Incident Response
Elon Musk's lawyers jumped Wednesday on the revelations of a Twitter whistleblower to try to force the platform to surrender vast amounts of information...
Hi, what are you looking for?
SecurityWeek
Management & Strategy
The OpenEoX model proposes a shared data format that can be integrated into SBOMs, security advisories, and other ecosystem tools.
Network Security
Before engaging in a full-scope exercise, it’s important to assess whether your program, people and processes are truly ready.
Risk Management
With over 12,000 breaches analyzed, this year’s DBIR reveals a landscape shaped by not just individual threats, but by entire economies of compromise.
Cybersecurity Funding
Anecdotes has raised $55 million in an extended Series B funding round that brings the total raised by the company to $85 million.
ICS/OT
Data collected by IBM shows that old and inconspicuous vulnerabilities affecting industrial products are commonly targeted in scanning activity seen by organizations that use...
Application Security
Healthcare services provider Novant Health has sent notifications to more than 1.3 million individuals that their protected health information (PHI) might have been inadvertently...
Management & Strategy
A cybersecurity analysis of hundreds of media industry vendors showed that many companies are slow to patch critical vulnerabilities, according to MDR and third-party...
Application Security
Apple on Wednesday rolled out emergency patches for a pair of already exploited zero-day vulnerabilities in its flagship macOS and iOS platforms.Apple confirmed in-the-wild...
Application Security
Enterprise software vendor Twilio (NYSE: TWLO) has been hacked by a relentless threat actor who successfully tricked employees into giving up login credentials that...
Cybersecurity Funding
New York-based cyber readiness and risk management firm Axio has raised $23 million in a Series B funding round led by ISTARI, with participation...
Application Security
Application Security
Virtualization technology giant VMware on Tuesday shipped an urgent, high-priority patch to address an authentication bypass vulnerability in its Workspace ONE Access, Identity Manager...
Application Security
Cybersleuths at Microsoft have found a link between the recent 'Raspberry Robin' USB-based worm attacks and EvilCorp, a notorious Russian ransomware operation sanctioned by...
Audits
A study commissioned by IBM Security says the global average cost of a data breach reached an all-time high of $4.35 million and warned...
Cloud Security
Amazon Web Services (AWS) is hosting its re:Inforce 2022 conference these days and the cloud giant has taken the opportunity to unveil several enhancements...
Application Security
A security audit by the European Parliament has unearthed attempts to plant high-end surveillance software on the phone of a Greek lawmaker and there...
Application Security
An analysis of the evolution of cybercrime from its beginnings in the 1990s to its billion-dollar presence today has one overriding theme: the development...
Application Security
A prominent cybersecurity executive is calling on the U.S. government to resist the urge to match China's reported mandates around early vulnerability disclosure, warning...
Application Security
Software giant Microsoft has open-sourced its internal tool for generating SBOMs (software bill of materials) as part of a move to help organizations be...
Application Security
Microsoft has issued an urgent Patch Tuesday bulletin to warn of in-the-wild zero-day exploitation of a privilege escalation flaw in the Windows operating system.
Application Security
Software maker Adobe has rolled out a major security update for its flagship Acrobat and Reader products to fix at least 22 documented vulnerabilities,...
Application Security
Cybersecurity firm Emsisoft has released free decryptor tools for AstraLocker, a "smash-and-grab" ransomware family that was recently retired.
Cybercrime
Election officials preparing for the upcoming midterms face a myriad of threats, both foreign and domestic, as they look to protect voting systems and...
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
Trying to block AI tools outright is a losing strategy. SaaS and AI are increasingly inseparable, and AI isn’t limited to tools like ChatGPT or Copilot anymore.
(Alastair Paterson)
CTI, digital brand protection and other cyber risk initiatives shouldn’t only be utilized by security and cyber teams.
(Marc Solomon)
Sightline Security’s founder explains why nonprofits need cybersecurity solutions tailored to their unique missions — and why vendors need to listen.
(Jennifer Leggio)
By taking immediate actions, organizations can ensure that shadow AI is prevented and used constructively where possible.
(Etay Maor)
Year of the Twin Dragons: Developers Must Slay the Complexity and Security Issues of AI Coding Tools
The advantages AI tools deliver in speed and efficiency are impossible for developers to resist. But the complexity and risk created by AI-generated code can’t be ignored.
(Matias Madou)