Risk Management Archives

CONFERENCE Watch Now: Threat Detection & Incident Response (TDIR) Summit - Watch Event On-Demand

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

Risk Management

Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough

Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.

Stu Sjouwerman1 day ago

Management & Strategy

Tech Giants Propose Standard For End-of-Life Security Disclosures

The OpenEoX model proposes a shared data format that can be integrated into SBOMs, security advisories, and other ecosystem tools.

Ryan NaraineApril 30, 2025

Network Security

How Do You Know If You’re Ready for a Red Team Partnership?

Before engaging in a full-scope exercise, it’s important to assess whether your program, people and processes are truly ready.

Trevin EdgeworthApril 29, 2025

Risk Management

Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy

With over 12,000 breaches analyzed, this year’s DBIR reveals a landscape shaped by not just individual threats, but by entire economies of compromise.

Danelle AuApril 25, 2025

Application Security

White House Publishes Federal Zero Trust Strategy

Eduard KovacsJanuary 27, 2022

Application Security

Apple Patches ‘Actively Exploited’ iOS Security Flaw

Apple late Wednesday pushed out an urgent iOS update with fixes for 11 documented security flaws and warned that one of the vulnerabilities “may...

Ryan NaraineJanuary 26, 2022

Application Security

UK’s NCSC Pushes NMAP Scanner Scripts to Fill Defender Gap

The U.K. government’s cybersecurity agency has announced plans to ship a collection of well-tested, reliable scanning scripts to help defenders find and fix high-priority...

Ryan NaraineJanuary 25, 2022

Application Security

PrinterLogic Patches Code Execution Flaws in Printer Management Suite

PrinterLogic has released security updates to address a total of nine vulnerabilities in Web Stack and Virtual Appliance, including three security defects that carry "high...

Ionut ArghireJanuary 25, 2022

ICS/OT

Port of Los Angeles Launches Cyber Resilience Center

SecurityWeek NewsJanuary 25, 2022

Application Security

CISA Releases Final IPv6 Security Guidance for Federal Agencies

The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released the final version of its IPv6 security guidance for federal agencies.

Ionut ArghireJanuary 21, 2022

Cyber Insurance

Insurance and Fintech Firm Acrisure Launches Cyber Services Division

SecurityWeek NewsJanuary 21, 2022

Application Security

Prolific Chinese APT Caught Using ‘MoonBounce’ UEFI Firmware Implant

Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or...

Ryan NaraineJanuary 20, 2022

Application Security

NSA Authorized to Issue Binding Operational Directives to Boost NSS Cybersecurity

Eduard KovacsJanuary 20, 2022

Application Security

Project Zero: Zoom Platform Missed ASLR Exploit Mitigation

A prominent security researcher poking around at the Zoom video conferencing platform found worrying signs the company failed to enable a decades-old anti-exploit mitigation,...

Ryan NaraineJanuary 19, 2022

Application Security

Multi-Factor Authentication Bypass Led to Box Account Takeover

A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over accounts without having access to the victim’s phone, according to...

Ionut ArghireJanuary 18, 2022

Risk Management

Cyber Insights 2022: Supply Chain

Kevin TownsendJanuary 18, 2022

Audits

Details Published on AWS Flaws Leading to Data Leaks

Researchers at cloud security startup Orca Security have publicly documented a pair of vulnerabilities in AWS CloudFormation and AWS Glue that attackers could use to...

Ionut ArghireJanuary 14, 2022

Application Security

FCC Chair Proposes New Policies for Carrier Data Breach Reporting

Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel this week proposed updated policies around telecom providers’ reporting of data breaches.

Ionut ArghireJanuary 13, 2022

Application Security

Mozilla Patches High-Risk Firefox, Thunderbird Security Flaws

Mozilla has released Firefox 96 with patches for 18 security vulnerabilities affecting its flagship web browser and the Thunderbird mail program.Of the newly patched...

Ionut ArghireJanuary 12, 2022

Cyberwarfare

U.S. Issues Fresh Warning Over Russian Cyber Threats as Ukraine Tensions Mount

Several U.S. government agencies have issued a joint cybersecurity advisory to provide an overview of cyber operations linked to Russia. The advisory comes as...

Eduard KovacsJanuary 12, 2022

ICS/OT

Industrial Firms Advised Not to Ignore Security Risks Posed by URL Parsing Confusion

Researchers from industrial cybersecurity firm Claroty and developer security company Snyk have analyzed more than a dozen URL parsing libraries and showed how inconsistencies...

Eduard KovacsJanuary 11, 2022

Cybercrime

U.S. Government Issues Warning Over Commercial Surveillance Tools

The U.S. State Department and the National Counterintelligence and Security Center (NCSC) on Friday issued a warning over the use of commercial surveillance tools.

Eduard KovacsJanuary 10, 2022

Application Security

Recorded Future Acquires SecurityTrails in $65M Deal

With eyes firmly set on the booming attack surface management space, threat intel powerhouse Recorded Future is shelling out $65 million to purchase SecurityTrails,...

Ryan NaraineJanuary 5, 2022

Network Security

Defense Contractors Must do More to Conceal Their Attack Surface

The world is entering a new era dominated by the rise of peer competitors like China and Russia, who are increasingly exerting their geo-political...

Gordon LawsonJanuary 5, 2022

Page 16 of 100« First ‹ Previous 12 13 14 151617 18 19 20 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Risk Management

Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough

Management & Strategy

Tech Giants Propose Standard For End-of-Life Security Disclosures

Network Security

How Do You Know If You’re Ready for a Red Team Partnership?

Risk Management

Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy

Application Security

White House Publishes Federal Zero Trust Strategy

Application Security

Apple Patches ‘Actively Exploited’ iOS Security Flaw

Application Security

UK’s NCSC Pushes NMAP Scanner Scripts to Fill Defender Gap

Application Security

PrinterLogic Patches Code Execution Flaws in Printer Management Suite

ICS/OT

Port of Los Angeles Launches Cyber Resilience Center

Application Security

CISA Releases Final IPv6 Security Guidance for Federal Agencies

Cyber Insurance

Insurance and Fintech Firm Acrisure Launches Cyber Services Division

Application Security

Prolific Chinese APT Caught Using ‘MoonBounce’ UEFI Firmware Implant

Application Security

NSA Authorized to Issue Binding Operational Directives to Boost NSS Cybersecurity

Application Security

Project Zero: Zoom Platform Missed ASLR Exploit Mitigation

Application Security

Multi-Factor Authentication Bypass Led to Box Account Takeover

Risk Management

Cyber Insights 2022: Supply Chain

Audits

Details Published on AWS Flaws Leading to Data Leaks

Application Security

FCC Chair Proposes New Policies for Carrier Data Breach Reporting

Application Security

Mozilla Patches High-Risk Firefox, Thunderbird Security Flaws

Cyberwarfare

U.S. Issues Fresh Warning Over Russian Cyber Threats as Ukraine Tensions Mount

ICS/OT

Industrial Firms Advised Not to Ignore Security Risks Posed by URL Parsing Confusion

Cybercrime

U.S. Government Issues Warning Over Commercial Surveillance Tools

Application Security

Recorded Future Acquires SecurityTrails in $65M Deal

Network Security

Defense Contractors Must do More to Conceal Their Attack Surface

Daily Briefing Newsletter

Trending

Virtual Event: Threat Detection and Incident Response Summit

Webinar: Cut Through the Noise: Why Context is a Secret Weapon in ASPM

People on the move

Expert Insights

Security Theater or Real Defense? The KPIs That Tell the Truth

Taming the Hacker Storm: Why Millions in Cybersecurity Spending Isn’t Enough

Is AI Use in the Workplace Out of Control?

Sharing Intelligence Beyond CTI Teams, Across Wider Functions and Departments

Rising Tides: Kelley Misata on Bringing Cybersecurity to Nonprofits

Daily Briefing Newsletter