Cloud Security
Israel-based startup Eureka on Wednesday announced emerging from stealth mode with a cloud data security posture management platform and $8 million in seed funding.
Hi, what are you looking for?
SecurityWeek
Artificial Intelligence
Palo Alto Networks has disclosed the details of its analysis of Google Cloud Platform’s Vertex AI.
Application Security
After validating stolen credentials using TruffleHog, the hacking group started AWS services enumeration and lateral movement activities.
Cloud Security
Phil Venables, former CISO of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board of directors.
Cloud Security
Google has completed its $32 billion acquisition of the cloud security giant, which will maintain its brand.
Application Security
Microsoft’s first batch of patches for 2022 is a big one: 97 documented security flaws in the Windows ecosystem, some serious enough to cause...
Cloud Security
Research shows the “Great Resignation” phenomenon is accompanied by a “Great Exfiltration” as people leave their jobs and take company data with them
Application Security
Celebrated cryptographer Moxie Marlinspike is stepping down as chief executive at Signal, temporarily turning the reins of the popular encrypted messaging platform to WhatsApp...
Application Security
The Apache Software Foundation (ASF) is calling out for-profit companies leeching on open-source code, warning that “only a tiny percentage” of downstream vendors are...
Application Security
Threat hunters in the U.K.’s National Health Service have raised an alarm for an unknown threat actor hitting vulnerable VMWare Horizon servers with exploits...
Application Security
The aggressive Zloader banking malware campaign is exploiting Microsoft’s digital signature verification method to inject code into a signed system DLL, according to researchers...
Application Security
VMware this week shipped security updates for its Workstation, Fusion and ESXi product lines, warning that a heap-overflow vulnerability could expose users to code...
Application Security
With eyes firmly set on the booming attack surface management space, threat intel powerhouse Recorded Future is shelling out $65 million to purchase SecurityTrails,...
Application Security
Enterprise anti-bot and fraud detection startup HUMAN Security has closed a new $100 million funding round and announced plans to expand into new product...
Application Security
Google has expanded its push into the lucrative cybersecurity business with a new deal to acquire Siemplify, a late-state Israeli startup selling SOAR (security...
Cloud Security
More than 100 real estate websites belonging to the same parent company were injected with web skimmer code via an unnamed cloud video platform.Increasingly...
Application Security
Hospitality chain McMenamins has confirmed that employee information dating back to January 1998 was compromised in a recent data extortion ransomware attack.
Application Security
Anti-malware giant CrowdStrike says it is using telemetry from Intel processors to help detect and thwart sophisticated software exploits that bypass traditional OS-based defenses.
Cloud Security
If not addressed in design and deployment, the risks with microservices can multiply since any application could be composed of hundreds of microservices
Application Security
Users of the popular LastPass password manager are being targeted in so-called “credential stuffing” attacks that use email addresses and passwords obtained from third-party...
Application Security
Security researchers at Check Point are publicly documenting the Equation Group APT's DoubleFeature, a component of DanderSpritz post-exploitation framework.
Application Security
Gabriel Weinberg’s DuckDuckGo is taking aim at the desktop browser market, betting that default privacy-centric settings will provide safer alternatives to Google’s Chrome and...
Application Security
The Apache Software Foundation has released a new version of its flagship web server to patch a pair of security defects, one serious enough...
Application Security
A large-scale, long-term phishing experiment conducted in a 56,000-employee organization has come to a startling conclusion: Those simulated phishing tests commonly seen in corporate...
Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.
RegisterExplore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks.
RegisterExpert Insights
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
(Joshua Goldfarb)
The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose.
(Steve Durbin)