SecurityWeek

Industry veteran Wendy Nather discusses cybersecurity leadership and the importance of amplifying others’ efforts for the common good.

VulnCheck finds hundreds of thousands of internet-accessible hosts potentially vulnerable to 2023’s top frequently exploited flaws.

Microsoft has seized 240 phishing-related websites and has disrupted the ONNX service, which the company says is run by an Egyptian man.

Gen-AI security startup Prompt Security has raised $18 million in a Series A funding round led by Jump Capital.

A Thai court dismissed a lawsuit brought by Jatupat Boonpattararaksa which alleged spyware made by NSO Group was used to hack his phone.

The company emerged from stealth mode in March 2022 and has been on a mission to help companies reduce compliance cost and handle time-consuming GRC tasks.

The number of internet-exposed Palo Alto firewalls is dropping, but 2,000 have been compromised, according to Shadowserver Foundation.

Dazz, based in Israel, raised about $110 million from prominent investors like Greylock, Cyberstarts, Insight Partners and Index Ventures.

Microsoft debuts Quick Machine Recovery tool to apply fixes even when machines are unable to boot, without needing physical access.

The owners of the RSA Conference will make a $5 million investment a prerequisite for all 10 finalists at next year’s Innovation Sandbox.

MITRE has released an updated CWE Top 25 Most Dangerous Software Weaknesses list, with cross-site scripting (XSS) at the top.

Censys and Kaspersky publish ICS security reports looking into exposure to attacks and actual attacks suffered by industrial organizations.

Mexico’s president says the government is investigating a reported ransomware hack of the country's legal affairs office.

Finastra is investigating a data breach after a hacker claimed the theft of information from an internal file-transfer application.

Five alleged members of the Scattered Spider cybercrime group were charged for phishing and stealing millions in cryptocurrency.

Just like other technologies that have gone before, such as cloud and cybersecurity automation, right now AI lacks maturity.

Exploitation attempts seen for two recently patched Citrix Session Recording vulnerabilities tracked as CVE-2024-8068 and CVE-2024-8069.

Trump promised in his presidential campaign platform to “repeal Joe Biden’s dangerous Executive Order that hinders AI Innovation, and imposes Radical Leftwing ideas on the development of this technology.”

Risk intelligence and cybersecurity solutions provider RIIG has raised $3 million in a seed funding round led by Felton Group.

Twine and its investors are betting on the idea of AI-powered “digital cyber employees” to handle mundane but critical security tasks.