security

CISA Adds Four Vulnerabilities to Catalog for Federal Enterprise

Posted on by Admin
CISA Adds Four Vulnerabilities to Catalog for Federal Enterprise

Welcome. Tell us a little bit about you. This will help us provide you with customized content. First Name Last Name Job Title Company Name Company Size Select a size 1 – 4 5 – 9 10 – 24 25 – 49 50 – 99 100 – 249 250 – 499 500 – 999 1000 – 4999 5000 – 9999 9999+ Industry Select an industry Advertising, Public Relations, and Marketing Aerospace and Aviation Agriculture and…

Read More

21% of CISOs Have Been Pressured Not to Report a Compliance Issue

Posted on by Admin
21% of CISOs Have Been Pressured Not to Report a Compliance Issue

Over a fifth of CISOs have been pressured not to report a compliance issue, according to new research. As they take on greater responsibility in the boardroom, they also face increasing accountability for security incidents, making them more vulnerable to executive pressure when compliance risks arise. The report, published by data management platform Splunk, also found that 59% of CISOs would be willing to become a whistleblower if their company ignored compliance requirements. However, the…

Read More

Sophos Acquires Secureworks for $859 Million | TechRepublic

Posted on by Admin
Sophos Acquires Secureworks for 9 Million | TechRepublic

Sophos has completed its $859 million acquisition of managed cyber security services provider Secureworks in an all-cash transaction. It now claims to be the “leading pure-play” provider of Managed Detection and Response Services, supporting more than 28,000 global organisations. Secureworks is an Atlanta, U.S.-based cybersecurity company that focuses on threat detection, response, and managed security services. Its acquisition will build out Sophos’ security operations platform for mitigating cyber attacks. “The open and scalable platform helps…

Read More

DeepSeek Locked Down Public Database Access That Exposed Chat History

Posted on by Admin
DeepSeek Locked Down Public Database Access That Exposed Chat History

On Jan. 29, U.S.-based Wiz Research announced it responsibly disclosed a DeepSeek database previously open to the public, exposing chat logs and other sensitive information. DeepSeek locked down the database, but the discovery highlights possible risks with generative AI models, particularly international projects. DeepSeek shook up the tech industry over the last week as the Chinese company’s AI models rivaled American generative AI leaders. In particular, DeepSeek’s R1 competes with OpenAI o1 on some benchmarks….

Read More

Phishing Emails in Australia Rise by 30%

Posted on by Admin
Phishing Emails in Australia Rise by 30%

The number of phishing emails received by Australians surged by 30% last year, new research by security firm Abnormal Security has found. Cybercriminals have increasingly targeted the Asia-Pacific region, partly because it is becoming a larger player in critical industries like data centres and telecoms. For APAC as a whole, credential phishing attacks rose by 30.5% between 2023 and 2024, according to the research. New Zealand saw a 30% rise, while for Japan and Singapore,…

Read More

GhostGPT: New Chatbot for Malware Creation, Scams

Posted on by Admin
GhostGPT: New Chatbot for Malware Creation, Scams

Security researchers have discovered a new malicious chatbot advertised on cybercrime forums. GhostGPT generates malware, business email compromise scams, and more material for illegal activities. The chatbot likely uses a wrapper to connect to a jailbroken version of OpenAI’s ChatGPT or another large language model, the Abnormal Security experts suspect. Jailbroken chatbots have been instructed to ignore their safeguards to prove more useful to criminals. Must-read security coverage What is GhostGPT? The security researchers found…

Read More

UK Considers Banning Ransomware Payments

Posted on by Admin
UK Considers Banning Ransomware Payments

The U.K. government is considering banning ransomware payments to make critical industries “unattractive targets for criminals.” It would apply to all public sector bodies and critical national infrastructure, which includes NHS trusts, schools, local councils, and data centres. Currently, all government departments nationwide are banned from paying cyber criminals to decrypt their data or prevent it from being leaked. This rule intends to protect the services and infrastructure the British public relies on from financial…

Read More

Patch Tuesday: Microsoft’s January 2025 Security Update Patches Exploited Elevation of Privilege Attacks

Posted on by Admin
Patch Tuesday: Microsoft’s January 2025 Security Update Patches Exploited Elevation of Privilege Attacks

Microsoft’s latest batch of security patches includes an expanded blacklist for certain Windows Kernel Vulnerable Drivers and fixes for several elevations of privilege vulnerabilities. The January 2025 Security Update addressed 159 vulnerabilities. Security patches should be applied to keep software up-to-date. However, early versions of patches may be unreliable and should be cautiously approached and deployed in test environments first. 1 Pipedrive CRM Employees per Company Size Micro (0-49), Small (50-249), Medium (250-999), Large (1,000-4,999),…

Read More

What’s Next for Open Source Software Security in 2025?

Posted on by Admin
What’s Next for Open Source Software Security in 2025?

Open-source software is common throughout the tech world, and tools like software composition analysis can spot dependencies and secure them. However, working with open source presents security challenges compared with proprietary software. Chris Hughes, chief security advisor at open-source software security startup Endor Labs, spoke to TechRepublic about the state of open-source software security today and where it might go in the next year. “Organizations are starting to try to get some foundational things like…

Read More
1 2 3 4 5 18