Topic: security posture
-
Cloudflare Balances Data Security with AI Access
Cloudflare One has been enhanced to help businesses securely integrate and manage generative AI tools while maintaining data protection and compliance standards. New features include AI Security Posture Management (AI-SPM), offering discovery of AI usage patterns, protection against unapproved AI...
Read More » -
Secure Your Data and AI Strategy for Success
AI security is now a primary business priority, with every new tool being evaluated for its security posture before its functional capabilities. Organizations struggle to balance innovation with robust security, requiring a proactive strategy that embeds security into AI projects from the start. ...
Read More » -
Mondoo Secures $17.5M to Expand Vulnerability Management Platform
Mondoo raised $17.5 million in a Series A extension, bringing total funding to over $32 million, with HV Capital leading the investment to support platform enhancements and regional expansion. The company offers an agentic vulnerability management platform that identifies, categorizes, and priori...
Read More » -
Zero Trust: Slash Cyber Risk and Insurance Claims
Businesses in Australia and Oceania are facing a sharp rise in sophisticated cyberattacks, and adopting a Zero Trust security architecture can significantly reduce both the frequency and financial impact of these incidents. Research shows that implementing Zero Trust could have prevented up to 42...
Read More » -
Salesloft Links Drift Data Theft to March GitHub Hack
A data breach at Salesloft originated from a March intrusion into its GitHub account, allowing attackers to steal authentication tokens and target major tech clients over several months. The attackers used stolen OAuth tokens to infiltrate companies like Google and Cloudflare via Salesloft's AWS ...
Read More » -
Secure Your Code with DefectDojo: Open-Source DevSecOps
DefectDojo is an open-source platform that centralizes application security management, vulnerability tracking, and DevSecOps workflows by consolidating findings from multiple sources and eliminating duplicates. It enables organizations to track vulnerabilities, manage risk acceptance procedures,...
Read More » -
Box Shield Pro: Secure AI Workflows & Protect Sensitive Data
Box has launched Box Shield Pro, an AI-enhanced security suite that builds on its existing platform to better protect enterprise data and improve threat response against risks like ransomware and accidental exposure. The new solution includes AI-driven agents for automated content classification,...
Read More » -
QuProtect R3: Unlock Full Encryption Visibility Across All Systems
QuSecure has launched QuProtect R3, a production-ready platform to simplify the transition to post-quantum cryptography for organizations, offering a streamlined path without operational disruption. The platform includes a free Reconnaissance module that quickly maps cryptographic vulnerabilities...
Read More » -
CISA Flags Spyware Zero-Day in Urgent Security Alert
US authorities issued a critical security alert for a high-risk vulnerability in Samsung mobile devices, exploited since mid-2024 to install spyware via malicious files on WhatsApp. The vulnerability, CVE-2025-21042 with a CVSS score of 9.8, enables attackers to use LandFall spyware for surveilla...
Read More » -
DefectDojo Launches Sensei: AI Cybersecurity Advisor
DefectDojo has launched Sensei, an autonomous AI cybersecurity advisor that operates independently without external AI services, eliminating vulnerabilities from third-party integrations. The cybersecurity industry is increasingly adopting AI, with many professionals using or testing AI tools to ...
Read More » -
Hackers Unleash HexStrike-AI to Exploit n-Day Flaws Faster
AI-powered tools like HexStrike-AI are being repurposed by cybercriminals to automate attacks, drastically reducing the time between vulnerability disclosure and exploitation. These attacks are targeting specific vulnerabilities in Citrix NetScaler appliances, with threat actors achieving remote ...
Read More » -
Flowmon ADS 12.5: Effortless Threat Detection Made Simple
Progress Software has launched Flowmon ADS 12.5, an AI-powered anomaly detection system designed to simplify threat identification and provide enhanced network visibility for organizations. The solution addresses challenges like alert fatigue and resource constraints, especially for midsize busin...
Read More » -
Identity: The Leading Cloud Security Threat
Identity-related weaknesses and outdated vulnerabilities are the main causes of the rise in cloud security incidents, with attackers exploiting these gaps to access sensitive systems and data. Excessive permissions and over-privileged cloud identities, affecting 99% of cases, allow attackers to m...
Read More » -
Tufin R25-2 Boosts Network & Cloud Security Automation
Tufin Orchestration Suite R25-2 enhances security by providing expanded visibility, comprehensive automation, and stronger controls across hybrid networks from a unified platform. The update introduces key advancements including improved topology accuracy, streamlined SASE policy control, and enh...
Read More » -
Federal Agency Hacked Through GeoServer Vulnerability
A federal agency suffered a cybersecurity breach in July 2024 when attackers exploited a critical, unpatched vulnerability in a public-facing GeoServer, allowing them to deploy malicious tools and establish persistence. The attackers used the same vulnerability to breach a second server, moved la...
Read More »