ISC2’s 2024 Cybersecurity Workforce Study warns of a stagnant workforce, a growing skills gap and a shortage of 4.8 million cybersecurity professionals worldwide. Despite increasing demand, many organizations struggle to fill critical roles, hindered by budget constraints and skills shortages.
Norwest Venture Partners led a $33 million Series C round to accelerate Intezer's product development, strengthen AI models and broaden security alert coverage. The funding will enable the New York-based company to offer more support for cloud security while growing its customer success teams.
Google patched a critical remote execution vulnerability in its cloud platform Cloud Composer service, "CloudImposer," which could have allowed attackers to compromise millions of servers, say researchers from Tenable. The CloudImposer vulnerability could lead to the Jenga Tower effect.
Welcome to Information Security Media Group's Black Hat and DEF CON 2024 Compendium featuring latest insights from the industry's top cybersecurity researchers and ethical hackers, as well as perspectives from CEOs, CISOs and government officials on the latest trends in cybersecurity and AI.
A California security camera company agreed to pay a $2.95 million civil penalty and implement a security program after hackers in 2021 accessed video from 150,000 internet-connected security cameras, including from devices placed inside psychiatric hospitals and women's health clinics.
When developers make Amazon Machine Images public, they risk exposing sensitive data and creating vulnerabilities. Security experts Matei Josephs and Eduard Agavriloae explain how attackers can exploit these exposures, leading to unauthorized access and potential data breaches.
A new modernization guide that aims to scale and improve the Federal Risk Authorization Management Program still contains critical gaps that could allow agencies to continue purchasing software without following the program's stringent security requirements.
Microsoft blamed a widespread Azure cloud computing platform service outage, including Microsoft 365 problems, on its failure to stop a distributed denial-of-service attack after "an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it."
Ransomware hackers discovered a way to gain full administrative privileges on VMware ESXi hypervisors connected to Microsoft's Active Directory, a finding that resulted in extortion demands from cybercriminals, including Storm-0506, Storm-1175, Octo Tempest and Manatee Tempest.
The Department of Health and Human Services is facing some of the same cloud security problems as the healthcare organizations it regulates: weaknesses in a dozen different cloud security controls and inventories of cloud systems, according to an inspector general's audit report.
Orca Security CEO Gil Geron outlines the integration of AI for advanced security posture management. He emphasizes the importance of deep visibility into cloud environments, customer adoption and preventing security issues early in the development life cycle.
Aqua Security carried out its second round of layoffs since 2022 as the future prospects for stand-alone cloud security vendors look increasingly uncertain. Aqua said axing 10% of its workforce will ensure Aqua continues on a path to profitability that's aligned with current economic conditions.
Despite all the platformization buzz, there are very few vendors with market-leading capabilities in at least three disparate security technology categories. That could change if Google forges buys cloud security firm Wiz for a reported $23 billion just two years after buying Mandiant.
The theft of terabytes of Snowflake customers' data through credential stuffing hacks highlights how multifactor authentication shouldn't be optional for safeguarding accounts. Experts are calling on providers to build in more robust identity and authentication security features, at no extra cost.
The Federal Risk Authorization Management Program unveiled a new framework designed to help agencies increasingly adopt emerging technologies that maintain rigorous security standards and that can be implemented into new and existing federal systems, according to a recent blog post.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ransomware.databreachtoday.com, you agree to our use of cookies.