Security and compliance automation firm Drata has acquired trust center platform SafeBase in a quarter billion dollar deal.
The post Drata to Acquire SafeBase in $250 Million Deal appeared first on SecurityWeek.
Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities
Ivanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in their products.
The post Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities appeared first on SecurityWeek.
GAO Tells Coast Guard to Improve Cybersecurity of Maritime Transportation System
A new GAO report assesses that the Coast Guard needs to improve Maritime Transportation System (MTS) cybersecurity.
The post GAO Tells Coast Guard to Improve Cybersecurity of Maritime Transportation System appeared first on SecurityWeek.
Chipmaker Patch Tuesday: Intel, AMD, Nvidia Fix High-Severity Vulnerabilities
Chipmakers Intel, AMD and Nvidia on Tuesday published new security advisories to inform customers about vulnerabilities found in their products.
The post Chipmaker Patch Tuesday: Intel, AMD, Nvidia Fix High-Severity Vulnerabilities appeared first on SecurityWeek.
Cisco Says Ransomware Group’s Leak Related to Old Hack
A fresh post on the Kraken ransomware group’s leak website refers to data stolen in a 2022 cyberattack, Cisco says.
The post Cisco Says Ransomware Group’s Leak Related to Old Hack appeared first on SecurityWeek.
How to Steer AI Adoption: A CISO Guide
CISOs are finding themselves more involved in AI teams, often leading the cross-functional effort and AI strategy. But there aren’t many resources to guide them on what their role should look like or what they should bring to these meetings.
We’ve pulled together a framework for security leaders to help push AI teams and committees further in their AI adoption—providing them with the
We’ve pulled together a framework for security leaders to help push AI teams and committees further in their AI adoption—providing them with the
Google fixes flaw that could unmask YouTube users’ email addresses
Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, causing a massive privacy breach for those using the site anonymously. […]
North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack
The North Korea-linked threat actor known as Kimsuky has been observed using a new tactic that involves deceiving targets into running PowerShell as an administrator and then instructing them to paste and run malicious code provided by them.
“To execute this tactic, the threat actor masquerades as a South Korean government official and over time builds rapport with a target before sending a
“To execute this tactic, the threat actor masquerades as a South Korean government official and over time builds rapport with a target before sending a
ICS Patch Tuesday: Vulnerabilities Addressed by Schneider Electric, Siemens
Industrial giants Schneider Electric and Siemens have released February 2025 Patch Tuesday ICS security advisories.
The post ICS Patch Tuesday: Vulnerabilities Addressed by Schneider Electric, Siemens appeared first on SecurityWeek.
Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation
Microsoft on Tuesday released fixes for 63 security flaws impacting its software products, including two vulnerabilities that it said has come under active exploitation in the wild.
Of the 63 vulnerabilities, three are rated Critical, 57 are rated Important, one is rated Moderate, and two are rated Low in severity. This is aside from the 23 flaws Microsoft addressed in its Chromium-based Edge
Of the 63 vulnerabilities, three are rated Critical, 57 are rated Important, one is rated Moderate, and two are rated Low in severity. This is aside from the 23 flaws Microsoft addressed in its Chromium-based Edge