Incident Response
Offensive Security does not focus on discreet attacks, singular actors, or Indicators of compromise, but understands the entirety of both sides of the battlefield.
Hi, what are you looking for?
SecurityWeek
Incident Response
DaVita has not named the ransomware group behind the incident or share details on the attacker’s ransom demands.
Incident Response
The business services provider confirms personal information such as names and Social Security numbers was stolen in a January cyberattack.
Incident Response
The CVE-2025-22457 has already been exploited by a China-nexus hacking gang notorious for breaking into edge network devices.
Cybersecurity Funding
French cybersecurity startup Qevlar AI has raised $10 million in a funding round led by EQT Ventures and Forgepoint Capital International.
Incident Response
A strong security program will sometimes require substantial organizational and cultural changes around security practices, and inevitably, a higher cost.
CISO Strategy
Organizations must recognize that security is not about the number of tools deployed, it is about ensuring those tools effectively disrupt the attack chain...
CISO Strategy
Industry commentary on the SEC lawsuit against SolarWinds and its CISO over cybersecurity and risk handling practices before the massive hack that came to...
Incident Response
The CVSS vulnerability scoring standard is refreshed to provide more data and remove ambiguities in rating the severity of downstream issues.
Incident Response
MITRE announces the release of ATT&CK v14, which brings enhancements related to detections, ICS, and mobile.
CISO Strategy
The SEC filed charges against SolarWinds and its CISO over misleading investors about its cybersecurity practices and known risks.
Cloud Security
VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.
Data Protection
Adlumin, a startup working on technology to boost security for mid-market firms, has banked $70 million in new funding led by SYN Ventures.
Cyberwarfare
Microsoft says an APT group tracked as Storm-0062 has been hacking Confluence installations since mid-September, three weeks before Atlassian’s disclosure.
Incident Response
Adobe Commerce customers exposed to code execution, privilege escalation, arbitrary file system read, and security feature bypass attacks.
Data Breaches
The fundraising software company Blackbaud has agreed to pay $49.5 million to settle claims brought by the attorneys general of 49 states and Washington,...
Cloud Security
Cisco warns that unauthenticated, remote attackers can log into devices using root account, which has default, static credentials that cannot be changed or deleted.
Incident Response
Rapid7 says attackers are targeting a critical pre-authentication flaw in Progress Software’s WS_FTP server just days after disclosure.
Artificial Intelligence
With unapproved AI tools entrenched in daily workflows, experts say it’s time to shift from monitoring to managing Shadow AI use across the enterprise.
Vulnerabilities
Vulnerabilities
Malware & Threats
Data Breaches
Cybercrime
Noteworthy stories that might have slipped under the radar: 4chan hacked, auto-reboot security feature coming to Android, Iranian administrator of Nemesis charged in US.
Cybersecurity Funding
Data Breaches
Data Breaches
Vulnerabilities
