Google has announced it will soon allow organizations to create their own curated “Enterprise Web Store” of company-sanctioned browser extensions for Chrome and ChromeOS, aimed at improving productivity, security, and management for businesses. […]
Fortinet warns of new critical FortiManager flaw used in zero-day attacks
Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP addresses, and credentials for managed devices. […]
Reality Defender Banks $33M to Tackle AI-Generated Deepfakes
New York startup raises $33 million in an expanded Series A round to build technology to detect deepfake and AI-generated media.
The post Reality Defender Banks $33M to Tackle AI-Generated Deepfakes appeared first on SecurityWeek.
Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland
On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. […]
Avast Releases Free Decryptor for Mallox Ransomware
Avast has released a decryptor for the Mallox ransomware after identifying a weakness in its cryptographic schema.
The post Avast Releases Free Decryptor for Mallox Ransomware appeared first on SecurityWeek.
Socket Raises $40 Million for Supply Chain Security Tech
Socket has raised $40 million in a Series B funding round to work on open source software supply chain security technology.
The post Socket Raises $40 Million for Supply Chain Security Tech appeared first on SecurityWeek.
Permiso State of Identity Security 2024: A Shake-up in Identity Security Is Looming Large
Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name a few. Organizations are starting to realize that a shake-up is needed in terms of the way we approach identity security both from a strategic but also a technology vantage point.
Identity security is more than just provisioning access
The conventional view
Identity security is more than just provisioning access
The conventional view
CISA, DOJ Propose Rules for Protecting Personal Data Against Foreign Adversaries
CISA and the DOJ are seeking comment on rules whose goal is to protect the personal data of Americans against foreign adversaries.
The post CISA, DOJ Propose Rules for Protecting Personal Data Against Foreign Adversaries appeared first on SecurityWeek.
CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)
A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation.
The vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability impacting SharePoint that could result
The vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability impacting SharePoint that could result
SIGA Launches OT Cybersecurity Suite for CISOs
SIGA has launched SigaML2, a solution described as a multi-layer machine learning process-oriented OT cybersecurity suite.
The post SIGA Launches OT Cybersecurity Suite for CISOs appeared first on SecurityWeek.