Kubernetes Pods Are Inheriting Too Many Permissions

/in

Scalable, effective — and best of all, free — securing Kubernetes workload identity cuts cyber-risk without adding infrastructure, according to new research from SANS.

darkreading – ​Read More

Ransomware groups test new business models to hit more victims, increase profits

/in

The DragonForce and Anubis groups are attempting to entice hackers to come and work with them by adopting affiliate models that would increase the volume of incidents their services can be used in.

The Record from Recorded Future News – ​Read More

Ethical Zero Day Marketplace Desired Effect Emerges From Stealth

/in

Desired Effect provides an ethical vulnerability exchange marketplace to help defenders get ahead of attackers.

The post Ethical Zero Day Marketplace Desired Effect Emerges From Stealth appeared first on SecurityWeek.

SecurityWeek – ​Read More

Endor Labs Raises $93 Million for AppSec Platform

/in

Endor Labs has raised $93 million in a Series B funding round and announced a major expansion of its AppSec platform.

The post Endor Labs Raises $93 Million for AppSec Platform appeared first on SecurityWeek.

SecurityWeek – ​Read More

Blue Shield of California shared the private health data of millions with Google for years

/in

The health insurance giant is notifying at least 4.7 million patients of the security lapse.

Security News | TechCrunch – ​Read More

The Foundations of a Resilient Cyber Workforce

/in

In a world where insider threats, nation-state adversaries, and technological evolution create new challenges, companies must prioritize transparency, ethical leadership, and a culture rooted in trust.

darkreading – ​Read More

Microsoft just launched powerful AI ‘agents’ that could completely transform your workday — and challenge Google’s workplace dominance

/in

Credit: VentureBeat made with Midjourney

Microsoft unveils new AI reasoning agents and Copilot features to transform workplace productivity, with Chief Product Officer Aparna Chennapragada sharing exclusive insights on the company’s vision for human-agent collaboration.Read More

Security News | VentureBeat – ​Read More

Endor Labs, which builds tools to scan AI-generated code for vulnerabilities, lands $93M

/in

AI-generated code is no doubt changing how software is built, but it’s also introducing new security challenges. More than 50% of organizations encounter security issues with AI-produced code sometimes or frequently, according to a late 2023 survey by developer security platform Synk. For Endor Labs, that opportunity proved alluring enough that it chose to change […]

Security News | TechCrunch – ​Read More

Files Deleted From GitHub Repos Leak Valuable Secrets

/in

A security researcher has discovered hundreds of leaked secrets by restoring files deleted from GitHub repositories.

The post Files Deleted From GitHub Repos Leak Valuable Secrets appeared first on SecurityWeek.

SecurityWeek – ​Read More

Cynomi cinches $37M for its AI-based ‘virtual CISO’ for SMB cybersecurity

/in

Small and medium businesses are the newest targets for cybersecurity attacks, with 1 in 3 breached last year. SMBs are becoming more proactive in detecting and stopping these threats, and today a startup called Cynomi is announcing $37 million in funding to meet that demand. Insight Partners and Entrée Capital are co-leading the round, with previous backers […]

Security News | TechCrunch – ​Read More