Moving beyond checkbox security for true resilience

In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk management, prioritize spending based on threat-informed... Read more »

Dependency-Check: Open-source Software Composition Analysis (SCA) tool

Dependency-Check is an open-source Software Composition Analysis (SCA) tool to identify publicly disclosed vulnerabilities within a project’s dependencies. The tool analyzes dependencies for Common Platform Enumeration (CPE) identifiers. When... Read more »

Protecting your iCloud data after Apple’s Advanced Data Protection removal in the UK

Advanced Data Protection (ADP) secures iCloud data with end-to-end encryption. This ensures that no one, not even Apple, can access the encrypted data, which remains secure even in the... Read more »

Nation-state actors and cybercrime gangs abuse malicious .lnk files for espionage and data theft

11 state-sponsored APTs exploit malicious .lnk files for espionage and data theft, with ZDI uncovering 1,000 such files used in attacks. At least 11 state-sponsored threat groups have been... Read more »

Google Acquires Startup Wiz for $32B to Make ‘Cybersecurity More Accessible And Simpler’

Google’s agreement to buy cloud security startup Wiz will face antitrust scrutiny amid Alphabet’s ongoing legal battles. Read more »

Largest ever cyber deal reflects Google’s CNAPP ambitions

Read more »

ChatGPT SSRF bug quickly becomes a favorite attack vector

Threat actors exploit a server-side request forgery (SSRF) flaw, tracked as CVE-2024-27564, in ChatGPT, to target US financial and government organizations. Cybersecurity firm Veriti reports that threat actors are... Read more »

The rise of DAST 2.0 in 2025

Static Application Security Testing (SAST) found favor among security teams as an easy way to deploy security testing without really engaging developers. With the ability to analyze source code... Read more »

CyCognito improves security operations automation and risk visibility

CyCognito announced new capabilities designed to improve both security operations automation and risk visibility. These new features speed security operations by making assets easier to identify and attribute to... Read more »

Whistic announces next generation of Assessment Copilot

Whistic announced the next generation of its Assessment Copilot, a third-party risk management (TPRM) solution that integrates AI into the vendor assessment process for a fully automated workflow. With... Read more »
Subscribe to our Newsletter