Application Security
Google is sweetening the pot for bug bounty researchers finding and exploiting privilege escalation flaws in the Linux kernel.Over the next three months, Google...
Hi, what are you looking for?
SecurityWeek
Compliance
The devices have been added to the NATO Information Assurance Product Catalogue (NIAPC).
Compliance
TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States.
Compliance
Cyber regulations are where politics meets business – where business becomes subject to political realities.
Compliance
A judge has ruled that the plaintiffs failed to demonstrate intent to defraud investors.
Compliance
Signal says it can provide only a couple of timestamps in response to a grand jury subpoena for user data that it recently received...
Application Security
Minnesota-based IT management and software powerhouse HelpSystems expanded its year-long cybersecurity shopping spree with a new deal to acquire data loss prevention specialists Digital...
Application Security
A highly-critical vulnerability in a popular open-source CI/CD solution can be exploited to hijack sensitive secrets for downstream supply chain attacks, according to a...
Application Security
Google on Wednesday announced the Minimum Viable Secure Product (MVSP) initiative, partnering with some of tech's biggest names to create a vendor-neutral minimum baseline...
Application Security
The United States Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday announced the appointment of Washington Secretary of State Kim Wyman as its Senior...
Application Security
When FireEye (now Mandiant) disclosed the SolarWinds breach in December 2020, the security world was forced to accept the reality that given the motivation,...
Application Security
A new product seeks to solve the two primary security issues that come with moving to the cloud: the danger of accidental misconfigurations and...
Application Security
The open-source Mozilla Foundation says it blocked a series of malicious Firefox add-ons that misused the proxy API that extensions use to proxy web...
Compliance
Snapchat’s corporate parent disclosed Thursday that its ad sales are being hurt by a privacy crackdown that rolled out on Apple’s iPhones earlier this...
Application Security
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) this week published a joint...
Audits
A previously unseen threat actor, likely a nation-state, is targeting various entities in South Asia, with a focus on Afghanistan, according to a warning...
Compliance
Private data sharing solutions provider TripleBlind on Monday announced raising $24 million in an oversubscribed Series A funding round, which brings the total raised...
Application Security
At least 130 ransomware families were active in 2020 and in the first half of 2021, according to a recent data analysis from Google’s...
Audits
The Microsoft Patch Tuesday freight train for October rolled in with fixes for at least 71 security defects in Windows products and components and...
Application Security
At SecurityWeek's 2021 CISO Forum, a high-powered panel of experts discussed specific ways an SBOM can improve supply chain security and where expectations may be overblown. ...
Application Security
Mondoo, a startup that provides security tools for DevOps teams, has raised $15 million in funding ($12 million in a new Series A round,...
Cloud Security
Major cloud services providers last week formally introduced the Trusted Cloud Principles, an initiative aimed at bringing standardization and consistencies across platforms.
Application Security
Private equity giant Symphony Technology Group (STG) this week announced the merger of McAfee Enterprise and the newly acquired FireEye Products into a single...
Application Security
Facebook's security team on Wednesday pulled the curtain on Mariana Trench, an open-source tool that it has been using internally to identify vulnerabilities in...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)