Management & Strategy
Microsoft is dropping a lawsuit against the US government after the Department of Justice issued new rules limiting the use of secrecy orders that...
Hi, what are you looking for?
SecurityWeek
Management & Strategy
Other noteworthy stories that might have slipped under the radar: ICS device exposure remains flat as attack surface widens, Microsoft issues incident response playbook...
Artificial Intelligence
The company topped revenue and earnings forecasts for the first quarter of 2026, but its shares plunged more than 20%.
Cyberwarfare
Securing national resilience now depends on faster, deeper partnerships with the private sector.
Management & Strategy
A summary of the announcements made by vendors on the third and fourth days of the RSAC 2026 Conference.
Audits
Britain's financial watchdog on Tuesday said it was investigating a massive hack of the US consumer credit rating service Equifax that affected potentially almost...
Endpoint Security
Many industrial and critical infrastructure systems are connected to the Internet, and the operational technology (OT) networks of some organizations have already been compromised,...
Cybersecurity Funding
Security awareness training and simulated phishing firm KnowBe4 has secured $30 million in Series B financing led by Goldman Sachs Growth Equity (GS Growth),...
Compliance
The proposed European Union ePrivacy Regulation is on the verge of entering Trilogue. Trilogue is the series of informal discussions involving the European Parliament,...
Application Security
Kaspersky Lab announced on Monday the launch of a new Global Transparency Initiative whose goal is to help the company clear its name following...
ICS/OT
The Department of Homeland Security and Federal Bureau of Investigation have issued a joint technical alert warning that government entities and organizations in the...
Audits
The growing acceptance that it is impossible to detect and block all malware at the perimeter requires some form of response to malware post-breach....
Data Protection
Over 60% of Sites Loaded via Chrome Use HTTPS, Says GoogleThe number of websites that protect traffic using HTTPS has increased considerably in the...
ICS/OT
With growing concern over nation-state cyber attacks comes an increasing need to secure the critical infrastructure. In the Quadrennial Energy Review published in January...
Management & Strategy
Contracting giant Booz Allen is to acquire cybersecurity firm Morphick. Few details have been made public -- there is no statement on the price...
Data Protection
The acceptance and adoption of biometrics as a primary or second factor in multi-factor authentication has been considerably slower than expected. There are signs...
Identity & Access
Google has taken yet another step toward improving the security of its users by making Google prompt the primary choice for 2-Step Verification (2SV),...
Audits
Canada’s Communications Security Establishment (CSE) agency announced this week that the source code for one of its malware detection and analysis tools has been...
Application Security
Google announced on Thursday that it’s prepared to offer a bonus of $1,000 to researchers who find serious vulnerabilities in some of the popular...
Application Security
A newly discovered hooking technique can go completely undetected by the current implementation of PatchGuard, CyberArk security researchers warn.
Data Protection
The U.S. Department of Homeland Security (DHS) recently ordered all federal agencies to start using DMARC, but currently only a small percentage have fully...
Application Security
Microsoft has disclosed the details of a remote code execution vulnerability found by its employees in the Chrome web browser. Google patched the flaw...
Management & Strategy
In my previous column, I highlighted the incredible urgency around creating a strategy and executing on it—maniacally. Of course, it’s never that simple, is...
Management & Strategy
While October is National Cyber Security Awareness Month (NCSAM) in the U.S., security awareness is a quaint idea when the news is regularly full...
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
RegisterExpert Insights
Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures.
(Tod Beardsley)
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
(Joshua Goldfarb)
AI-driven development is not something organizations can or should block. But it must be governed.
(Danelle Au)
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
(Etay Maor)
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
(Nadir Izrael)