Security Architecture
A cyber-espionage group is abusing code-signing certificates stolen from Taiwan-based companies for the distribution of their backdoor, ESET reports.
Hi, what are you looking for?
SecurityWeek
Security Architecture
While the Security Posture Management buzz is real, its long-term viability depends on whether it can deliver measurable outcomes without adding more complexity.
Security Architecture
Which Security Testing Approach is Right for You: BAS, Automated Penetration Testing, or Both?
Security Architecture
A new GAO report assesses that the Coast Guard needs to improve Maritime Transportation System (MTS) cybersecurity.
Security Architecture
Google’s adoption of memory safe programming languages now includes the deployment of Rust in legacy low-level firmware codebases.
Management & Strategy
The UK government's Cabinet Office has published the first iteration of its Minimum Cyber Security Standard, which will be incorporated into the Government Functional...
Compliance
Senator Ron Wyden (D-Ore.) on Tuesday asked the chief information officer at the U.S. Department of Defense (DoD) to take immediate action to ensure...
ICS/OT
The U.S. Department of Energy this week announced its strategy to reduce cyber risks in the energy sector and outlined its goals, objectives and...
ICS/OT
Researchers at Kaspersky Lab have identified a significant number of vulnerabilities in the OPC UA protocol, including flaws that could, in theory, be exploited...
Audits
Attack simulation platform provider SafeBreach on Tuesday announced that it raised $15 million in a Series B funding round, bringing the total raised by...
Cybersecurity Funding
Regulus Cyber emerged from stealth mode this week with $6.3 million in funding and a solution designed to protect sensors, communications and data in...
Application Security
Team collaboration solutions provider Slack last week announced that one of the secure development lifecycle (SDL) tools used internally by the company has been...
Network Security
The Internet Society is expanding its Mutually Agreed Norms for Routing Security (MANRS) initiative from just autonomous systems (AS) networks to include internet exchange...
Endpoint Security
Microsoft on Thursday announced Windows Defender System Guard runtime attestation, a new Windows platform security technology set to roll out to all editions of...
Malware & Threats
The U.S. Food and Drug Administration (FDA) this week announced its medical device safety action plan, which includes seeking additional funding and authorities that...
Artificial Intelligence
IBM today announced the release of an open source software library designed to help developers and researchers protect artificial intelligence (AI) systems against adversarial...
Endpoint Security
Intel late on Monday announced two new security-related technologies, including a threat detection system and a framework for building protection into processors, and a...
Cybersecurity Funding
The United States Department of Energy (DOE) on Monday announced that it’s prepared to award up to $25 million for the research and development...
Incident Response
IBM has added intelligent orchestration capabilities to its Resilient incident response platform, and launched new threat and vulnerability management services as part of its...
Cloud Security
Container security firm StackRox announced this week that it has secured $25 million in a Series B funding round, bringing the total raised to...
Audits
The Industrial Internet Consortium (IIC) has developed a new IoT Security Maturity Model (SMM), building on its own security framework and reference architecture. This...
Application Security
Amazon Web Services (AWS) announced on Wednesday the launch of several tools and services designed to help customers manage their firewalls, use private certificates,...
Endpoint Security
Axonius emerged from stealth mode on Tuesday with a platform designed to help organizations identify and secure all the devices on their network by...
Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.
RegisterLearn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.
RegisterExpert Insights
In a rapidly changing AI environment, CISOs are worried about investing in the wrong solution or simply not investing because they can’t decide what the best option is.
(Marc Solomon)
Adopting a layered defense strategy that includes human-centric tools and updating security components.
(Stu Sjouwerman)
A strong AI deployment starts with asking the right questions, mapping your risks, and thinking like an adversary — before it’s too late.
(Matt Honea)
It’s time for enterprises to stop treating unmanaged devices as an edge case and start securing them as part of a unified Zero Trust strategy.
(Etay Maor)
Many security professionals feel pressured to pursue leadership roles, but success can also mean going deeper, not just higher.
(Joshua Goldfarb)