Application Security
Security researchers have spotted signs of the Necro Python botnet targeting a vulnerability in Visual Tools DVR systems to install a Monero miner on...
Hi, what are you looking for?
SecurityWeek
Application Security
Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.
Application Security
Join the live webinar to understand why data in itself is not enough to make informed decisions for prioritization.
Application Security
Active since at least 2023, the hacking group has been targeting the financial, government, IT, logistics, retail, and education sectors.
Application Security
Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to...
Application Security
The Linux Foundation has secured a new $10 million investment that will help expand and support the Open Source Security Foundation (OpenSSF).
Application Security
Technology giants Intel Corp. and VMware joined the Patch Tuesday parade this week, rolling out fixes for security defects that expose users to malicious...
Application Security
Apple Threat Analysis Report Highlights Risks Posed by Sideloading on iOS.
Application Security
At SecurityWeek's 2021 CISO Forum, a high-powered panel of experts discussed specific ways an SBOM can improve supply chain security and where expectations may be overblown. ...
Application Security
Developers of Git GUI client GitKraken have addressed a vulnerability resulting in the generation of weak SSH keys, and they are prompting users to...
Application Security
Engineering company Weir Group has acknowledged it was the victim of a ransomware attack that will likely affect revenue for the third quarter of...
Application Security
Mondoo, a startup that provides security tools for DevOps teams, has raised $15 million in funding ($12 million in a new Series A round,...
Application Security
Threat hunters at ESET are training the spotlight on a previously undocumented UEFI bootkit capable of hijacking the EFI System Partition (ESP) to maintain...
Application Security
Microsec.ai on Tuesday emerged from stealth mode to deliver a Cloud Native Application Protection Platform (CNAPP) solution designed to protect cloud-native applications at runtime.The...
Application Security
Adaptive Shield, an Israeli cybersecurity startup that specializes in software-as-a-service (SaaS) application security, on Tuesday announced the closing of a $30 million Series A...
Application Security
Google last week pledged $1 million in financial support to the Secure Open Source (SOS) rewards program run by the Linux Foundation.The pilot program...
Application Security
Private equity giant Symphony Technology Group (STG) this week announced the merger of McAfee Enterprise and the newly acquired FireEye Products into a single...
Application Security
A threat group is distributing the little-known Sarwent Trojan via a fake website that impersonates Amnesty International and claims to deliver protection against the...
Application Security
Facebook's security team on Wednesday pulled the curtain on Mariana Trench, an open-source tool that it has been using internally to identify vulnerabilities in...
Application Security
Real-time user behavior analysis platform ForMotiv this week announced it has raised $6 million in a third seed funding round. The company has raised...
Application Security
Edge security and content delivery giant Akamai Technologies on Wednesday announced plans to spend $600 million to acquire Guardicore, an Israeli micro-segmentation technology startup.Akamai...
Application Security
Threat hunters at Kaspersky have intercepted a new cyberespionage implant being delivered via targeted DNS hijacking of government zones in Eastern Europe and published...
Application Security
A new ransomware family called Colossus has snagged at least one victim in the United States as of last week, according to security researchers...
Application Security
On its 20th anniversary, the Open Web Application Security Project (OWASP) released the final version of their revised Top 10 list of the most...
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
It’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.
(Etay Maor)
Many security professionals feel pressured to pursue leadership roles, but success can also mean going deeper, not just higher.
(Joshua Goldfarb)
AI is transforming the cybersecurity landscape—empowering attackers with powerful new tools while offering defenders a chance to fight back. But without stronger awareness and strategy, organizations risk falling behind.
(Trevin Edgeworth)
Agentic AI can be a great tool for many of the ‘gray area’ tasks that SOC analysts undertake.
(Marc Solomon)
In the end, cybersecurity isn’t just about collecting data. It’s about proving that your defenses actually work.
(Torsten George)