Cloud Security
Cybersecurity firm Bishop Fox has announced the release of CloudFox, an open source tool designed to help find exploitable attack paths in cloud infrastructure.The...
Hi, what are you looking for?
SecurityWeek
Artificial Intelligence
Palo Alto Networks has disclosed the details of its analysis of Google Cloud Platform’s Vertex AI.
Application Security
After validating stolen credentials using TruffleHog, the hacking group started AWS services enumeration and lateral movement activities.
Cloud Security
Phil Venables, former CISO of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board of directors.
Cloud Security
Google has completed its $32 billion acquisition of the cloud security giant, which will maintain its brand.
Application Security
Microsoft on Tuesday warned that its security teams have detected zero-day exploitation of a critical vulnerability in its flagship Windows platform.
Application Security
Software maker Adobe has rolled out security fixes for at least 63 security vulnerabilities in a wide range of widely deployed Windows and macOS...
Application Security
Israeli startup Opus Security has banked $10 million in seed round funding to build technology for cloud security orchestration and remediation.Opus Security said the...
Cloud Security
Cloud data security company Theom has emerged from stealth mode with an oversubscribed $16.4 million seed funding round.
Application Security
Apple’s security response engine revved into high gear Monday with patches for security defects in a wide range of products, including fixes for a...
Cloud Security
Google on Tuesday announced the completion of its $5.4 billion all-cash acquisition of cybersecurity services and threat intelligence firm Mandiant (NASDAQ: MNDT). The deal...
Application Security
Microsoft has published an analysis of the ransomware attacks associated with a subgroup of the Iran-linked advanced persistent threat (APT) actor Phosphorus.
Application Security
Multiple Iranian hacking groups participated in a recent cyberattack targeting the Albanian government, according to new data from Microsoft's security research and response teams.
Application Security
Three U.S. government agencies -- Cybersecurity and Information Security Agency (CISA), the National Security Agency (NSA) and the Office of the Director of National...
Application Security
Managed detection and response (MDR) platform provider Huntress on Thursday announced the closing of a $40 million debt financing round to speed up global...
Cloud Security
Data security firm Open Raven today announced that it has raised $20 million in a Series B funding round that brings the total amount...
Application Security
Forty-one cybersecurity-related M&A deals were announced in August 2022.
Application Security
Cymulate, a late-stage Israeli startup in the breach and attack simulation space, has closed a $70 million Series D funding round led by existing...
Application Security
Networking solutions provider Zyxel has released patches for a critical-severity vulnerability impacting the firmware of multiple network attached storage (NAS) device models.
Application Security
Symantec has discovered hardcoded AWS credentials in more than 1,800 mobile applications and warned of the potential risks associated with poor security practices.While Symantec’s...
Application Security
A group of academic researchers have designed an open source Node.js bug hunting tool that has already identified 180 security vulnerabilities.
Application Security
Atlassian’s security response team has issued an urgent advisory to warn of a critical command injection flaw in its Bitbucket Server and Data Center...
Application Security
Password management software firm LastPass has suffered a data breach that led to the theft of source code and proprietary technical information.
Application Security
BalkanID, a Texas startup building technology in the Identity Governance and Administration (IGA) space, has added $2.3 million to its seed financing round, bringing...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
(Joshua Goldfarb)