Cloud Security
Researchers document the Wiki-Slack attack, a new technique that uses modified Wikipedia pages to target end users on Slack.
Hi, what are you looking for?
SecurityWeek
Cloud Security
VMware patches flaws that expose users to data leakage, command execution and denial-of-service attacks. No temporary workarounds available.
Cloud Security
Orca positioned the deal as an expansion of its capabilities into the realm of AI-based autonomous remediation and prevention.
Cloud Security
Misconfigured Apache Pinot instances can and have enabled threat actors to gain access to sensitive information.
Cloud Security
San Francisco identity security play Veza closes a Series D fund round led by New Enterprise Associates (NEA).
Cloud Security
Amazon is rolling out an independent cloud for Europe as it looks to address strict regulations that companies and those in the public sector...
Application Security
Michigan startup raises $75 million in new funding as venture capital investors bet big on attack surface management technologies.
Cloud Security
VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.
Cloud Security
Since 2020, Island has raised a total of $325 million to help protect corporate data flowing through SaaS and internal web applications.
Cloud Security
Cisco warns that unauthenticated, remote attackers can log into devices using root account, which has default, static credentials that cannot be changed or deleted.
Cloud Security
GitHub beefs up its secret scanning feature, now allowing users to check the validity of exposed credentials for major cloud services.
Cloud Security
The widely believed notion that the network and the cloud are two different and distinct entities is not true.
Cloud Security
AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm.
Cloud Security
Sysdig enhanced its existing CNAPP offering with a cloud attack graph, risk prioritization, attack path analysis, a searchable inventory, and complete agentless scanning.
Cloud Security
Israeli security startup Gem Security has raised a total of $34 million to tackle cloud threat detection and incident response.
Cloud Security
Intel announces general availability of attestation service that is part of Trust Authority, a new portfolio of security software and services.
Application Security
The cash-and-stock transaction provides capabilities for CrowdStrike to beef up its enterprise cloud security portfolio.
Artificial Intelligence
Exposed data includes backup of employees workstations, secrets, private keys, passwords, and over 30,000 internal Microsoft Teams messages.
Cloud Security
A high-severity vulnerability can be exploited to execute code remotely on any Windows endpoint within a Kubernetes cluster.
Cloud Security
Orca Security details eight XSS vulnerabilities in Azure HDInsight that could lead to information leaks, session hijacking, and payload delivery.
Cloud Security
Maryland startup scores $8.5 million in seed-stage funding to compete in the Identity Threat Detection and Response (ITDR) category.
Artificial Intelligence
The US Department of Energy gives $39 million in funding for nine projects to advance the cybersecurity of distributed energy resources.
Cloud Security
The next time you see CNAPP, CASB, WAAS, CSPM or many of the other phrases, it will be helpful to take a deep breath...
Cloud Security
Microsoft reveals how a crash dump from 2021 inadvertently exposed a key that Chinese cyberspies later leveraged to hack US government emails.
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
In the end, cybersecurity isn’t just about collecting data. It’s about proving that your defenses actually work.
(Torsten George)
Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.
(Stu Sjouwerman)
Trying to block AI tools outright is a losing strategy. SaaS and AI are increasingly inseparable, and AI isn’t limited to tools like ChatGPT or Copilot anymore.
(Alastair Paterson)
CTI, digital brand protection and other cyber risk initiatives shouldn’t only be utilized by security and cyber teams.
(Marc Solomon)
Sightline Security’s founder explains why nonprofits need cybersecurity solutions tailored to their unique missions — and why vendors need to listen.
(Jennifer Leggio)