Application Security
Head of the U.S. government’s cybersecurity agency Jen Easterly introduced herself to the hacking community Thursday with a pledge to pursue transparent data sharing...
Hi, what are you looking for?
SecurityWeek
Artificial Intelligence
Palo Alto Networks has disclosed the details of its analysis of Google Cloud Platform’s Vertex AI.
Application Security
After validating stolen credentials using TruffleHog, the hacking group started AWS services enumeration and lateral movement activities.
Cloud Security
Phil Venables, former CISO of Google Cloud and now a venture partner at Ballistic Ventures, has joined Native’s board of directors.
Cloud Security
Google has completed its $32 billion acquisition of the cloud security giant, which will maintain its brand.
Application Security
Security engineers at Microsoft plan to rip out a key performance feature from the Edge browser in an experiment to better measure the tradeoffs...
Application Security
Prominent security practitioner Matt Tait kicked off the annual Black Hat security conference Wednesday with a call for platform vendors to make major technology...
Audits
Silicon Valley venture capital firm Advanced Technology Ventures (ATV) this week announced that personal information of some of its private investors was stolen in...
Application Security
New guidance from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) provides information on the steps that...
Application Security
Nearly 40 cybersecurity-related mergers and acquisitions were announced in July 2021.
Application Security
Security researchers at Guardicore Labs are sharing details of a critical vulnerability in Hyper-V that Microsoft patched in May 2021.
Cloud Security
Foxit Software this week released security updates for its PDF Reader and PDF Editor applications, to address multiple vulnerabilities, including some leading to remote...
Application Security
The U.S. government and its allies are pleading with defenders to pay attention to gaping holes in perimeter-type devices, warning that advanced threat actors...
Cloud Security
Using ‘policy as code’ helps the security team to be a cloud highway builder rather than a cloud toll booth operator
Application Security
Google says it paid out more than $29 million in bug bounty rewards for vulnerability reports received over the past 10 years.
Application Security
Apple on Monday released a major security update with fixes for a security defect the company says “may have been actively exploited” to plant...
Application Security
Mozilla has completely removed support for the File Transfer Protocol (FTP) from the latest release of its flagship Firefox web browser.
Application Security
Threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners, according to a warning from security vendor Intezer.
Cloud Security
Google Cloud this week announced new security offerings for its customers, including Autonomic Security Operations to improve security operations centers (SOCs) and Cloud Intrusion...
Application Security
Google Cloud this week announced a new set of services aimed at help federal, state, and local government organizations in the United States to...
Application Security
After years of mostly sitting on the sidelines, Microsoft is starting to be aggressive with cybersecurity acquisitions.The world’s largest software company said Wednesday it...
Cloud Security
Researchers at industrial cybersecurity firm Claroty have identified a series of vulnerabilities that have enabled them to demonstrate how malicious actors could abuse cloud-based...
Application Security
Google announced recently that it has expanded the capabilities of Cloud Armor, a service that provides distributed denial of service (DDoS) protections and a...
Application Security
Microsoft on Monday announced that it secured a court order to take down numerous malicious homoglyph domains that a criminal group registered to impersonate...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
(Joshua Goldfarb)