Imagination is key to effective data loss prevention
Security teams have a challenging job. They must manage an ever-expanding attack surface and protect huge volumes of data from bad actors who are constantly ...

Positive trends in the application security space
ShiftLeft recently released their 2022 AppSec Progress Report, which evaluated how the changes and advancements in static application security testing (SAST)...

The threat of quantum computing to sensitive data
According to the US National Counterintelligence and Security Center, the U.S. is in a global quantum computing race, and China is winning. One emerging tech...

Cyberattacks against law enforcement are on the rise
Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 companies worldwide, has registered an increase in malicious activity targeting ...

Apple's New "Lockdown Mode" Protects iPhone, iPad, and Ma...
Apple on Wednesday announced it plans to introduce an enhanced security setting called Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura to safeguard hig...

Resecurity’s AI-powered solutions now available on Micros...
Resecurity’s AI-powered solutions provide proactive alerts and visibility of digital risks targeting the enterprise ecosystem. By joining the Microsoft Azure...

Socura launches Managed Vulnerability Scanning service to...
Socura released its new Managed Vulnerability Scanning (MVS) service. Socura’s MVS service has been designed to help clients identify potential vulnerabiliti...

LogRhythm platform enhancements accelerate threat respons...
LogRhythm launched version 7.9 of the LogRhythm SIEM Platform and updates to LogRhythm NDR and LogRhythm UEBA. “LogRhythm arms security teams with intelligen...

Kingston IronKey Locker+ 50 protects sensitive personal o...
Kingston Digital released IronKey Locker+ 50 (LP50) USB Flash drive that provides consumer-grade security with AES hardware-encryption in XTS mode to safegua...

IBM acquires Databand.ai to expand its data observability...
IBM announced it has acquired Databand.ai, a provider of data observability software that helps organizations fix issues with their data, including errors, p...

Vector Capital becomes the majority shareholder of WatchG...
WatchGuard Technologies announced that Vector Capital closed the deal to acquire interests previously owned by other co-investors. Under the new agreement, V...

Node4 acquires risual to strengthen its consulting and ma...
Node4 has announced the acquisition of risual, an IT managed services and solutions provider and Microsoft Azure Expert MSP employing 170 staff in the UK. As...

Swimlane raises $70 million to advance its platform innov...
Swimlane announced a $70 million growth funding round led by Activate Capital. Existing investors Energy Impact Partners (EIP) and 3Lines Venture Capital als...

Prevention Takes Priority Over Response
Cybersecurity teams continue to emphasize intrusion prevention over incident response, despite US government action.

Marcelo Modica joins OneTrust as CPO
OneTrust announced Marcelo Modica as the company’s first Chief People Officer. Modica brings 30 years of experience building people-centric organizatio...

BreachLock appoints Marielle Nigg-Droog as CISO
BreachLock announced the appointment of Marielle Nigg-Droog as Chief Information Security Officer (CISO). Marielle is responsible for providing cybersecurity...

ISACA unveils Risk Scenarios Starter Pack and course to h...
One of the challenges for IT risk management is to identify important and relevant risk, and one of the best ways to do that is through a well-developed risk...

Group-IB splits its domestic and international business i...
Group-IB has completed the first step in a series of actions aimed at separating its Russia and CIS business. Group-IB has just transferred its activities in...

North Korean State Actors Deploy Surgical Ransomware in O...
US government warns healthcare and public-health organizations to expect continued attacks involving the manually operated "Maui" ransomware.

Apple Debuts Spyware Protection for State-Sponsored Cyber...
Apple's new Lockdown Mode protects devices targeted by sophisticated state-sponsored mercenary spyware attacks.

I Built a Cheap 'Warshipping' Device in Just Three Hours ...
Here's how I did it and how you can protect your company against such physical/digital hybrid attacks.

Marriott Data Breach Exposes PII, Credit Cards
The hospitality giant said data from 300-400 individuals was compromised by a social-engineering scam targeting the Baltimore airport.

NIST Announces First Four Quantum-Resistant Cryptographic...
The U.S. Department of Commerce's National Institute of Standards and Technology (NIST) has chosen the first set of quantum-resistant encryption algorithms t...

How to Keep EVs From Taking Down the Electrical Grid
They may be environmentally friendly, but the surging popularity of electric cars and plug-in hybrids puts the nation's electrical grid at greater risk for m...

NIST Announces First Four Quantum-Resistant Cryptographic...
NIST’s post-quantum computing cryptography standard process is entering its final phases. It announced the first four algorithms: For general encryptio...

Cloud Misconfig Exposes 3TB of Sensitive Airport Data in ...
The unsecured server exposed more than 1.5 million files, including airport worker ID photos and other PII, highlighting the ongoing cloud-security challenge...

Identity Access Management Is Set for Exploding Growth, B...
New research says IAM spending will grow on the back of affordable subscription services, spurred by cloud and mobile adoption, IoT, and continued remote wor...

The Cyber-Asset Management Playbook for Supply Chain Mode...
Organizations must balance the risk and reward of new cyber-asset management technologies.

OpenSSL Releases Patch for High-Severity Bug that Could L...
The maintainers of the OpenSSL project have released patches to address a high-severity bug in the cryptographic library that could potentially lead to remot...

HackerOne Employee Caught Stealing Vulnerability Reports ...
Vulnerability coordination and bug bounty platform HackerOne on Friday disclosed that a former employee at the firm improperly accessed security reports subm...

Hackers Abusing BRc4 Red Team Penetration Tool in Attacks...
Malicious actors have been observed abusing legitimate adversary simulation software in their attacks in an attempt to stay under the radar and evade detecti...

Roundtable: Amid Cyberattack Frenzy, How Can QNAP Custome...
Our roundtable of cybersecurity experts weighs in on what makes QNAP network-attached storage catnip for attackers, and what organizations can do about it.

Bitter APT Hackers Continue to Target Bangladesh Military...
Military entities located in Bangladesh continue to be at the receiving end of sustained cyberattacks by an advanced persistent threat tracked as Bitter. "Th...

The End of False Positives for Web and API Security Scann...
July may positively disrupt and adrenalize the old-fashioned Dynamic Application Security Scanning (DAST) market, despite the coming holiday season. The path...

The Future of Attack Surface Management: How to Prepare
Upwards of 70% of organizations have been compromised because of an unknown, unmanaged, or mismanaged visible asset. Improving your Attack Surface Management...

Human Error Blamed for Leak of 1 Billion Records of Chine...
A developer appears to have divulged credentials to a police database on a popular developer forum, leading to a breach and subsequent bid to sell 23 terabyt...

Dynamic analysis of firmware components in IoT devices
We decided to discuss less obvious tools for working with firmware, including Renode and Qiling. Each of those tools has its own features, advantages, and li...

8 common Facebook Marketplace scams and how to avoid them
Here’s what to watch out for when buying or selling stuff on the online marketplace and how to tell if you’re being scammed The post 8 common Facebook Market...

CISA and NPower offer free entry-level cybersecurity trai...
NPower, a US-based non-profit participating in a cybersecurity workforce development program started by the Cybersecurity and Infrastructure Agency (CISA), i...

NIST selects 4 quantum-resistant encryption algorithms
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has chosen the first group of quantum-resistant encryption tools, des...

Hive Ransomware Upgrades to Rust for More Sophisticated E...
The operators of the Hive ransomware-as-a-service (RaaS) scheme have overhauled their file-encrypting software to fully migrate to Rust and adopt a more soph...

Researchers Share Techniques to Uncover Anonymized Ransom...
Cybersecurity researchers have detailed the various measures ransomware actors have taken to obscure their true identity online as well as the hosting locati...

Researchers Uncover Malicious NPM Packages Stealing Data ...
A widespread software supply chain attack has targeted the NPM package manager at least since December 2021 with rogue modules designed to steal data entered...

How a cyber asset management strategy can help enterprise...
Whether it’s through stolen credentials, phishing attacks, or simply user errors, people continue to pose the greatest risk to cybersecurity. While behaviora...

Why your API gateway is not enough for API security?
The emergence of cloud computing architectures has caused enterprises to rethink the way applications are scaled. Impetuses were put on companies to get away...