Application Security
Interpol on Monday announced the arrest of three Nigerians accused on using the Agent Tesla remote access trojan (RAT) in financial scams.
Hi, what are you looking for?
SecurityWeek
Application Security
Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.
Application Security
Join the live webinar to understand why data in itself is not enough to make informed decisions for prioritization.
Application Security
Active since at least 2023, the hacking group has been targeting the financial, government, IT, logistics, retail, and education sectors.
Application Security
Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to...
Application Security
Forgepoint Capital, a venture capital firm focused on cybersecurity investments, is pumping $10 million into an early-stage startup created to provide incident response services...
Application Security
Bug hunters at Microsoft are calling attention to several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps, warning that exploitation...
Application Security
SYN Ventures, a Florida-based venture capital firm placing early-stage bets in cybersecurity startups, has closed a new $300 million fund and announced the addition...
Application Security
Boston, Mass.-based Tidelift, a company on a mission to address open source supply chain “health and security,” has raised $27 million in Series C...
Application Security
WhiteSource Changes Company Name to Mend
Application Security
Enterprise identity protection vendor Semperis has banked $200 million in a new round of funding. SecurityWeek has learned that the latest funding values the...
Application Security
LimaCharlie, a California company supplying tools to run an MSSP or SOC on a pay-as-you-use model, has attracted $5.45 million in seed round financing.
Application Security
Cornami, a company that helps organizations encrypt data to keep it safe from post-quantum threats, this week announced that it has raised $68 million...
Application Security
The Shadowserver Foundation has started scanning the internet for Kubernetes API servers and found roughly 380,000 that allow some form of access.ShadowServer is conducting...
Application Security
Security researchers at NCC Group have created a new tool capable of launching a new type of Bluetooth Low Energy (BLE) relay attack that...
Application Security
The Iran-linked hacking group OilRig was observed using a new backdoor in an attack against a government official within Jordan’s foreign ministry, according to...
Application Security
BalkanID, a startup with ambitious plans to disrupt the Identity Governance and Administration (IGA) space, has banked $5.75 million in seed funding to help...
Application Security
Application security startup StackHawk today announced that it has raised $20.7 million in Series B funding, which brings the total investment in the company...
Application Security
Material Security, a startup jostling for space in the crowded email security market, has banked $100 million in new venture capital funding as investors...
Application Security
Vanity URLs offered by SaaS applications can be spoofed by malicious actors for phishing and social engineering, according to data security and analytics company...
Application Security
Microsoft on Tuesday released critical software updates to fix at least 73 documented security flaws in the Windows ecosystem and warned that unknown attackers...
Application Security
Software maker Adobe on Tuesday shipped patches to cover at least 18 serious security defects in multiple enterprise-facing products and warned that unpatched systems...
Application Security
Platform-as-a-service company Heroku this week shared additional details on an April cyberattack that resulted in unauthorized access to multiple customers’ GitHub repositories.
Application Security
Code hosting platform GitHub on Wednesday said it would make it mandatory for software developers to use at least one form of two-factor authentication (2FA) by...
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
In a rapidly changing AI environment, CISOs are worried about investing in the wrong solution or simply not investing because they can’t decide what the best option is.
(Marc Solomon)
Adopting a layered defense strategy that includes human-centric tools and updating security components.
(Stu Sjouwerman)
A strong AI deployment starts with asking the right questions, mapping your risks, and thinking like an adversary — before it’s too late.
(Matt Honea)
It’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.
(Etay Maor)
Many security professionals feel pressured to pursue leadership roles, but success can also mean going deeper, not just higher.
(Joshua Goldfarb)