Application Security
Networking solutions provider Zyxel has released patches for a critical-severity vulnerability impacting the firmware of multiple network attached storage (NAS) device models.
Hi, what are you looking for?
SecurityWeek
Artificial Intelligence
Maze and its investors are betting on finding profits in software that uses AI-powered agents to automate critical parts of the process.
Application Security
Security researchers uncover critical flaws and widespread misconfigurations in Salesforce’s industry-specific CRM solutions.
Application Security
Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to...
Cloud Security
As cloud security spending surges to $111 billion, new data highlights Microsoft's dominance, the U.S. market's outsized role, and Google's strategic acquisition of Wiz.
Application Security
Symantec has discovered hardcoded AWS credentials in more than 1,800 mobile applications and warned of the potential risks associated with poor security practices.While Symantec’s...
Application Security
A group of academic researchers have designed an open source Node.js bug hunting tool that has already identified 180 security vulnerabilities.
Application Security
Atlassian’s security response team has issued an urgent advisory to warn of a critical command injection flaw in its Bitbucket Server and Data Center...
Application Security
Password management software firm LastPass has suffered a data breach that led to the theft of source code and proprietary technical information.
Application Security
BalkanID, a Texas startup building technology in the Identity Governance and Administration (IGA) space, has added $2.3 million to its seed financing round, bringing...
Cloud Security
The attacks disclosed recently by Twilio and Cloudflare were part of a massive phishing campaign that targeted at least 130 other organizations, according to...
Application Security
Popular streaming media platform Plex is scrambling to reset user passwords after a database hack that included the theft of emails, usernames, and encrypted...
Application Security
Virtualization technology software giant VMware on Tuesday released patches to fix an important-severity security flaw in the VMware Tools suite of utilities.The vulnerability, tracked...
Application Security
Remote code execution vulnerability fixed in GitLab Community Edition (CE) and Enterprise Edition (EE) updates.
Application Security
Healthcare services provider Novant Health has sent notifications to more than 1.3 million individuals that their protected health information (PHI) might have been inadvertently...
Application Security
The Federal Bureau of Investigation (FBI) has raised an alarm for cybercriminals using proxies and configurations to hide and automate credential stuffing attacks against...
Application Security
TXOne Networks, a joint venture between cybersecurity firm Trend Micro and industrial networking solutions provider Moxa, has banked $70 million in new venture capital...
Application Security
Apple on Wednesday rolled out emergency patches for a pair of already exploited zero-day vulnerabilities in its flagship macOS and iOS platforms.Apple confirmed in-the-wild...
Application Security
Trend Micro’s Zero Day Initiative, a major player in the vulnerability disclosure ecosystem, is ramping up the pressure on software vendors that consistently ship...
Application Security
Microsoft on Monday announced another major disruption of an APT actor believed to be linked to the Russian government, cutting off access to accounts...
Cloud Security
Google is once again boosting the maximum bounty payouts for Linux vulnerabilities reported as part of its open-source Kubernetes-based capture-the-flag (CTF) vulnerability rewards program...
Application Security
Hundreds of companies and organizations showcased their products and services this week at the 2022 edition of the Black Hat conference in Las Vegas.
Cloud Security
The threat actor that recently breached Twilio systems also targeted Cloudflare, and a few of the web security company’s employees fell for the phishing...
Cloud Security
IBM on Monday announced patches for multiple high-severity vulnerabilities impacting products such as Netezza for Cloud Pak for Data, Voice Gateway, and SiteProtector.
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
It’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.
(Etay Maor)
Many security professionals feel pressured to pursue leadership roles, but success can also mean going deeper, not just higher.
(Joshua Goldfarb)
AI is transforming the cybersecurity landscape—empowering attackers with powerful new tools while offering defenders a chance to fight back. But without stronger awareness and strategy, organizations risk falling behind.
(Trevin Edgeworth)
Agentic AI can be a great tool for many of the ‘gray area’ tasks that SOC analysts undertake.
(Marc Solomon)
In the end, cybersecurity isn’t just about collecting data. It’s about proving that your defenses actually work.
(Torsten George)