CB News

AI in risk management: Top benefits and challenges explained

Tue, 15 Jul 2025 17:23:00 +0000

AI can improve the speed and effectiveness of risk management strategies. Here are the potential benefits, use cases and challenges your organization needs to know about.

How to perform a cybersecurity risk assessment in 5 steps

Wed, 09 Jul 2025 00:00:00 +0000

When assessing cybersecurity risk, be sure to consider the scope of the project, your organization's specific assets and leadership's tolerance for risk.

What is a CISO as a service (CISOaaS)?

Wed, 09 Jul 2025 00:00:00 +0000

CISO as a service, or CISOaaS, is the outsourcing of CISO (chief information security officer) and information security leadership responsibilities to a third-party provider.

Microsoft targets 130 vulnerabilities on July Patch Tuesday

Tue, 08 Jul 2025 20:43:00 +0000

Admins will want to focus on issuing corrections for the large number of flaws, some of which require no user interaction, in Windows RRAS and Microsoft Office.

News brief: LOTL attacks, spoofed sites, malicious repositories

Fri, 20 Jun 2025 14:57:00 +0000

Check out the latest security news from the Informa TechTarget team.

What is a time-based one-time password?

Mon, 02 Jun 2025 00:00:00 +0000

A time-based one-time password (TOTP) is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors.

What is security?

Fri, 30 May 2025 16:15:00 +0000

Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization's digital assets.

News brief: Week's top breaches stem from third-party attacks

Fri, 30 May 2025 15:56:00 +0000

Check out the latest security news from the Informa TechTarget team.

What is a passkey?

Wed, 21 May 2025 12:00:00 +0000

A passkey is an alternative user authentication method that eliminates the need for usernames and passwords.

News brief: Patch critical SAP, Samsung and chat app flaws now

Fri, 16 May 2025 17:43:00 +0000

Check out the latest security news from the Informa TechTarget team.

What is penetration testing?

Wed, 14 May 2025 09:00:00 +0000

A penetration test, also called a 'pen test,' is a simulated cyberattack on a computer system, network or application to identify and highlight vulnerabilities in an organization's security posture.

What are the top 10 spyware threats?

Thu, 08 May 2025 14:35:00 +0000

The top 10 spyware list describes the most common spyware threats behind famous spyware attacks and is frequently identified by leading antispyware tools from vendors like Webroot, Norton and Malwarebytes.

How to conduct ransomware awareness training for employees

Mon, 14 Apr 2025 09:00:00 +0000

As your organization's first line of defense, hold regular employee training on how to prevent, detect and respond to ransomware attacks.

Model Context Protocol fever spreads in cloud-native world

Wed, 02 Apr 2025 16:53:00 +0000

The Anthropic-led spec for AI agent tool connections gains further momentum this week, with support from cloud-native infrastructure vendors such as Kubiya and Solo.io.

What is a uniform resource identifier (URI)?

Wed, 02 Apr 2025 09:00:00 +0000

What is a hacker?

Mon, 31 Mar 2025 09:00:00 +0000

News brief: China-linked APTs and Russian access broker

Fri, 28 Mar 2025 18:07:00 +0000

What is IT automation? A complete guide for IT teams

Thu, 27 Mar 2025 09:00:00 +0000

5 fundamental strategies for REST API authentication

Mon, 17 Mar 2025 17:06:00 +0000

What is Internet Key Exchange (IKE)?

Tue, 04 Feb 2025 09:00:00 +0000

Zero-Day Breach at Rackspace Sparks Vendor Blame Game

Wed, 02 Oct 2024 17:29:25 +0000

A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day.

The post Zero-Day Breach at Rackspace Sparks Vendor Blame Game appeared first on SecurityWeek.

MITRE Adds Mitigations to EMB3D Threat Model

Wed, 02 Oct 2024 13:01:00 +0000

MITRE has expanded the EMB3D Threat Model with essential mitigations to help organizations address threats to embedded devices.

The post MITRE Adds Mitigations to EMB3D Threat Model appeared first on SecurityWeek.

US, Allies Release Guidance on Securing OT Environments

Wed, 02 Oct 2024 12:47:09 +0000

New guidance provides information on how to create and maintain a secure operational technology (OT) environment.

The post US, Allies Release Guidance on Securing OT Environments appeared first on SecurityWeek.

Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI

Wed, 02 Oct 2024 12:17:40 +0000

Multiple Python packages referencing dependencies containing cryptocurrency-stealing code were published to PyPI.

The post Cryptocurrency Wallets Targeted via Python Packages Uploaded to PyPI appeared first on SecurityWeek.

Harmonic Raises $17.5M to Defend Against AI Data Harvesting

Wed, 02 Oct 2024 12:00:00 +0000

Harmonic has raised a total of $26 million to develop a new approach to data protection using pre-trained, specialized language models.

The post Harmonic Raises $17.5M to Defend Against AI Data Harvesting appeared first on SecurityWeek.

Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps

Wed, 02 Oct 2024 11:27:51 +0000

Cloudflare recently mitigated another record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion Pps.

The post Record-Breaking DDoS Attack Peaked at 3.8 Tbps, 2.14 Billion Pps appeared first on SecurityWeek.

After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks

Wed, 02 Oct 2024 10:37:56 +0000

Over 58,000 internet-exposed CUPS hosts can be abused for significant DDoS attacks, according to Akamai.

The post After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks appeared first on SecurityWeek.

Critical Zimbra Vulnerability Exploited One Day After PoC Release

Wed, 02 Oct 2024 08:48:02 +0000

A critical-severity vulnerability in Zimbra has been exploited in the wild to deploy a web shell on vulnerable servers.

The post Critical Zimbra Vulnerability Exploited One Day After PoC Release appeared first on SecurityWeek.

T-Mobile to Pay Millions to Settle With FCC Over Data Breaches

Tue, 01 Oct 2024 15:11:15 +0000

T-Mobile has agreed to invest $15.75 million in cybersecurity and pay $15.75 million to settle an FCC investigation into four data breaches.

The post T-Mobile to Pay Millions to Settle With FCC Over Data Breaches appeared first on SecurityWeek.

More LockBit Hackers Arrested, Unmasked as Law Enforcement Seizes Servers

Tue, 01 Oct 2024 15:06:27 +0000

Previously seized LockBit websites have been used to announce more arrests, charges and infrastructure disruptions.

The post More LockBit Hackers Arrested, Unmasked as Law Enforcement Seizes Servers appeared first on SecurityWeek.

Landmark Admin Discloses Data Breach Of Medical Info

Mon, 01 Jul 2024 15:11:55 +0000

Google Offering $250k For Full VM Escape In New KVM Bug Bounty Program

Mon, 01 Jul 2024 15:11:51 +0000

regreSSHion: Remote Unauthenticated Code Execution Vulnerability In OpenSSH Server

Mon, 01 Jul 2024 15:11:47 +0000

Juniper Issues Emergency Patches For Perfect 10 Router Vuln

Mon, 01 Jul 2024 15:11:42 +0000

Vanna AI Prompt Injection Vulnerability Enables RCE

Fri, 28 Jun 2024 16:24:40 +0000

Russian APT Reportedly Behind New TeamViewer Hack

Fri, 28 Jun 2024 16:24:36 +0000

Mac Users Served Info Stealer Malware Through Google Ads

Fri, 28 Jun 2024 16:24:32 +0000

Google Cuts Ties With Entrust In Chrome Over Trust Issues

Fri, 28 Jun 2024 16:24:28 +0000

GitLab Security Updates Patch 14 Vulnerabilities

Thu, 27 Jun 2024 14:35:19 +0000

Designed Receivable Solutions Data Breach Impacts 585,000 People

Thu, 27 Jun 2024 14:35:17 +0000

Korean Telco Allegedly Infected Its P2P Users With Malware

Thu, 27 Jun 2024 14:35:15 +0000

New MOVEit Critical Bug Sees Swift Exploitation Attempts

Thu, 27 Jun 2024 14:35:08 +0000

Feds Put $5M Bounty On CryptoQueen Ruja Ignatova

Thu, 27 Jun 2024 14:34:58 +0000

US Lawmakers Wave Red Flags Over Chinese Drone Dominance

Thu, 27 Jun 2024 14:34:52 +0000

WhisperGate Suspect Indicted As US Offers A $10 Million Bounty

Thu, 27 Jun 2024 14:34:46 +0000

Probllama: Ollama Remote Code Execution Vulnerability

Wed, 26 Jun 2024 13:34:32 +0000

Polyfill Supply Chain Attack Hits Over 100k Websites

Wed, 26 Jun 2024 13:34:30 +0000

Microsoft Blamed For Million-Plus Patient Record Theft At US Hospital Giant

Wed, 26 Jun 2024 13:34:28 +0000

P2Pinfect Worm Now Dropping Ransomware On Redis Servers

Wed, 26 Jun 2024 13:34:07 +0000

Ebay Seller Offers Stingray Device For $100,000

Wed, 26 Jun 2024 13:34:02 +0000