Proofpoint, which was acquired by private equity firm Thoma Bravo in 2021, has merged with Dathena, a New York-based AI data protection platform. Dathena's platform will address the need in Proofpoint's cloud management platform for safeguards against breaches and data exposure.
Researchers have identified a new wave of phishing attacks exploiting a vulnerability in the comments feature of Google Docs to deliver malicious phishing websites. It hit more than 500 inboxes across 30 tenants, with hackers using more than 100 different Gmail accounts, Avanan researchers say.
Alphabet's Google has purchased stand-alone security orchestration, automation and response vendor Siemplify for about $500 million in cash, to bolster the threat detection and response capabilities built into Google's Chronicle security analytics platform.
Microsoft's Azure App Service had a security flaw, which researchers call "NotLegit," that kept your Local Git repository publicly accessible, according to a security blog from Wiz.io. The source code of customer applications written in Java, Node, PHP, Python and Ruby was exposed for four years.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
Ultimate Kronos Group, a U.S.-based multinational firm that provides workforce management and human resource management systems, says that its private cloud service has fallen victim to a ransomware attack. An executive with the company says service restoration may take "several weeks."
As enterprises move past the urgency of pandemic response, and cloud migration becomes the real new normal, how are they defining and securing their journeys? Tom Davison of Lookout shares first-hand lessons learned from practicing cloud security.
While the Capital One breach may have been
jawdropping in its sheer scale, there are best
practice lessons to be learned in its remediation
What was overlooked in the Capital One
data breach, and why it could have been
How to monitor for security events in a
Cyber attacks happen — that’s a static fact of today’s cyber-fueled world. What isn’t static is how and where these attacks happen. Opportunities for attackers abound as networks grow more complex and orgs migrate (or come to life) in the cloud. Today’s attackers can spend months hiding in an environment,...
Zero Trust is not simply a different type of security technology or architecture; it is a methodology that provides a more comprehensive, dynamic and integrated approach to security. Cloud computing and software defined approaches along with maturity and interoperability across the technology ecosystem means Zero...