Security Bulletin

Wiz researchers gained access to credentials and other secrets using a cross-tenant exploit.

Though the number of victims has risen, the actual number of breaches has gone down, as fewer, bigger breaches affect more individuals.

An unpatched vulnerability in the way Windows handles installer files could put systems at risk of attack.

Implementing modern IAM platforms and policies will strengthen organizational cybersecurity as a whole, a collection of cybersecurity leaders said in a recent roundtable discussion.

The vulnerability was given the highest CVSS score possible, though few details have been released due to its severity.

CLUS Industrial IoT Summit top customer concerns were cybersecurity, the IT/OT workforce gap, and the urgent need to modernize networks in the age of AI.

Enterprise Security Weekly's Adrian Sanabria discusses Fortinet's recently released skills gap report with Fortinet's Rob Rashad on how breaches are impacting today's cybersecurity teams, the current state of certifications in the eyes of employers, and the opportunities for organizations to address the skills gap.

Enterprise Security Weekly's Adrian Sinabra discusses why OT has become a hot target for cyber criminals with Fortinet's Richard Springer as they discuss Fortinet's 2024 State of Operational Technology and Cybersecurity report.

Three newly discovered SMTP smuggling attack techniques can exploit misconfigurations and design decisions made by at least 50 email-hosting providers.

An official stamp of approval might give the impression that a purported "HotPage" adtech tool is not, in fact, a dangerous kernel-level malware — but that's just subterfuge.

Announcing the launch of the Coalition for Secure AI (CoSAI) to help securely build, deploy, and operate AI systems to mitigate AI-specific security risks.

CISA added three bugs to the KEV catalog in all; Cisco gives flaw on Cisco Smart Software Manager On-Prem a 10 rating.