The number of internet-exposed Palo Alto Networks firewalls has been dropping, but roughly 2,000 devices have already been compromised, according to the Shadowserver Foundation. Palo Alto Networks learned about a potential PAN-OS zero-day in early November and confirmed in-the-wild exploitation of a new vulnerability on November 15. On November 18, the security firm announced the […]
Hotshot cloud security vendor Wiz on Thursday announced a deal to acquire Dazz, adding an AI-powered cloud security remediation engine to its suite of enterprise products. Financial terms of the deal were not released but industry sources confirm the price tag is in the range of $450 million. Dazz, based in Israel, raised about $110 […]
Microsoft used the spotlight of its Ignite conference this week to introduce a new Quick Machine Recovery tool to help organizations remotely rebuild computer systems after major crises like the CrowdStrike outage earlier this year. The software maker said the feature will enable IT administrators to execute “targeted fixes” from Windows Update, even when machines […]
The owner of the RSA Conference wants to buy a slice of every cybersecurity startup that makes it to the final of its annual Innovation Sandbox event. The conference, which is owned by Crosspoint Capital Partners, on Thursday announced it will make a $5 million investment a prerequisite for each of the 10 finalists at […]
The MITRE Corporation has updated its Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list, which reflects the latest trends in the cyber threat landscape. The list provides information on the most common and impactful weaknesses that threat actors exploit in attacks to take over systems, steal sensitive information, and cause disruptions. Cross-site […]
Worldwide there are more than 145,000 internet-exposed industrial control systems (ICS), according to internet intelligence platform provider Censys. The company’s latest ‘State of the Internet’ report also reveals that the devices are spread out across 175 countries, with 38% of them located in North America, 35% in Europe and 22% in Asia. In the United […]
Mexico’s president said Wednesday that the government is investigating an alleged ransomware hack of her administration’s legal affairs office after what appeared to be samples of personal information from a database of government employees were posted online. The website Cybernews said a group called Ransomhub had posted a sample of apparently hacked government files on […]
UK fintech giant Finastra is investigating a data breach after a hacker offered for sale on an underground forum data allegedly stolen from the company. Roughly two weeks ago, the financial software firm notified its customers of suspicious activity on an internal file-transfer application used to exchange data with certain customers. “We immediately launched an […]
The US Department of Justice on Wednesday announced charges against five individuals for their alleged roles in phishing attacks resulting in credential, data, and cryptocurrency theft. According to the indictment, from at least September 2021 to April 2023, the suspects sent phishing text messages to employees at numerous companies, posing as the employing organization or […]
If 2023 and 2024 were the years of exploration, hype and excitement around AI, 2025 (and 2026) will be the year(s) that organizations start to focus on specific use cases for the most productive implementations of AI and, more importantly, to understand how to implement guardrails and governance so that it is viewed as less […]