Skybox Security has landed former Digital Guardian CEO Mo Rosen to pursue profitability and drive adoption of the security policy and vulnerability management vendor's SaaS platform. The San Jose, California-based company tasked Rosen with making Skybox's SaaS tool easier to deploy and use.
A massive automated ransomware campaign is targeting VMware ESXi hypervisors worldwide, warns CERT-FR, the French government's computer emergency readiness team that's part of the National Cybersecurity Agency of France. VMware is advising customers to patch affected servers and scan for malware.
While malicious wipers have stolen most of the headlines in the Russia-Ukraine cyberwar, investigators say Russians are now using modified GammaLoad and GammaSteel info stealer malware to spy on compromised government employee accounts and avoid detection. The attack begins with a phishing email.
Tenable has debuted a $25 million corporate investment program to support prevention-focused startups focused on technologies such as cloud, OT and identity. The Baltimore-area exposure management vendor says Tenable Ventures plans to scour Israel and the United States for startups.
Security ratings provide a strong indication of potential risk, but boards increasingly want to drill into the underlying risk factors, says CEO Steve Harvey. BitSight has invested in both workflows around third-party risk and research and identification of CVEs on behalf of government agencies.
The IntSights deal has allowed Rapid7 to offer more visibility into the threat landscape and target the phishing infrastructure used by hackers. The deal has helped Rapid7 determine the spoofed domains and the employees and social media accounts that adversaries have targeted, CEO Corey Thomas says.
Hack The Box has completed a Series B funding round to add more cloud security and a gamification approach to its cybersecurity training platform. The Kent, England-based startup was founded in 2017 to provide pen testers and red teamers with a way to test their offensive security skills.
Managed security services player Cerberus Sentinel plans to capitalize on cloud migration and strict privacy regulations in South America through its proposed purchase of RAN Security. The deal will bolster Cerberus Sentinel's penetration testing, gap analysis and infrastructure management services.
Rising offensive security star NetSPI has bought boutique penetration testing firm nVisium to help customers assess their cloud defenses. NetSPI says nVisium's deep understanding of specific cloud platforms will come in handy since Azure penetration testing differs from AWS pen testing.
See how simple and effective security controls can create a framework that helps you protect your organization and data from known cyber attack vectors.
This publication was designed to assist executives by providing guidance for implementing broad baseline technical controls that are required to ensure a robust...
Determining which asset vulnerabilities should be prioritized for remediation is one of the biggest challenges for virtually every CISO and CSO, says Armis co-founder and CEO Yevgeny Dibrov. Dibrov says CVE and CVSS scores aren't an effective way to prioritize which vulnerabilities to fix first.
You may know that building a penetration testing team or hiring pen testing services can help uncover security gaps putting your organization at risk, but getting started is sometimes difficult. What makes a good security tester? Is there a way to differentiate true security pros from the inexperienced and...
Apple has issued a slew of security updates amid reports that its iOS devices are being actively exploited via a zero-day vulnerability in the kernel. While Apple hasn't attributed the exploits to any specific group, experts say surveillance malware developers are a likely culprit.
With attackers using increasingly sophisticated methods to attack your infrastructure, strictly manual methods of locating and inspecting assets on your network, clouds, and endpoints are no longer enough.
But what should your enterprise consider as essential when evaluating Vulnerability Management (VM) solutions?...
With attackers using increasingly sophisticated ways to break into systems, manual methods of locating and inspective devices on your network are no longer enough. The right Vulnerability Management solution can monitor your environment, enabling you to:
Discover devices running in your network