The Old Ways of Vendor Risk Management Are No Longer Good Enough
Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance.
For $50, Cyberattackers Can Use GhostGPT to Write Malicious Code
Malware writing is only one of several malicious activities for which the new, uncensored generative AI chatbot can be used.
Hackers use Windows RID hijacking to create hidden admin account
A North Korean threat group has been using a technique called RID hijacking that tricks Windows into treating a low-privileged account…
Biden’s Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense
New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect…
Risk, Reputational Scores Enjoy Mixed Success as Security Tools
Part predictive analysis, part intuition, risk and reputation services are imperfect instruments at best — and better than nothing for…
6 AI-Related Security Trends to Watch in 2025
AI tools will enable significant productivity and efficiency benefits for organizations in the coming year, but they also will exacerbate…
Driving Security Forward: How Automakers Can Stay Ahead of Cyber Threats and Compliance Challenge
As technology revolutionizes the way OEMs build cars, this software-powered shift has also introduced new risks and challenges. As cars…
Ditch The Cloud Security Labels to Nail Detection and Response
Today’s cloud security categories don’t do practitioners any favors when it comes to identifying the key requirements for detection and…
How Nation-State Cybercriminals Are Targeting the Enterprise
Combating nation-state threat actors at the enterprise level requires more than just cyber readiness and investment — it calls for…
Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2
A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since…