Cloud Security
Microsoft’s aggressive push to ferret out security problems in the firmware powering IoT devices took on new urgency this week with the acquisition of...
Hi, what are you looking for?
SecurityWeek
Risk Management
Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.
Management & Strategy
The OpenEoX model proposes a shared data format that can be integrated into SBOMs, security advisories, and other ecosystem tools.
Network Security
Before engaging in a full-scope exercise, it’s important to assess whether your program, people and processes are truly ready.
Risk Management
With over 12,000 breaches analyzed, this year’s DBIR reveals a landscape shaped by not just individual threats, but by entire economies of compromise.
Application Security
The ongoing multi-vendor investigations into the SolarWinds mega-hack took another twist this week with the discovery of new malware artifacts that could be used...
Application Security
Accellion failed to notify customers of a zero-day vulnerability in its file transfer application (FTA) and related cyber-attacks targeting the security flaw, according to a...
Application Security
Exploits for vulnerabilities in Microsoft’s Office suite were the most popular among cyber-attackers during the first quarter of this year, according to a new...
Application Security
Exabeam, a late-stage startup in the data analytics and SIEM space, has landed a new $200 million funding round that values the company at...
Application Security
Looking to build stronger responses against cyberattacks in the Asia Pacific (APAC) region, Microsoft on Monday announced the creation of a cybersecurity council for the public...
Risk Management
US troops charged with guarding nuclear weapons in Europe used popular education websites to create flash cards, exposing their exact locations and top-secret security...
Application Security
The U.S. Justice Department this week announced indictments against 22 individuals who allegedly purchased and used payment cards stolen from a national retail chain.
Application Security
Japan's Ministry of Foreign Affairs and Ministry of Land, Infrastructure, Transport and Tourism this week confirmed impact from a data breach at service provider...
Compliance
U.S. pipeline operators will be required for the first time to conduct a cybersecurity assessment under a Biden administration directive in response to the...
M&A Tracker
Timely response and proactive investigation can help lessen the potential negative impact poor cyber hygiene can have on a business acquisition
Risk Management
Cyberattacks have long been seen as a threat to financial markets, but worries are becoming even more acute following a US pipeline hack that...
Risk Management
John Lambert, GM at the Microsoft Threat Intelligence Center, will provide a keynote at SecurityWeek's Threat Intelligence Summit on May 26th at 12PM ET.
Cloud Security
In the merry-go-round world of InfoSec technologies and “what’s old is new again,” this year we should include Attack Surface Management with a dash...
Management & Strategy
Research and advisory giant Gartner predicts that global security and risk management spending will exceed $150 billion this year.The company forecasts that information security...
Application Security
Colonial Pipeline chief executive Joseph Blount has confirmed the company shelled out $4.4 million to purchase a decryption key to recover from the disruptive...
ICS/OT
More than a dozen U.S. lawmakers led by Rep. Emanuel Cleaver (D-MO) have reintroduced the Pipeline Security Act, whose goal is to aid the...
Application Security
Cloud-native authorization provider Styra on Tuesday announced that it closed a $40 million Series B funding round. To date, the company has raised more...
Cloud Security
The 2021 edition of the RSA Conference started on Monday, May 17, and this year the event is fully virtual.
Cybersecurity Funding
Private equity giant KKR leads investment to fuel growth of enterprise penetration testing firmNetSPI, a provider of enterprise penetration tools and services, has raised...
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
In the end, cybersecurity isn’t just about collecting data. It’s about proving that your defenses actually work.
(Torsten George)
Despite massive investment, the explosion of sophisticated malware and deepfake attacks persists because organizations struggle to verify digital identities and establish fundamental trust.
(Stu Sjouwerman)
Trying to block AI tools outright is a losing strategy. SaaS and AI are increasingly inseparable, and AI isn’t limited to tools like ChatGPT or Copilot anymore.
(Alastair Paterson)
CTI, digital brand protection and other cyber risk initiatives shouldn’t only be utilized by security and cyber teams.
(Marc Solomon)
Sightline Security’s founder explains why nonprofits need cybersecurity solutions tailored to their unique missions — and why vendors need to listen.
(Jennifer Leggio)