Application Security
Google and Mandiant separately called attention to a dramatic surge in the discovery of in-the-wild zero-day attacks and warned that nation-state APT actors, ransomware...
Hi, what are you looking for?
SecurityWeek
Artificial Intelligence
Palo Alto Networks has disclosed the details of its analysis of Google Cloud Platform’s Vertex AI.
Application Security
After validating stolen credentials using TruffleHog, the hacking group started AWS services enumeration and lateral movement activities.
Cloud Security
Phil Venables, former CISO of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board of directors.
Cloud Security
Google has completed its $32 billion acquisition of the cloud security giant, which will maintain its brand.
Cloud Security
The United States is working on guidance and legislation that show the government is placing increasing importance on cloud security.
Application Security
Identity and access management tech firm Okta says it has concluded an investigation into the embarrassing Lapsus$ hacking incident and has severed ties with...
Application Security
An Israeli startup has raised early-stage funding to build technology to help cybersecurity teams measure, track and simplify security program operations.
Application Security
Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.
Application Security
Security researchers have found fresh evidence linking a pair of mercenary Israeli hacking companies to mobile malware attacks on members of Catalan civil society.
Application Security
Cisco's enterprise-facing Webex video conferencing and messaging utility monitors the microphone at all times, even when the user's microphone is muted in the software,...
Application Security
The Federal Bureau of Investigation (FBI) has issued an alert on a new phishing scheme aimed at tricking victims into making money transfers to...
Application Security
GitHub has sounded the alarm on a cyberattack that resulted in the private repositories of dozens of organizations being downloaded by an unauthorized party...
Application Security
Threat hunters at Symantec have spotted signs that North Korea’s Lazarus APT group is targeting companies in the chemical sector in an ongoing cyberespionage...
Application Security
The U.S. government says the recent $600 million Ronin Validator cryptocurrency heist was conducted by Lazarus Group, the notorious hacking outfit linked to the...
Application Security
Cloud computing and virtualization technology firm VMWare on Thursday rolled out patches for an extremely critical security flaw in the VMWare Cloud Director product,...
Audits
Cloud data security startup DoControl has closed a $30 million Series B funding round that brings the total raised by the company to $43...
Application Security
Less than a week after patching critical security defects affecting multiple enterprise-facing products, VMware is warning that one of the flaws is being exploited...
Application Security
Microsoft has disrupted the operation of one of the most notorious cybercrime botnets and named a Crimean hacker as an alleged perpetrator behind the...
Application Security
Microsoft on Tuesday issued a warning for an in-the-wild zero-day attack hitting Windows users and raised eyebrows when it credited the U.S. government National...
Application Security
Adobe's security update engine revved into overdrive this month with the release of patches for at least 78 documented software vulnerabilities, some serious enough...
Application Security
OpenSSH has joined the high-stakes fight to protect data from quantum computers.The latest version of the widely used encryption and connectivity tool has been...
Application Security
Scope Security has announced the sudden passing of its founder and CEO Mike Murray, a longtime practitioner and executive who was deeply embedded in...
Application Security
Private equity firm Thoma Bravo's deep push into the cybersecurity market continued Monday with the announcement of plans to spend $6.9 billion to acquire...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
(Joshua Goldfarb)