Featured news Google expands minimum security guidelines for third-party vendors Google's updated Minimum Viable Secure Product (MVSP) program offers advice for working with researchers and warns against vendors charging extra for basic security features. Dec 08, 2023 4 mins Application Security Supply Chain news New CISO appointments 2023 Dec 08, 2023 28 mins CSO and CISO Careers Security news Top cybersecurity product news of the week Dec 07, 2023 22 mins Generative AI Security ArticlesnewsBSIMM 14 finds rapid growth in automated security technologyEmbrace of a "shift everywhere" philosophy is driving a demand for automated, event-driven software security testing.By John P. Mello Jr. Dec 06, 2023 4 minsApplication SecurityNetwork SecuritynewsAlmost 50% of organizations plan to reduce cybersecurity headcounts: SurveyWhile organizations are realizing the need for knowledgeable teams to address unknown threats, they are also looking to reduce their security headcount and infrastructure spending.By Gagandeep Kaur Dec 06, 2023 4 minsIT JobsSecurity PracticesnewsHackers book profit by scamming Booking.com customersMalicious elements are using Vidar infostealer to gain access to Booking.com’s management portal and defraud customers.By Gagandeep Kaur Dec 04, 2023 4 minsCyberattacksnewsApple patches info-stealing, zero day bugs in iPads and MacsThe vulnerabilities that can allow the leaking of sensitive information and enable arbitrary code execution have had exploitations in the wild.By Shweta Sharma Dec 01, 2023 3 minsZero-day vulnerabilitynewsConti-linked ransomware takes in $107 million in ransoms: ReportA ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks.By Jon Gold Nov 30, 2023 4 minsRansomwarenewsOkta confirms recent hack affected all customers within the affected systemContrary to its earlier analysis, Okta has confirmed that all of its customer support system users are affected by the recent security incident.By Shweta Sharma Nov 30, 2023 3 minsData BreachnewsAmazon debuts biometric security device, updates Detective and GuardDutyAmazon’s latest security offerings, announced at its re:Invent conference, cover everything from advanced biometrics to new tools for defeating runtime and cloud threats, including identity and access management (IAM) capabilities.By Jon Gold Nov 29, 2023 3 minsBiometricsSecurity Monitoring SoftwareThreat and Vulnerability ManagementnewsAlmost all developers are using AI despite security concerns, survey suggestsAbout 96% of developers are using AI tools and nearly eight out of 10 coders are bypassing security policies to use them, while placing unfounded trust into AI’s competence and security, according to the report by Snyk.By John P. Mello Jr. Nov 29, 2023 4 minsDevelopment ToolsSecurity PracticesSupply ChainnewsFBI probes Pennsylvanian water utility hack by pro-Iran groupFederal and state investigations are underway for the recent pro-Iran hack into a Pennsylvania-based water utility targeting Israel-made equipment.By Shweta Sharma Nov 29, 2023 4 minsCyberattacksUtilities IndustrynewsAmazon’s AWS Control Tower aims to help secure your data’s bordersAs digital compliance tasks and data sovereignty rules get ever more complicated, Amazon wants automation to help.By Jon Gold Nov 28, 2023 3 minsRegulationCloud SecuritynewsNorth Korean hackers mix code from proven malware campaigns to avoid detectionThreat actors are combining RustBucket loader with KandyKorn payload to effect an evasive and persistent RAT attack.By Shweta Sharma Nov 28, 2023 3 minsMalwarenewsGE investigates alleged data breach into confidential projects: ReportGeneral Electric has confirmed that it has started an investigation into the data breach claims made by IntelBroker.By Shweta Sharma Nov 27, 2023 3 minsData Breach Show more Show less Show me morePopularArticlesPodcastsVideos news analysis LogoFAIL attack can inject malware in the firmware of many computers By Lucian Constantin Dec 08, 20238 mins MalwareMalwareCybercrime news analysis Attackers breach US government agencies through ColdFusion flaw By Lucian Constantin Dec 06, 20235 mins Advanced Persistent ThreatsAdvanced Persistent ThreatsAdvanced Persistent Threats feature 20 years of Patch Tuesday: it’s time to look outside the Windows when fixing vulnerabilities By Susan Bradley Dec 06, 20236 mins Patch Management SoftwareThreat and Vulnerability ManagementWindows Security podcast CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison Nov 20, 202315 mins CSO and CISO podcast CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University Oct 16, 202315 mins CSO and CISO podcast CSO Executive Sessions / ASEAN: Cisco's Anthony Grieco on opportunities in Southeast Asia's cybersecurity landscape Oct 10, 202316 mins CSO and CISO video CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison Nov 20, 202315 mins CSO and CISO video AI and Cybersecurity: Speed Bumps, Training, and Communication Nov 06, 202317 mins CyberattacksGenerative AI video CSO Executive Sessions Australia with Robbie Whittome Oct 16, 202315 mins CSO and CISO