Application Security
Security researchers at Claroty have raised the alarm for a series of severe code execution vulnerabilities affecting virtual private network (VPN) solutions relying on...
Hi, what are you looking for?
SecurityWeek
Artificial Intelligence
Palo Alto Networks has disclosed the details of its analysis of Google Cloud Platform’s Vertex AI.
Application Security
After validating stolen credentials using TruffleHog, the hacking group started AWS services enumeration and lateral movement activities.
Cloud Security
Phil Venables, former CISO of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board of directors.
Cloud Security
Google has completed its $32 billion acquisition of the cloud security giant, which will maintain its brand.
Application Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Coast Guard Cyber Command (CGCYBER) have shared new...
Application Security
Domain registrar and web hosting giant GoDaddy has been hacked and customer data for some 1.2 million WordPress users were exposed to the attacker...
Application Security
Danish wind turbine giant Vestas Wind Systems has been hit by what appears to be a ransomware attack that took out parts of its...
Application Security
A new Android banking trojan has been found, targeting international banks from the United Kingdom and Italy (including in the U.S.). and five different...
Application Security
Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking...
Cloud Security
Microsoft on Wednesday informed customers about a recently patched information disclosure vulnerability affecting Azure Active Directory (AD).
Application Security
Public cloud data protection provider Laminar on Wednesday emerged from stealth with $32 million in Series A funding. To date, the startup has raised...
Application Security
Google this week announced the availability of Chrome 96 in the stable channel with fixes for 25 security flaws, including 18 bugs reported by...
Audits
The Belarusian government is at least partially responsible for the Ghostwriter disinformation campaign, according to security researchers at the Mandiant Threat Intelligence team.
Application Security
A group of security researchers devised a new attack that completely bypasses the existing mitigations against the Rowhammer vulnerability in dynamic random-access memory (DRAM)...
Audits
Microsoft-owned GitHub is again flagging major security problems in the npm registry, warning that a pair of newly discovered vulnerabilities continue to expose the...
Application Security
Microsoft says it has observed an increase in the use of HTML smuggling in malicious attacks distributing remote access Trojans (RATs), banking malware, and...
Application Security
Web security services provider Cloudflare says it mitigated a distributed denial-of-service (DDoS) attack that peaked at almost 2 terabytes per second (Tbps).
Application Security
Chipmakers Intel and AMD this week released patches for multiple security vulnerabilities in a wide range of product lines, including fixes for a series...
Application Security
A newly discovered Golang-based malware is using over 30 exploits in attacks, potentially putting millions of routers and Internet of Things (IoT) at risk...
Application Security
Video messaging technology giant Zoom has shipped patches for high-severity vulnerabilities that expose enterprise users to remote code execution and command injection attacks.
Application Security
United States Vice President Kamala Harris on Wednesday formally announced support for the Paris Call for Trust and Security in Cyberspace, an international collaborative...
Application Security
Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.
RegisterExplore how attackers are using AI to scale threats and how security teams can respond with AI-driven defenses. Protecting against unmonitored use of generative AI (Shadow AI) in business units and building and enforcing AI governance frameworks.
RegisterExpert Insights
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
(Joshua Goldfarb)
The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose.
(Steve Durbin)