The Latest
-
RgStudio via Getty Images
Three-quarters of retail, hospitality applications have security flaws
Nearly 1 in 5 vulnerabilities in the retail and hospitality industry are considered high severity, Veracode found, creating considerable risks to the organization.
-
Leon Neal/Getty Images via Getty Images
Where will the security community turn, if not Twitter?
A consistent stream of credibility hits could cause lasting damage for cybersecurity and those who flock there.
-
Ca-ssis via Getty Images
Palo Alto Networks reports strong fiscal Q1 as security needs outpace economic fears
The security firm also agreed to buy Cider Security, boosting its software supply chain security business.
-
CloudVisual via Getty Images
Offshore oil and gas at risk of potentially catastrophic cyberattack: GAO
A report warns the industry could see an attack that rivals the deadly 2010 Deepwater Horizon disaster and urges Interior Department officials to stand up safeguards.
-
ZargonDesign via Getty Images
Tech sector execs see potential recession as a business opportunity
Technology company leaders are preparing for economic downturn by investing selectively in the workforce and new technologies, according to EY survey.
-
FG Trade via Getty Images
Cybercriminals strike understaffed organizations on weekends and holidays
Cybereason research found organizations are short-staffed on holidays and weekends, even though that's when attackers are likely to strike.
-
Rrraum via Getty Images
SMB cyber budgets under pressure amid slowing economy
The potential budget cuts during a period marked by market volatility could increase organizational risk.
-
solarseven via Getty Images
Iran-linked threat actors exploiting Log4Shell via unpatched VMware, feds warn
The actors compromised a federal civilian agency, CISA and the FBI said. Authorities warned VMware users to assume breach and hunt for threats if they skipped patches or workarounds.
-
onurdongel via Getty Images
Critical infrastructure providers ask CISA to place guardrails on reporting requirements
Top companies and industry groups fear incident reporting mandates would overwhelm CISA with noise.
-
Justin Sullivan / Staff via Getty Images
McDonald’s to launch cybersecurity apprenticeship program
The restaurant chain's initiative is among nearly 200 registered apprenticeships programs approved or under development as part of the White House's Cybersecurity Apprenticeship Sprint.
-
David Ramos/Getty Images via Getty Images
Nokia warns 5G security ‘breaches are the rule, not the exception’
A majority of 5G network operators experienced up to six cyber incidents in the past year. Defenses are especially lacking for ransomware and phishing attacks.
-
sdecoret via Getty Images
Confidential computing critical for cloud security, Google and Intel say
Confidential computing aims to isolate and encrypt data in use. The technology is young, but it could deliver significant gains for cloud security.
-
NicoElNino via Getty Images
High risk, critical vulnerabilities found in 25% of all software applications and systems
Research from Synopsys showed weak SSL/TLS configurations were the most prevalent form of vulnerability.
-
Just_Super via Getty Images
CISA wants to change how organizations prioritize vulnerabilities
Federal authorities want to take the guesswork and manual decision making processes out of the messy world of vulnerabilities.
-
Stock Photo via Getty Images
K-12 schools lack resources, funding to combat ransomware threat
One-fifth of schools spend less than 1% of their IT budgets on security, a MS-ISAC report shows.
-
PeopleImages via Getty Images
Why privacy professionals should work closely with company engineers
Transcend's general counsel, Brandon Wiebe, said the increasingly technical nature of data privacy regulations requires cross-functional collaboration.
-
Techa Tungateja via Getty Images
CISA warns unpatched Zimbra users to assume breach
Months after warnings to patch the Zimbra Collaboration Suite, government and private sector organizations are under attack from multiple threat actors.
-
Justin Sullivan / Staff via Getty Images
Twitter, amid security and compliance officer exodus, could run afoul of FTC rules
Regulatory attention is just the latest trouble for the embattled social media platform. Without chief security, privacy or compliance officers, following a consent decree becomes more difficult.
-
metamorworks via Getty Images
5 security musts for industrial control systems
OT involves a collection of dedicated systems and physics, and that creates distinct security requirements, said Robert M. Lee, CEO and co-founder at Dragos.
-
anyaberkut via Getty Images
Citrix CVEs need urgent security updates, CISA says
Though there's no active exploitation yet, Tenable researchers warn they expect threat actors to target the Citrix systems in the near term.
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images
SolarWinds under SEC probe related to 2020 supply chain attack
The company also disclosed a proposed $26 million settlement of a class action suit related to the cyberattack.
-
Stock Photo via Getty Images
CISA’s K-12 cyber education program goes nationwide
Cyber.org Range will introduce students to cybersecurity concepts and prepare them for intermediate-level jobs in a severely understaffed industry.
-
Jeenah Moon via Getty Images
Microsoft finally releases security updates for ProxyNotShell zero days
The company linked a limited set of recent Exchange Server attacks to state-backed threat actors.
-
Courtesy of Mondelēz International
Mondelēz settlement in NotPetya case renews concerns about cyber insurance coverage
The legal dispute between the snack giant and insurer Zurich American, which lasted four years, raises further questions about how insurers cover acts of cyber war.
-
Just_Super via Getty Images
Precise ransomware strikes boost threat actors’ success rate
Threat actors are amassing specialized skills and tools from a broader group of cybercriminals to target organizations with more sophisticated tactics.
