Tag: risk
-
China Investigates NVIDIA’s H20 Chips for Surveillance Risks
NVIDIA has been called in by Chinese regulators over claims that its H20 AI chip poses security risks, putting billions in potential sales at stake. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-china-investigates-nvidia-h20-chips-backdoor-security-risks/
-
IBM Report: Shadow AI and Poor Governance Linked to Costlier Breaches in 2025
Only 34% of organizations with AI governance audit for misuse, IBM’s 2025 breach report warns. Lack of oversight is raising risks and costs. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-ai-breach-risks-rise-as-governance-lags/
-
Compliance and AIOps: The Role of GRC in IT Operations
By providing a data-driven, automated, and real-time approach to Governance, Risk, and Compliance, Qmulos adds that extra layer of visibility to the overall correlation of operational events. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/compliance-and-aiops-the-role-of-grc-in-it-operations/
-
Safe Raises $70M Series C to Scale Cyber Risk Management
New Funding, Platform Expansion Aim for Predictive, Autonomous Threat Defense. Safe’s $70 million Series C will fund expanded capabilities across its cyber risk quantification, exposure management and third-party oversight tools. The company says its agentic AI vision cyber AGI will transform how enterprises manage and mitigate cyberthreats. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/safe-raises-70m-series-c-to-scale-cyber-risk-management-a-29109
-
Noma Raised $100M to Expand Agentic AI Security Platform
Red-Hot Startup Noma Security to Deepen Protection for AI Models and Agents. With agentic AI deployments accelerating, Noma Security’s $100 million Series B will fuel development of risk management and runtime protection features. CEO Niv Braun said demand for securing agentic AI has surged among Fortune 500 firms and healthcare and financial institutions. First seen…
-
Illumina Fined $9.8M for Cybersecurity Flaws in Genomic Tools Sold to U.S. Agencies
Illumina Inc., a leading genomic sequencing company, has agreed to pay $9.8 million to settle federal allegations that it knowingly sold cybersecurity-vulnerable genomic sequencing systems to government agencies while misrepresenting their security standards. The settlement resolves claims spanning over seven years of alleged violations that put sensitive genetic information at risk across multiple federal departments.…
-
KnowBe4 stellt Keith Bird als Executive Vice President of International Growth ein
Die weltweit renommierte Cybersicherheitsplattform KnowBe4, die sich umfassend mit Human-Risk-Management befasst, gibt bekannt, dass sie den erfahrenen Manager Keith Bird als Executive Vice President für den weltweiten Vertrieb eingestellt hat. Er wird für das internationale Geschäft in Europa, dem Nahen Osten, Afrika, dem asiatisch-pazifischen Raum, Japan und Lateinamerika verantwortlich sein. Bird ist ein 40-jähriger Tech-Veteran…
-
NIS2 verändert die Spielregeln ein Kabinettsbeschluss unter Druck
Noch steht das Gesetzgebungsverfahren nicht am Ende. Der Entwurf muss nun Bundestag und Bundesrat passieren. Unternehmen sollten aber bereits aktiv geworden sein. Denn wer heute beginnt, Transparenz über seine Risiken zu schaffen, First seen on infopoint-security.de Jump to article: www.infopoint-security.de/nis2-veraendert-die-spielregeln-ein-kabinettsbeschluss-unter-druck/a41582/
-
Microsoft-Sicherheitslücke in Deutschland weit verbreitet
Tags: bug, china, cyberattack, cybersecurity, germany, infrastructure, microsoft, ransomware, risk, software, update, usa, vulnerabilityDie Gefahr ist noch nicht gebannt: Experten verzeichnen weiter steigende Infektionszahlen.Deutsche Unternehmen, Behörden und Bildungseinrichtungen sind in Europa am stärksten von der schwerwiegenden Schwachstelle in der Sharepoint-Software von Microsoft betroffen. Nach einer Analyse des europäischen Cybersecurity-Unternehmens Eye Security wurden bislang weltweit 396 infizierte Server in 145 Organisationen identifiziert 42 davon betreffen demnach Unternehmen, die in…
-
40,000 WordPress websites at risk of being hijacked due to vulnerable Post SMTP plugin
Over 40,000 websites running a vulnerable version of a popular WordPress plugin could be at risk of being hijacked by hackers. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/200-000-wordpress-websites-at-risk-of-being-hijacked-due-to-vulnerable-post-smtp-plugin
-
Summer: Why cybersecurity must be strengthened as vacations abound
Tags: access, ai, attack, authentication, automation, awareness, backup, control, corporate, credentials, cybersecurity, data, detection, email, encryption, exploit, infrastructure, malicious, mfa, monitoring, network, office, password, resilience, risk, theft, threat, tool, training, update, usa, vpn, wifiGuillermo Fernandez, Sales Engineer for Southern Europe at WatchGuard Technologies. WatchGuard Technologies.Another important point is that, during the summer, attackers know that many IT and cybersecurity teams are operating with more limited resources or with staff on vacation. “They take advantage of this to launch phishing campaigns and other targeted attacks, aware that attention and vigilance often…
-
Smart steps to keep your AI future-ready
In this Help Net Security interview, Rohan Sen, Principal, Cyber, Data, and Tech Risk, PwC US, discusses how organizations can design autonomous AI agents with strong … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/01/rohan-sen-pwc-us-ai-ecosystems-security/
-
Salt Security Unveils Salt Surface to Expose Hidden API Risks
API security company Salt Security has announced the launch of Salt Surface, a new capability integrated into its existing API Protection Platform. Salt Surface provides organisations with a comprehensive API attack surface assessment, delivering an attacker’s-eye view of their public-facing APIs to uncover specific, actionable risks before they can be exploited. Salt Surface is an…
-
Sensitive data in text embeddings is recoverable
We ran an experiment using Morris et. al’s Vec2Text model, to demonstrate the privacy risk of text embeddings with sensitive data. As we’ll show, a large percentage of sensitive data can be recovered from just their text embeddings, posing a significant privacy risk and demonstrating the need to use a tool like Tonic Textual to…
-
DORA Europäische Union präzisiert Umgang mit Lieferketten-Risiken
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/dora-eu-umgang-lieferketten-risiko
-
Gen Z Falls for Scams 2x More Than Older Generations
Forget gullible old people , Gen Z is the most at-risk age group on the Web. Older folks might want to ignore it, but employers are likely to feel the brunt. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/gen-z-scams-2x-more-older-generations
-
Seeing Your APIs Through an Attacker’s Eyes: Introducing Salt Surface
Tags: api, attack, backdoor, breach, cloud, data-breach, endpoint, firewall, Internet, monitoring, risk, tool, vulnerability, wafYour API attack surface is larger and more exposed than you realize. In today’s complex, cloud-native environment, APIs are deployed at an astonishing rate. While this rapid pace fuels innovation, it also creates a significant visibility gap. The APIs you are aware of and manage are only the tip of the iceberg. Your actual risk…
-
Ransomware up 179%, credential theft up 800%: 2025’s cyber onslaught intensifies
Exploits multiply as defenders play catch-up: Vulnerability disclosure rose by 246%, and publicly available exploits increased by 179%, with over 20000 vulnerabilities disclosed in the first half of 202535% of which already have exploit code.A backlog of 42000 vulnerabilities awaiting NVD analysis and delays in CVE enrichment leave organizations blind to many critical flaws, the…
-
What the Coinbase Breach Says About Insider Risk
The lesson from the breach is not just about what went wrong, but what could have gone right. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/coinbase-breach-insider-risk
-
Ransomware bleibt ein akutes Risiko und die Lage spitzt sich weiter zu
Ein wichtiger Hebel zur Risikominimierung liegt im menschlichen Verhalten. Viele Angriffe starten mit einem simplen Klick: über Phishing-Mails, unsichere Passwörter oder mangelnde Aufmerksamkeit. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ransomware-bleibt-ein-akutes-risiko-und-die-lage-spitzt-sich-weiter-zu/a41561/
-
Cybercriminals ‘Spooked’ After Scattered Spider Arrests
The arrest of members of the Scattered Spider cyber-attack group have temporarily halted new intrusions, however, similar threat actors continue to pose risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cybercriminals-spooked-scattered/
-
China Summons Nvidia Over Alleged Backdoor Risks in AI Chips
China’s top cybersecurity authority, the Cyberspace Administration of China (CAC), has officially summoned representatives from Nvidia to address alleged security vulnerabilities in its AI chips sold in the country. The specific focus is on Nvidia H20 chips, a custom version designed for the Chinese market amid strict U.S. export controls. First seen on thecyberexpress.com Jump…
-
Mind the overconfidence gap: CISOs and staff don’t see eye to eye on security posture
Tags: ai, attack, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, defense, detection, grc, group, hacker, identity, incident response, intelligence, international, least-privilege, metric, network, phishing, ransomware, risk, risk-assessment, risk-management, soc, strategy, technology, threat, tool, training, updateMisplaced priorities: Investments often favor visibility and compliance over “core capabilities like detection engineering, incident response, and threat containment,” according to Santiago Pontiroli, lead security researcher at cybersecurity vendor Acronis TRU.Delayed adaptation: AI-driven threats demand faster, smarter defenses, but key upgrades (such as behavior-based analytics or automation) are often postponed due to underestimated risk, according…
-
Researchers Exploit 0-Day Flaws in Retired Netgear Router and BitDefender Box
Cybersecurity researchers successfully exploited critical zero-day vulnerabilities in two discontinued network security devices during DistrictCon’s inaugural Junkyard competition in February, earning runner-up recognition for Most Innovative Exploitation Technique. The findings highlight the persistent security risks posed by end-of-life hardware that no longer receives security updates. The research team from Trail of Bits targeted a Netgear WGR614v9…
-
Metas Achselzucken, Ihr Risiko: Wie Facebooks Datenlecks in Silicon Valley zur neuen Normalität wurden
Es begann, wie diese Geschichten es oft tun, nicht mit einem Knall, sondern mit einem Prahlen. Vor fast zwei Monaten behauptete ein Hacker in einem dunklen Forum, 1,2 Milliarden Facebook-Nutzerdaten abgesaugt zu haben Namen, E-Mail-Adressen, Telefonnummern, Geburtstage, Standorte, die digitalen Brotkrumen echter Leben. Das Forschungsteam von Cybernews machte sich daran, die Behauptung zu überprüfen…. First…
-
Cybersecurity Trends 2025: What’s Really Coming for Your Digital Defenses
Cybersecurity trends in 2025 reveal rising AI threats, quantum risks, and supply chain attacks, pushing firms to adapt or face major data and financial losses. First seen on hackread.com Jump to article: hackread.com/cybersecurity-trends-2025-whats-your-digital-defenses/
-
Securing the Next Era: Why Agentic AI Demands a New Approach to API Security
I’ve spent my career building solutions to protect the API fabric that powers modern businesses. I founded Salt because I saw that traditional security tools such as WAFs, gateways, and CDNs weren’t designed to see or secure APIs. That gap led to breaches, blind spots, and billions in risk. Today, we’re facing a new wave…
-
Nikesh Arora: Why Palo Alto Is Making a $25B Bet on Identity
Tags: access, ai, attack, ceo, credentials, cybersecurity, identity, network, ransomware, risk, theftCyberArk Deal Adds Privileged Access Capabilities to Palo Alto Networks’ Core Stack. With a $25 billion acquisition of CyberArk, Palo Alto Networks expands its cybersecurity platform to secure human, machine and AI identities. CEO Nikesh Arora said the move is timely as 88% of ransomware attacks now stem from credential theft, and agentic AI emerges…