Kevin Townsend

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

CISO Conversations: Jaya Baloo From Rapid7 and Jonathan Trull From Qualys

CSOs Jaya Baloo and Jonathan Trull discuss the route, role, and requirements in becoming and being a successful CISO.

September 3, 2024

BlackByte Ransomware Gang Believed to Be More Active Than Leak Site Suggests

Cisco Talos has a blog post on the BlackByte ransomware group’s continuing evolution and new TTPs.

August 30, 2024

When Convenience Costs: CISOs Struggle With SaaS Security Oversight

SaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to,...

August 27, 2024

China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches

Hackers gained access to the switch using valid administrator credentials, and then ‘jailbroke’ from the application level into the OS level.

August 22, 2024

Understanding the ‘Morphology’ of Ransomware: A Deeper Dive

Ransomware isn't just about malware. It's about brands, trust, and the shifting allegiances of cybercriminals.

August 22, 2024

Why LinkedIn Developed Its Own AI-Powered Security Platform

An inside look at how LinkedIn developed an internal AI-assisted vulnerability management system to protect its massive infrastructure and user base.

August 21, 2024

National Public Data Says Breach Impacts 1.3 Million People

National Public Data (NPD) has confirmed suffering a data breach, but the company says the incident only affects 1.3 million people in the US.

August 19, 2024

Unconfirmed Hack of 2.9 Billion Records at National Public Data Sparks Media Frenzy Amid Lawsuits

National Public Data (NPD) is at the center of controversy with allegations of a massive data breach involving 2.9 billion records. Despite media coverage...

August 14, 2024

Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat Despite MFA

SecurityWeek spoke with Mike Britton, CISO at Abnormal Security, to understand what the company has learned about current social engineering and phishing attacks.

August 14, 2024

Hacker Conversations: Tom Anthony and Scratching an Itch Without Doing Harm

Many hackers trace their origin to an interest in, and early exposure to, computers. Tom Anthony is no different.

August 14, 2024

Post-Quantum Cryptography Standards Officially Announced by NIST – a History and Explanation

SecurityWeek speaks to Michael Osborne, CTO of IBM Quantum Safe, for a better understanding of the need for and principles of quantum safe cryptography.

August 13, 2024

Stolen Credentials Have Turned SaaS Apps Into Attackers’ Playgrounds

SaaS app log analysis highlights the rapid smash and grab raid: in, steal, and leave in 30 minutes.

August 8, 2024

Immutability in Cybersecurity: A Layer of Security Amidst Complexity and Misconceptions

In modern security parlance, ‘immutable’ has three primary associations: immutable servers, immutable backup, and immutable data.

August 8, 2024

Implement MFA or Risk Non-Compliance With GDPR

The UK Information Commissioner’s Office announced its intention to fine Advanced Computer Software Group £6.09 million.

August 7, 2024

Ransomware in 2024: More Attacks, More Leaks, and Increased Sophistication

The ransomware scourge is still growing and still successful for attackers, Rapid7’s Ransomware Radar Report 2024 shows.

August 7, 2024

Cost of Data Breach in 2024: $4.88 Million, Says Latest IBM Study

The average cost of a data breach jumped to $4.88 million from $4.45 million in 2023, a 10% spike.

July 31, 2024

Massive OTP-Stealing Android Malware Campaign Discovered

Android malware can intercept and steal OTPs and login credentials, leading to complete account takeovers.

July 31, 2024

Millions of Websites Susceptible to XSS Attack via OAuth Implementation Flaw

Researchers discovered and published details of an XSS attack that could potentially impact millions of websites around the world.

July 29, 2024

Zest Security Aims to Resolve, Not Just Mitigate Cloud Risks

Zest Security emerged from stealth with $5 million funding and an AI-powered platform that resolves the root source of risk in the cloud.

July 24, 2024

Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident

Sygnia discovered what it believes to be a variant of the GhostEmperor infection chain leading to the Demodex rootkit – which was first seen...

July 24, 2024

SECURITYWEEK NETWORK:

ICS:

Kevin Townsend

CISO Conversations: Jaya Baloo From Rapid7 and Jonathan Trull From Qualys

BlackByte Ransomware Gang Believed to Be More Active Than Leak Site Suggests

When Convenience Costs: CISOs Struggle With SaaS Security Oversight

China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches

Understanding the ‘Morphology’ of Ransomware: A Deeper Dive

Why LinkedIn Developed Its Own AI-Powered Security Platform

National Public Data Says Breach Impacts 1.3 Million People

Unconfirmed Hack of 2.9 Billion Records at National Public Data Sparks Media Frenzy Amid Lawsuits

Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat Despite MFA

Hacker Conversations: Tom Anthony and Scratching an Itch Without Doing Harm

Post-Quantum Cryptography Standards Officially Announced by NIST – a History and Explanation

Stolen Credentials Have Turned SaaS Apps Into Attackers’ Playgrounds

Immutability in Cybersecurity: A Layer of Security Amidst Complexity and Misconceptions

Implement MFA or Risk Non-Compliance With GDPR

Ransomware in 2024: More Attacks, More Leaks, and Increased Sophistication

Cost of Data Breach in 2024: $4.88 Million, Says Latest IBM Study

Massive OTP-Stealing Android Malware Campaign Discovered

Millions of Websites Susceptible to XSS Attack via OAuth Implementation Flaw

Zest Security Aims to Resolve, Not Just Mitigate Cloud Risks

Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident

Featured

Government

Industry Reactions to Trump Cybersecurity Executive Order: Feedback Friday

Vulnerabilities

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking

Artificial Intelligence

The AI Arms Race: Deepfake Generation vs. Detection

IoT Security

New ‘SmartAttack’ Steals Air-Gapped Data Using Smartwatches

Cybercrime

Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified

Artificial Intelligence

Cyera Raises $540 Million to Expand AI-Powered Data Security Platform

Incident Response

Microsoft Patch Tuesday Covers WebDAV Flaw Marked as ‘Already Exploited’

Latest News

Management & Strategy

In Other News: Cloudflare Outage, Cracked.io Users Identified, Victoria’s Secret Cyberattack Cost

Malware & Threats

TeamFiltration Abused in Entra ID Account Takeover Campaign

Malware & Threats

SimpleHelp Vulnerability Exploited Against Utility Billing Software Users

Ransomware

Fog Ransomware Attack Employs Unusual Tools

Vulnerabilities

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking

Vulnerabilities

Critical Vulnerabilities Patched in Trend Micro Apex Central, Endpoint Encryption

Cybersecurity Funding

ZeroRISC Raises $10 Million for Open Source Silicon Security Solutions

Daily Briefing Newsletter