Compliance
The U.S. Department of Homeland Security has published the National Cyber Incident Response Plan (NCIRP), which aims to describe the government’s approach in dealing...
Hi, what are you looking for?
SecurityWeek
Compliance
The devices have been added to the NATO Information Assurance Product Catalogue (NIAPC).
Compliance
TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States.
Compliance
Cyber regulations are where politics meets business – where business becomes subject to political realities.
Compliance
A judge has ruled that the plaintiffs failed to demonstrate intent to defraud investors.
Compliance
GoDaddy informed customers this week that it has revoked nearly 9,000 SSL certificates after discovering a software bug that made its domain validation process...
Compliance
Connectivity solutions provider D-Link Systems has retained the Cause of Action Institute to help it fight against the “unwarranted and baseless” charges brought by...
Compliance
The U.S. Federal Trade Commission (FTC) has filed a lawsuit against Taiwan-based networking equipment provider D-Link, accusing the company of making deceptive claims about...
Compliance
New York State Department of Financial Services (DFS) has published its revised proposal for what it calls a 'first-in-the-nation cybersecurity regulation' for New York...
Compliance
The U.S. Food and Drug Administration (FDA) has released guidance on the postmarket management of cybersecurity for medical devices, encouraging manufacturers to implement security...
Application Security
Apple informed iOS developers this week that it has decided to give them more time to ensure that their applications communicate over a secure...
Compliance
On November 1, 2016, the latest version of the Payment Card Industry Data Security Standard (PCI DSS 3.2) took effect. The PCI DSS 3.2...
Cloud Security
On average, an enterprise now uses 1,427 cloud services. Seventy-one percent of these are enterprise services, with the remainder being consumer services. The average...
Compliance
Attorneys general in over a dozen U.S. states announced on Thursday that they reached a $1 million settlement with Adobe Systems over the massive...
Compliance
Google announced on Monday that it has decided to distrust certificates from WoSign and StartCom due to their failure to maintain the high standards...
Compliance
PCI DSS version 3.1 will be retired on October 31, 2016, with version 3.2 being the only valid version beginning the 1st of November....
Compliance
Mozilla has decided to revoke trust in new WoSign and StartCom certificates, despite the steps taken by the companies in an effort to address...
Compliance
Following Mozilla’s proposal to ban its certificates for at least one year and Apple’s decision to revoke trust in its certificates, Chinese certificate authority...
Compliance
The Information Commissioner’s Office (ICO) in the U.K. has handed a record fine to telecoms company TalkTalk for the data breach suffered in October...
Compliance
After Mozilla announced that it might ban new certificates issued by Chinese certificate authority (CA) WoSign and its subsidiary StartCom for at least one...
Compliance
Following the discovery of several major problems, Mozilla has proposed that certificates issued by Chinese certificate authority (CA) WoSign and its subsidiary StartCom be...
Compliance
Twitter, Dropbox, Uber and several other major tech companies have joined forces and launched the Vendor Security Alliance (VSA), a coalition whose goal is...
Compliance
A report published this week by the U.S. House of Representatives Committee on Oversight and Government Reform said the data breaches disclosed by the...
Application Security
Security researchers are seeing evidence that up to 36 global organizations have been hacked via exploits against a vulnerability in SAP Business Applications that...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)