Jana Partners has raised its stake in cybersecurity vendor Rapid7 to 13% and is pushing for the company to consider selling itself. The activist investor teamed up with Cannae Holdings and is engaged in discussions with Rapid7's management to explore operational improvements and board restructuring.
Google says switching to a memory-safe language such as Rust under its Safe Coding program has helped significantly reduce the number of vulnerabilities in Android systems. The number of vulnerabilities uncovered in Android devices has fallen from over 200 in 2019 to fewer than 50 by 2024.
Organizations face growing challenges from cyber incidents. Former CISOs Heather Lowrie and Jon Staniforth share insights on enhancing preparedness through cyber exercises, proactively communicating with law enforcement and ensuring consistent messaging during incidents.
Picus Security has received $45 million in funding led by Riverwood Capital. The investment will accelerate product development in exposure management, including attack surface management and automated pen testing. The company plans to expand further in the Americas, targeting key growth areas.
Welcome to Information Security Media Group's Black Hat and DEF CON 2024 Compendium featuring latest insights from the industry's top cybersecurity researchers and ethical hackers, as well as perspectives from CEOs, CISOs and government officials on the latest trends in cybersecurity and AI.
Absolute Security has strengthened its platform with the acquisition of Syxsense, adding powerful automated vulnerability management tools to its existing endpoint security capabilities. The move aims to improve security compliance and simplify complex remediation tasks for organizations.
Federal authorities are alerting healthcare entities of vulnerabilities - including older flaws - that put Apache Tomcat at risk for attacks if left unmitigated. The open-source web server is heavily used in healthcare for hosting electronic health record and other systems and applications.
HackerOne has tapped F5's longtime product leader as its next chief executive to continue expanding its portfolio beyond operating vulnerability disclosure programs. The firm tasked Kara Sprague with building on existing growth in areas including AI red teaming and penetration testing as a service.
Cobalt tapped a longtime cybersecurity product leader as its next chief executive as the company expands its footprint from penetration testing to offensive security. The vendor tasked Sonali Shah with further expanding Cobalt's platform, which now includes dynamic application security testing.
Many cybersecurity organizations hope generative artificial intelligence and large language models will help them secure the enterprise and comply with the latest regulations. But to date, commercial LLMs have big problems - hallucinations and a lack of timely data, said NYU professor Brennan Lodge.
Cato Networks Chief Security Strategist Etay Maor discusses the importance of virtual patching for defending against vulnerabilities such as Log4j, why certain enterprises struggle to patch these flaws and how visibility challenges lead to overlooked risks in critical systems.
CrowdStrike is in talks to acquire Houston-based patch management and vulnerability remediation startup Action1 for close to $1 billion, co-founder and CEO Alex Vovk told employees in an email Wednesday. This would be the largest acquisition in the endpoint security vendor's history.
CEO Yevgeny Dibrov discusses the acquisition of Silk Security and CTCI to enhance the company’s cyber risk prioritization and threat hunting capabilities. He explains why these acquisitions are crucial for addressing customer challenges and expanding Armis’ cybersecurity platform.
Software used to manage a fifth of the world's solar electricity contained flaws enabling full access to attackers, risking grid overloads and blackouts. Solar power accounts for a sliver of overall U.S. electricity generation but will make up half of domestic electricity generation by 2050.
A vulnerability in Rockwell Automation's ControlLogix 1756 devices allows attackers to bypass a critical security feature, turning the trusted slot mechanism into a hacker's secret passageway to jump between slots and gain access to industrial control systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.