County pays $600,000 to pentesters it arrested for assessing courthouse security
Two security professionals who were arrested in 2019 after performing an authorized security assessment of a county courthouse in Iowa will receive $600,000 to settle…
Latest Cybersecurity News — Page 148
View all →
Fall 2025 SOC 1, 2, and 3 reports are now available with 185 services in scope
Amazon Web Services (AWS) is pleased to announce that the Fall 2025 System and Organization Controls (SOC) 1, 2, and 3 reports are now available. The…
Fuzzing a single thread to uncover vulnerabilities
A Cisco Talos researcher worked around the limitations of hardware-level Code Read-out Protection (RDP) on the Socomec DIRIS M-70 gateway by pivoting from physical debugging to a…
2026 Cloud security and AI security risk report
AI adoption is outpacing traditional cyber governance. The “Tenable Cloud and AI Security Risk Report 2026” reveals how overprivileged identities and unmonitored supply chain dependencies…
Shadow Repeater:AI-enhanced manual testing | PortSwigger Research
Have you ever wondered how many vulnerabilities you’ve missed by a hair’s breadth, due to a single flawed choice? We’ve just released Shadow Repeater, which…
The 3 Steps CISOs Must Follow
Every CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the people with…
Out of sight, out of mind with Windows Long File Names
I. INTRODUCTION One of the very important issues that red teamers and pentester always have to consider is how to keep their payloads low profile.…
LeakBase marketplace unplugged by cops in 14 countries
The LeakBase cyberforum, considered one of the world’s largest online marketplaces for cybercriminals to buy and sell stolen data and cybercrime tools, has been seized…
Web portal leaves kids’ chats with AI toy open to anyone with Gmail account
Earlier this month, Joseph Thacker’s neighbor mentioned to him that she’d preordered a couple of stuffed dinosaur toys for her children. She’d chosen the toys,…
AWS achieves 2025 C5 Type 2 attestation report with 183 services in scope
Amazon Web Services (AWS) is pleased to announce a successful completion of the 2025 Cloud Computing Compliance Criteria Catalogue (C5) attestation cycle with 183 services…
Beyond Hamas: Militant and Terrorist Groups Involved in the October 7 Attack on Israel
October 7: Hamas attacks Israel In the midst of the Israel-Hamas War, which erupted with a surprising and devastating attack on October 7, 2023 that…
Hunting for malicious OpenClaw AI in the modern enterprise
When shadow IT is discussed, it’s usually in the context of unauthorized SaaS apps or stray cloud buckets. But there’s a new, faster-moving frontier emerging…