#security-reorg

[ follow ]
#cybersecurity #ai #data-breach #vulnerabilities #security #ai-security #ransomware #data-protection #anthropic
Privacy professionals
fromSecurityWeek
8 hours ago

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.
Information security
fromTechRepublic
1 day ago

Why Operationalizing AI Security Is the Next Great Enterprise Hurdle

Security operations lag behind rapid tech advancements, leading to inefficiencies and risks in managing numerous security tools.
#cybersecurity
EU data protection
fromTechCrunch
6 days ago

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.
Cryptocurrency
fromnews.bitcoin.com
3 hours ago

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.
Healthcare
fromSecuritymagazine
2 days ago

Healthcare Executives Face a New Era of Personal Risk

Healthcare executives face heightened personal risks due to grievance-motivated cyber threats amid economic pressures and public accountability.
Healthcare
fromBoston.com
2 days ago

Signature Healthcare in Brockton hit by cybersecurity incident

Signature Healthcare is managing a cybersecurity incident, affecting some services while maintaining inpatient and emergency care.
EU data protection
fromSecurityWeek
5 days ago

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Hackers stole over 300GB of data from the European Commission's AWS environment using a compromised API key from the Trivy supply chain attack.
EU data protection
fromTechCrunch
6 days ago

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.
more#cybersecurity
Social media marketing
fromHer Campus
1 hour ago

They Knew, They Didn't Care, & We Are All Paying For It

Social media platforms like Instagram have been found liable for mental health damage to young users, with internal documents revealing harmful strategies targeting teens.
DevOps
fromFortune
9 hours ago

The digital sovereignty dilemma is a false choice - here's how enterprises can have both | Fortune

Organizations must ensure digital sovereignty by balancing local control with global technology access to remain resilient and competitive.
Apple
fromTheregister
6 hours ago

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.
#data-breach
Privacy professionals
fromTheregister
9 hours ago

Capita's pension portal exposes civil servants' private data

Capita limited online functionality of the Civil Service Pensions Scheme member portal after a data breach exposed personal information of public sector workers.
Privacy professionals
fromTechCrunch
1 day ago

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.
Privacy professionals
fromSilicon Canals
6 days ago

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.
Information security
fromTheregister
1 week ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
Privacy professionals
fromTheregister
9 hours ago

Capita's pension portal exposes civil servants' private data

Capita limited online functionality of the Civil Service Pensions Scheme member portal after a data breach exposed personal information of public sector workers.
Privacy professionals
fromTechCrunch
1 day ago

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.
Privacy professionals
fromSilicon Canals
6 days ago

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.
Information security
fromTheregister
1 week ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
more#data-breach
SF politics
fromWIRED
9 hours ago

Politicians Are Spending More Money on Security as They Increasingly Become Targets

Federal campaign spending on security for the 2024 election cycle exceeds five times that of the 2016 election due to rising threats against public servants.
fromFortune
3 hours ago

'This utter lack of communication and consultation flies in the face of federal law': states push against immigration detention plans | Fortune

ICE purchased a 418,000-square-foot warehouse in Surprise, Arizona, for $70 million, with plans for a processing site capable of handling 1,000 to 1,500 immigrants daily.
US politics
#ai-security
Software development
fromInfoWorld
1 day ago

Microsoft's new Agent Governance Toolkit targets top OWASP risks for AI agents

Microsoft introduced the Agent Governance Toolkit to enhance AI agent security and mitigate OWASP's top 10 agentic AI threats.
fromZDNET
1 month ago
Miscellaneous

Rolling out AI? 5 security tactics your business can't get wrong - and why

Information security
fromInfoWorld
6 days ago

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.
Software development
fromInfoWorld
1 day ago

Microsoft's new Agent Governance Toolkit targets top OWASP risks for AI agents

Microsoft introduced the Agent Governance Toolkit to enhance AI agent security and mitigate OWASP's top 10 agentic AI threats.
fromZDNET
1 month ago
Miscellaneous

Rolling out AI? 5 security tactics your business can't get wrong - and why

Information security
fromInfoWorld
6 days ago

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.
more#ai-security
Privacy technologies
fromArs Technica
1 day ago

How our digital devices are putting our right to privacy at risk

Digital convenience comes at the cost of personal data privacy, raising concerns about its potential use against individuals by law enforcement.
World news
fromTheregister
1 day ago

Microsoft hints at bit bunkers for war zones

Microsoft is redesigning datacenters in conflict-prone regions due to Iranian attacks targeting Middle Eastern facilities linked to US military operations.
Business
fromFast Company
1 day ago

This is the biggest risk a company can take in the age of AI

Organizations that continue transformation during uncertainty outperform those that slow down, treating turbulence as an opportunity for growth.
Non-profit organizations
fromNextgov.com
3 days ago

The war against fraud should be a war for tech modernization

A new task force aims to combat fraud in public benefits programs by ensuring adequate anti-fraud controls and addressing data sharing challenges.
Information security
fromSecuritymagazine
1 day ago

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.
#ai
Artificial intelligence
fromwww.businessinsider.com
1 day ago

Why Anthropic's new AI model has some cybersecurity pros worried about its hacking abilities

Anthropic's Claude Mythos Preview is withheld from public release due to concerns over its potential to exploit software vulnerabilities autonomously.
Information security
fromNextgov.com
22 hours ago

Anthropic's Glasswing initiative raises questions for US cyber operations

Anthropic is prioritizing cybersecurity by withholding a powerful AI model and launching Project Glasswing to enhance defenses against AI-driven attacks.
Information security
fromFortune
2 days ago

Anthropic is giving some firms access to Claude Mythos to bolster cybersecurity defenses | Fortune

Anthropic is providing access to its advanced AI model, Claude Mythos, to enhance cybersecurity defenses among major tech firms.
Artificial intelligence
fromwww.businessinsider.com
1 day ago

Why Anthropic's new AI model has some cybersecurity pros worried about its hacking abilities

Anthropic's Claude Mythos Preview is withheld from public release due to concerns over its potential to exploit software vulnerabilities autonomously.
Information security
fromwww.theguardian.com
1 day ago

Anthropic says its latest AI model can expose weaknesses in software security

Claude Mythos exposes thousands of software vulnerabilities, prompting Anthropic to limit its release and collaborate with cybersecurity specialists.
Information security
fromNextgov.com
22 hours ago

Anthropic's Glasswing initiative raises questions for US cyber operations

Anthropic is prioritizing cybersecurity by withholding a powerful AI model and launching Project Glasswing to enhance defenses against AI-driven attacks.
Information security
fromFortune
2 days ago

Anthropic is giving some firms access to Claude Mythos to bolster cybersecurity defenses | Fortune

Anthropic is providing access to its advanced AI model, Claude Mythos, to enhance cybersecurity defenses among major tech firms.
more#ai
DevOps
fromDevOps.com
2 days ago

Why Most DevSecOps Pipelines Fail at Runtime Security (not Build Time) - DevOps.com

Runtime risk arises from configuration and infrastructure changes post-deployment, necessitating DevSecOps to enhance security earlier in the delivery process.
#cisa
SF politics
fromNextgov.com
2 days ago

Trump proposes cutting CISA election security program in FY27 budget

The Trump administration plans to cut $700 million from CISA, significantly impacting election security and infrastructure protection programs.
SF politics
fromNextgov.com
2 days ago

Trump proposes cutting CISA election security program in FY27 budget

The Trump administration plans to cut $700 million from CISA, significantly impacting election security and infrastructure protection programs.
more#cisa
Women in technology
fromInfoQ
1 week ago

Security and Architecture: To Betray One Is To Destroy Both

Architecture and security have evolved from separate entities to a deeply connected partnership focused on resilience and protection against threats.
Podcast
fromSecuritymagazine
2 weeks ago

What Does It Take to Be an Outstanding CSO or CISO?

Outstanding security leaders often come from non-traditional backgrounds, with 40% of recent CSO-CISO Hall of Fame honorees starting in the private sector.
Artificial intelligence
from24/7 Wall St.
3 hours ago

The Real Reason Cloudflare Is Down 11% Today Has Nothing to Do With Insider Selling

Insider selling at Cloudflare is routine and does not indicate trouble; the real concern is competition from Anthropic's new AI offerings.
US politics
fromArs Technica
4 days ago

CBP facility codes sure seem to have leaked via online flashcards

Immigration offenses and internal systems of CBP are detailed in flashcards, highlighting procedures and responsibilities of agents.
Information security
fromThe Hacker News
2 days ago

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.
#identity-management
fromThe Hacker News
1 day ago
Information security

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.
Information security
fromThe Hacker News
2 days ago

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.
Information security
fromThe Hacker News
1 day ago

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.
Information security
fromThe Hacker News
2 days ago

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.
more#identity-management
DevOps
fromInfoQ
2 weeks ago

Panel: Security Against Modern Threats

Modern threats to software supply chains require resilience by design, integrating security into engineering workflows and empowering developers with the right tools.
#ai-cybersecurity
Information security
fromSecurityWeek
2 days ago

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.
Information security
fromZDNET
2 weeks ago

1 in 2 security leaders say they're not ready for AI attacks - 4 actions to take now

AI-powered cybercrime is a significant and growing threat to businesses, with many feeling unprotected.
fromZDNET
1 month ago
Information security

The biggest AI threats come from within - 12 ways to defend your organization

Information security
fromSecurityWeek
2 days ago

The New Rules of Engagement: Matching Agentic Attack Speed

AI-enabled cyberattacks are currently occurring, with significant impacts on organizations and a widening gap between attackers and defenders.
Information security
fromZDNET
2 weeks ago

1 in 2 security leaders say they're not ready for AI attacks - 4 actions to take now

AI-powered cybercrime is a significant and growing threat to businesses, with many feeling unprotected.
fromZDNET
1 month ago
Information security

The biggest AI threats come from within - 12 ways to defend your organization

more#ai-cybersecurity
Privacy professionals
fromWIRED
1 day ago

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.
Information security
fromSecurityWeek
7 hours ago

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Palo Alto Networks and SonicWall released patches for multiple vulnerabilities, including high-severity bugs that could allow unauthorized access and code execution.
Information security
fromThe Hacker News
5 hours ago

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.
fromSecuritymagazine
6 days ago

World Cloud Security Day: Breaking Down the State of the Cloud Cybersecurity and Physical Security

"World Cloud Security Day is a useful reminder to recognize how much cloud risk now comes down to everyday access decisions and overlooked misconfigurations," says James Maude, Field CTO at BeyondTrust.
Information security
Privacy professionals
fromMedCity News
3 weeks ago

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.
fromSecuritymagazine
2 months ago

The New Battleground of Cybersecurity

I've always had what I would consider a hacker mindset, a curiosity to take things apart, understand them, and use that knowledge to solve problems. That mindset took me on a circuitous route into the cybersecurity industry; after being kicked out of high school for hacking computer systems, I worked a range of jobs, managing office supply companies by day and cracking Wi-Fi networks by night until I started a Digital Forensics degree which led me to the world of security research.
Science
Mental health
fromSecuritymagazine
1 month ago

Security Insights Delivered Through Podcasts

Security professionals face significant mental-health risks and team burnout, requiring leaders to integrate empathetic practices and psychological safety into security operations.
Information security
fromThe Hacker News
3 days ago

Multi-OS Cyberattacks: How SOCs Close a Critical Risk in 3 Steps

Multi-OS attacks complicate SOC operations, leading to delays, fragmented evidence, and increased escalation volume, ultimately allowing attackers more time to operate.
fromSilicon Canals
2 days ago

When militaries share data centers with banks: how Gulf strikes exposed a structural flaw in global cloud infrastructure - Silicon Canals

When civilian banks, logistics platforms, and payment processors share physical data center infrastructure with military AI systems, those facilities become legitimate military targets under international humanitarian law - and the civilian services housed inside lose their legal protection.
Information security
fromDevOps.com
3 days ago

Is Your AI Agent Secure? The DevOps Case for Adversarial QA Testing - DevOps.com

The most dangerous assumption in quality engineering right now is that you can validate an autonomous testing agent the same way you validated a deterministic application. When your systems can reason, adapt, and make decisions on their own, that linear validation model collapses.
Information security
Information security
fromSecurityWeek
6 days ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
fromComputerworld
6 days ago

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.
Information security
Information security
fromSecurityWeek
1 week ago

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.
Information security
fromComputerWeekly.com
3 weeks ago

Beyond integration theatre: Building stronger cyber platforms | Computer Weekly

Integration layers between security platforms, not the platforms themselves, have become the primary enterprise security risk requiring rigorous governance of delegated trust.
Information security
fromThe Hacker News
3 weeks ago

Why Security Validation Is Becoming Agentic

Security validation tools operate in silos while attackers exploit interconnected systems, creating a structural blind spot that Agentic Exposure Validation can address through continuous, autonomous, context-aware assessment.
Information security
fromComputerWeekly.com
3 weeks ago

How CISOs can build a truly unified and resilient security platform | Computer Weekly

Modern enterprise security requires rethinking architecture from perimeter defense to distributed asset protection across decentralized networks and cloud environments.
Information security
fromComputerWeekly.com
4 weeks ago

Vulnerability reports: Increase in quantity, decrease in quality? | Computer Weekly

Bug bounty programs face sustainability challenges due to increased low-quality submissions, prompting cURL founder Daniel Stenberg to shut down his HackerOne program and switch to GitHub for vulnerability reporting.
Information security
fromSecuritymagazine
1 month ago

The Great Security Culture Shift: Building a Proactive Defense in an Era of Advanced Threats and Social Engineering

Hackers exploit DLL side-loading on trusted platforms like LinkedIn to deliver malware through seemingly legitimate file attachments, bypassing traditional security defenses and compromising entire corporate networks.
Information security
fromwww.housingwire.com
2 months ago

Reducing risk: The importance of administrative access responsibilities

Clearly defined and strictly managed administrative access reduces cybersecurity risk while preserving operational efficiency in real estate, title insurance, and mortgage systems.
Information security
fromSecuritymagazine
1 month ago

Understanding Breaches Before and After They Happen: What Every Organization Should Know

Most security breaches result from neglected fundamentals—human error, unpatched systems, weak authentication, and poor network segmentation—rather than advanced, novel exploits.
Information security
fromBusiness Matters
1 month ago

Security Convergence and The Human Error

Human error causes the majority of data breaches, driven by skill- and decision-based mistakes, employee negligence, and basic security vulnerabilities like weak passwords.
Information security
fromEntrepreneur
2 months ago

How to Keep Your Company's Data Out of the Wrong Hands

Data security requires keeping sensitive data local, restricting access strictly, and holding vendors to higher standards to prevent breaches, leaks, and legal exposure.
Information security
fromTechzine Global
2 months ago

From vulnerability whack-a-mole to strategic risk operations

Shift security from counting vulnerabilities to strategic risk operations that prioritize exposure, value at risk, and measurable business outcomes.
[ Load more ]