by security controls at these trading platforms that block users from wiring funds directly out of accounts, the phishers have pivoted to using multiple compromised brokerage…
9 hottest IT security certs for higher pay today
With change a constant, IT professionals looking to improve their careers can benefit from the latest insights into employers’ needs. Data from Foote Partners on the skills and certification most in demand today may provide helpful signposts. Analyzing more than 640 certifications as part of its 2Q 2025 “IT Skills Demand and Pay Trends Report,” Foote Partners…
How to write a data classification policy, with template | TechTarget
Organizations churn out vast amounts of data every day. Those without defined data classification processes risk not knowing where their data resides or if it’s properly protected. Let’s examine how to create a data classification policy that ensures data is described, located, secured and complies with domestic and global data protection standards and regulations….
How military leadership prepares veterans for cybersecurity success – Help Net Security
In this Help Net Security interview, Warren O’Driscoll, Head of Security Practice at NTT DATA UK and Ireland, discusses how military leadership training equips veterans with the mindset, resilience, and strategic thinking needed to excel in cybersecurity. Drawing on habits such as disciplined preparation, blunt honesty, and adaptive decision-making, veterans bring a blend of defensive…
August Patch Tuesday includes blasts from the (recent) past
Microsoft on Tuesday announced 109 patches affecting 16 product families. Eighteen of the addressed issues are considered by Microsoft to be of Critical severity, and 31 have a CVSS base score of 8.0 or higher, including a “perfect” 10.0 affecting Azure. None are known to be under active exploit in the wild, though two Windows…
How the always-on generation can level up their cybersecurity game
Digital natives are comfortable with technology, but may be more exposed to online scams and other threats than they think 12 Aug 2025 • , 5 min. read It’s International Youth Day on August 12, a moment to celebrate the contribution of young people to society. A big part of this contribution is digital, according…