Compliance
The Linux Foundation’s Core Infrastructure Initiative (CII) announced this week the names of the projects that received badges as part of its best practices...
Hi, what are you looking for?
SecurityWeek
Compliance
The devices have been added to the NATO Information Assurance Product Catalogue (NIAPC).
Compliance
TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States.
Compliance
Cyber regulations are where politics meets business – where business becomes subject to political realities.
Compliance
A judge has ruled that the plaintiffs failed to demonstrate intent to defraud investors.
Compliance
The PCI Security Standards Council (PCI SSC) has published the latest version of its data security standard to address increased threats and more sophisticated...
Compliance
Mozilla has decided to allow Symantec to issue nine new SSL certificates signed using the SHA-1 cryptographic hash function to payment processor Worldpay after...
Compliance
Asus has agreed to settle Federal Trade Commission (FTC) charges related to the Taiwan-based hardware and electronics company’s failure to secure its routers and...
Compliance
Like Many Security Technologies, Access Governance Won't Directly Drive More Revenue for a Business. So How Can You Deliver a Return on Governance?
Compliance
Software giant Oracle has agreed to settle with the U.S. Federal Trade Commission over charges that it deceived customers about the security of the...
Compliance
Stolen medical information is an issue that affects 18 out of 20 industries, making the problem more widespread than previously believed, Verizon’s 2015 Protected...
Compliance
The Payment Card Industry Security Standards Council (PCI SSC) has set a new deadline for when organizations that process payments should complete the migration...
Compliance
Cybersecurity Disclosure Act of 2015 Would Prioritize Cybersecurity at Public Companies Through SEC Disclosures
Compliance
Comodo admitted on Monday that it had mistakenly issued a total of eight digital certificates that did not comply with baseline requirements.
Application Security
Hackers breached the systems of anti-adblocking solutions provider PageFair and used the access to deliver malware via the publishers that rely on the company’s...
Compliance
Google is displeased with Symantec’s digital certificate issuance practices and has asked the security firm to step up its game in order to avoid...
Compliance
Following reports that the cost of breaking the SHA1 Internet security standard is lower than previously estimated, Mozilla is considering rejecting SHA1-based certificates half...
Compliance
The Linux Foundation’s Core Infrastructure Initiative (CII), a project that aims to bring technology companies together with the goal of identifying and funding critical...
Compliance
Several leading cybersecurity firms have formed a coalition whose goal is to prevent the U.S. Department of Commerce from adopting Wassenaar Arrangement regulations that could...
Compliance
The Payment Card Industry Security Standards Council (PCI SSC) announced this week an update to the Point-to-Point Encryption (P2PE) standard.
Compliance
Amazon has received nearly 1,000 information requests from government agencies in the first five months of 2015, according to the electronic commerce company’s bi-annual...
Compliance
More and more industry standards and regulations promote or even mandate that organizations apply the concept of “continuous compliance”. Continuous compliance includes the reconciliation...
Compliance
The PCI Security Standards Council published revisions to the Payment Application Data Security Standard (PA-DSS) this week to address concerns over the Secure Sockets...
Compliance
Adding Exploits to Wassenaar Is Bad for Security, Says the Industry
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
(Joshua Goldfarb)