Blog

CISA and partners take action as Microsoft Exchange security risks mount

In partnership with international cybersecurity agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) outlined security best practices for organizations that use on-premises versions of Microsoft Exchange Server. Microsoft Exchange servers are regularly targeted by threat actors, and Microsoft’s release of the final security updates for Exchange Server 2016 and 2019 earlier this month means many organizations will remain vulnerable unless they take steps to mitigate risks. “By restricting … More → The post CISA and partners take action as Microsoft Exchange security risks mount appeared first on Help Net Security.
http://news.poseidon-us.com/TP01pR

AI adoption will trim banking industry costs by up to 20%

The technology’s use will lead to short-term cost reductions for the banking sector, but savings won’t last long, according to McKinsey.
http://news.poseidon-us.com/TNzxHj

ImmuniWeb Continuous now enables always-on, AI-powered security testing

ImmuniWeb has unveiled an upgraded version of ImmuniWeb Continuous, designed for continuous penetration testing and 24/7 automated vulnerability scanning of web applications, APIs, and microservices. The new solution is a perfect fit for organizations that have more than ten web applications residing in various on-premise and cloud environments or being maintained by different teams. With ImmuniWeb Continuous, organizations can now implement an enterprise-wide and uninterrupted security testing, detection and prioritization of vulnerabilities and weaknesses in … More → The post ImmuniWeb Continuous now enables always-on, AI-powered security testing appeared first on Help Net Security.
http://news.poseidon-us.com/TNzsP7

Shadow AI: New ideas emerge to tackle an old problem in new form

Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 IT/security professionals and knowledge workers in the US, UK, Europe, Canada and Singapore, the report shows that over a quarter (27%) of the polled workers use AI-based applications that their employer did not buy or approve, and over a third (37%) follow company AI policies “most of the time”. … More → The post Shadow AI: New ideas emerge to tackle an old problem in new form appeared first on Help Net Security.
http://news.poseidon-us.com/TNzmXT

AI chatbots are sliding toward a privacy crisis

AI chat tools are taking over offices, but at what cost to privacy? People often feel anonymous in chat interfaces and may share personal data without realizing the risks. Cybercriminals see the same opening, and it may only be a matter of time before information shared in an AI chatbot conversation ends up in a major data leak. When workplace tools go unchecked Experts warn that users should stay alert when using platforms such as … More → The post AI chatbots are sliding toward a privacy crisis appeared first on Help Net Security.
http://news.poseidon-us.com/TNzmXR

You can’t audit how AI thinks, but you can audit what it does

In this Help Net Security interview, Wade Bicknell, Head, IT Security & Operations, CFA Institute, discusses how CISOs can use AI while maintaining security and governance. He explains why AI presents both defensive opportunities and emerging risks, and how leadership must balance innovation, control, and accountability in cybersecurity. How should a CISO be thinking about using, or guarding against, AI/ML systems internally (for fraud detection, threat hunting)? It’s a dual-sided challenge. Many emerging companies are … More → The post You can’t audit how AI thinks, but you can audit what it does appeared first on Help Net Security.
http://news.poseidon-us.com/TNzmWd

Passwordless adoption moves from hype to habit

With the average person juggling more than 300 credentials and credential abuse still the top attack vector, the password’s decline is long overdue. Across every major sector, organizations are changing how users log in, and new data shows the shift is picking up speed. The 2025 Dashlane Passkey Power 20 report, based on millions of anonymized web and mobile authentications, tracks which services are leading the move to passkeys worldwide. E-commerce takes the lead Retail … More → The post Passwordless adoption moves from hype to habit appeared first on Help Net Security.
http://news.poseidon-us.com/TNzjT0

The secret to audit success? Think like your auditor

In this Help Net Security video, Doug Kersten, CISO at Appfire, shares practical, experience-driven advice on how CISOs can avoid the most common mistakes when preparing for an audit. He breaks down what often frustrates auditors, why organization and clear communication make such a difference, and how to make your audit process smoother from start to finish. Kersten also explains how to train your teams so they know exactly what to say, what to avoid, … More → The post The secret to audit success? Think like your auditor appeared first on Help Net Security.
http://news.poseidon-us.com/TNzjSy

Infosec products of the month: October 2025

Here’s a look at the most interesting products from the past month, featuring releases from: Acronis, Akeyless, Axoflow, Blumira, Cayosoft, Confluent, Corelight, Elastic, Illumio, Legit Security, Netscout, NowSecure, Nozomi Networks, Palo Alto Networks, Picus Security, Privado, Radiflow, Rubrik, Semperis, TELUS, and ZEST Security. Picus Security uses AI to turn threat intelligence into attack simulations Picus Security launched new AI-powered breach and attack simulation (BAS) capabilities within the Picus Security Validation Platform. This introduces a new … More → The post Infosec products of the month: October 2025 appeared first on Help Net Security.
http://news.poseidon-us.com/TNzjRp