Sophos’ Ross McKerchar discusses leadership at scale, retaining talent, defending against AI-enabled threats, and the industry’s growing trust problem.
The post CISO Conversations: Ross McKerchar, CISO at Sophos appeared first on SecurityWeek.
Category Added in a WPeMatico Campaign
Mirax RAT Targeting Android Users in Europe
Offered as a MaaS to a small number of affiliates, mainly Russian speakers, the RAT can turn devices into residential proxy nodes.
The post Mirax RAT Targeting Android Users in Europe appeared first on SecurityWeek.
Two Vulnerabilities Patched in Ivanti Neurons for ITSM
The flaws could allow a remote attacker to maintain access after their account has been disabled and to access information from other user sessions.
The post Two Vulnerabilities Patched in Ivanti Neurons for ITSM appeared first on SecurityWeek.
$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks
Researchers found adware capable of killing cybersecurity products and pushing more dangerous payloads to infected systems.
The post $10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks appeared first on SecurityWeek.
Trump Urges Extending Foreign Surveillance Program as Some Lawmakers Push for US Privacy Protections
Congress is set to take up the reauthorization of a divisive program that lets U.S. spy agencies pore over foreigners’ calls, texts and emails, with supporters like President Donald Trump saying it has saved lives while critics point to longstanding concerns about warrantless surveillance of Americans. A key provision of the Foreign Intelligence Surveillance Act […]
The post Trump Urges Extending Foreign Surveillance Program as Some Lawmakers Push for US Privacy Protections appeared first on SecurityWeek.
Fortinet Patches Critical FortiSandbox Vulnerabilities
The flaws could allow attackers to bypass authentication or execute arbitrary code or commands via HTTP requests.
The post Fortinet Patches Critical FortiSandbox Vulnerabilities appeared first on SecurityWeek.
ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories
Siemens, Schneider Electric, Aveva, Rockwell Automation, ABB, Phoenix Contact, Mitsubishi Electric, and Moxa patched vulnerabilities.
The post ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories appeared first on SecurityWeek.
Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities
Experts say this is the second-largest Microsoft Patch Tuesday ever based on CVE count.
The post Microsoft Patches Exploited SharePoint Zero-Day and 160 Other Vulnerabilities appeared first on SecurityWeek.
Adobe Patches 55 Vulnerabilities Across 11 Products
Critical ColdFusion vulnerabilities are the most at risk of being exploited in attacks, according to the software giant.
The post Adobe Patches 55 Vulnerabilities Across 11 Products appeared first on SecurityWeek.
‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats
CISOs face a shrinking window to prepare as AI models like Mythos collapse the gap between vulnerability discovery and exploitation, driving a new era of high-velocity cyberattacks.
The post ‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats appeared first on SecurityWeek.