ITPro, Monday, October 6th, 2025
Enterprise Browsers: The New Standard For Security?
The market for enterprise browsers is growing fast - but are their features and security controls enough to compete with free applications?
more →
Back Issues This Week → Popular →
All issues › Archive
Security — Archive
2,322 articles · page 9 of 47
InfoQ, Monday, October 6th, 2025
Java News Roundup: JDK 26 Release Schedule, GlassFish, Spring AI, Helidon, Mandrel 25, Seed4j
This week's Java roundup for September 29th, 2025, features news highlighting: JEP 527, Post-Quantum Hybrid Key Exchange for TLS 1.3; the proposed JDK 26 release schedule; the release of Mandrel 25 and Seed4j; milestone releases of GlassFish 8.0 and 7.1; the beta release of WildFly 38; and point releases of Spring AI, Helidon, Micronaut, LangChain4j, Gatherers4j and Keycloak.
more →
Blocks & Files, Monday, October 6th, 2025
Why We Need A Cybersecurity Validation Standard
Any organization that has not been hit by ransomware thinks, by default, that its defenses are good.
more →
Dark Reading:, Thursday, October 2nd, 2025
Phishing Is Moving From Email To Mobile. Is Your Security
With SMS, voice, and QR-code phishing incidents on the rise, it's time to take a closer look at securing the mobile user.
more →
Cyber Defense Magazine, Thursday, October 2nd, 2025
Rethinking NHI Security: The Essential Shift to Zero Trust Security and Ephemeral Identities
As identity security becomes increasingly critical in cybersecurity, the focus has shifted from safeguarding human identities to protecting Non-Human Identities (NHIs)-such as API keys, service accounts, secrets, tokens, and certificates.
more →
SC Media, Wednesday, October 1st, 2025
Cybersecurity Awareness Month: Double-Down On The Security Basics
In a world dominated by generative artificial intelligence (GenAI), automation, and advanced security platforms, many security pros might expect Cybersecurity Awareness Month (CAM) to spotlight modern security strategies such as threat intelligence feeds, AI‑powered malware detection, and zero‑trust architectures.
more →
CSO Online, Wednesday, October 1st, 2025
CISA 2015 Cyber Threat Info-Sharing Law Lapses Amid Government Shutdown
The expiration of a landmark cybersecurity law strips liability protections for cyber threat information sharing, leaving US cyber defenses weaker until lawmakers act.
more →
Security Boulevard, Wednesday, October 1st, 2025
What Is Identity And Access Management (IAM)?
Understanding Identity and Access Management (IAM)
more →
ET Insights, Wednesday, October 1st, 2025
Cybersecurity In The Age Of Remote Contact Centers: Risks And Remedies
When the pandemic accelerated the shift to remote and hybrid contact centers, it wasn't simply a matter of moving headsets from office floors to home offices.
more →
Dark Reading:, Tuesday, September 30th, 2025
AI-Powered Voice Cloning Raises Vishing Risks
A researcher-developed framework could enable attackers to conduct real-time conversations using simulated audio to compromise organizations and extract sensitive information.
more → Cyber Defense Magazine, Monday, September 29th, 2025
Inside The Mind Of A Threat Actor: What Cisos Must Learn Before The Next Breach
Cybersecurity isn't a game of defense-it's a game of anticipation. Yet too many CISOs and security leaders still think in terms of controls, compliance, and detection thresholds.
more → Help Net Security, Friday, September 26th, 2025
Inside The Economy Built On Stolen Credentials
Instead of going after software flaws or network weaknesses, attackers are targeting something much easier to steal: identity credentials. A new report from BeyondID calls this growing black market the identity economy, where usernames, passwords, tokens, and access rights are bought and sold much like items on a regular online marketplace.
more →
Help Net Security, Friday, September 26th, 2025
Ransomware Groups Are Multiplying, Raising The Stakes For Defenders
Ransomware activity is climbing again, with a steep increase in the number of victims and the number of groups launching attacks. A new mid-year report from Searchlight Cyber shows how quickly the threat landscape is shifting and why CISOs need to keep adjusting their defenses.
more → Help Net Security, Thursday, September 25th, 2025
Predicting DDoS Attacks: How Deep Learning Could Give Defenders An Early Warning
Distributed denial-of-service (DDoS) attacks remain one of the most common and disruptive forms of cybercrime. Defenders have traditionally focused on detecting these attacks once they are underway.
more → Cyber Defense Magazine, Thursday, September 25th, 2025
The Threat Of Privilege Abuse In Active Directory
In early 2024, the BlackCat ransomware attack against Change Healthcare caused massive disruption across the U.S. healthcare sector. It later emerged that the cause of this major national incident was traced back to compromised credentials used to remotely access a Change Healthcare Citrix portal. Access to the portal wasn't secured with multi-factor authentication (MFA).
more → Search Security, Wednesday, September 24th, 2025
7 API Discovery Best Practices For Complete Visibility
Secure your API landscape with these API discovery best practices spanning the entire SDLC. Find hidden endpoints, audit integrations and monitor continuously.
more →
Help Net Security, Wednesday, September 24th, 2025
APIs And Hardware Are Under Attack, And The Numbers Don't Look Good
Attackers have a new favorite playground, and it's not where many security teams are looking. According to fresh data from Bugcrowd, vulnerabilities in hardware and APIs are climbing fast, even as website flaws hold steady.
more → SecurityBrief, Wednesday, September 24th, 2025
AI & Quantum Threats Redefine Priorities For Cybersecurity Month
As Cybersecurity Awareness Month approaches its 22nd year in October, the perennial theme of "Secure Our World" resonates more urgently than ever.
more →
Security Boulevard, Wednesday, September 24th, 2025
Why Sase Vendors Are Finally Admitting The Need For Browser Security Solutions
In early September, Palo Alto Networks publicly acknowledged that Secure Web Gateways (SWGs) are architecturally unable to defend against Last Mile Reassembly attacks.
more → Help Net Security, Tuesday, September 23rd, 2025
Gartner: Preemptive Cybersecurity To Dominate 50% Of Security Spend By 203
By 2030, preemptive cybersecurity solutions will account for 50% of IT security spending, up from less than 5% in 2024, replacing standalone detection and response (DR) solutions as the preferred approach to defend against cyberthreats, according to Gartner.
more → Security Boulevard, Tuesday, September 23rd, 2025
Passwordless Authentication Options Available
Okay, so here's the thing about passwords: we all hate 'em, right? It's like, are they even doing anything anymore?
more → Search Security, Monday, September 22nd, 2025
8 Best Practices For Securing Restful API
The REST architectural style helps applications communicate with each other. Be sure RESTful APIs have the protections necessary to keep attackers at bay.
more → techradar.pro, Monday, September 22nd, 2025
How AI Augmentation Is Revolutionizing Penetration Testing In Cybersecurity
From deepfake fraud to API exploits and logic flaws, fintechs are facing a new wave of AI-driven cyber threats
more →
DARKREADING, Monday, September 22nd, 2025
Zero Trust: Strengths And Limitations In The AI Attack Era
Zero Trust could help organizations fight back against attackers who use artificial intelligence, but new threats will require the architecture to evolve.
more → computerweekly.com, Monday, September 22nd, 2025
Balancing It Security With AI And Cloud Innovation
Cyber security experts offer insights into how to manage service levels, potential lock-in clauses and security gaps in IT supplier contracts
more →
Backup Central, Monday, September 22nd, 2025
The Three Types Of Insider Threats That Could Destroy Your Company
When most people think about cybersecurity, they picture hackers in hoodies breaking through firewalls from some remote location.
more →
Security Boulevard, September 20,2025
Vulnerability Management And Remediation Solution
Understanding Vulnerability Management in the Enterprise Context
more → DARKReading, September 19,2025
Capture The Flag Competition Leads To Cybersecurity Career
As Splunk celebrates the 10th anniversary of Boss of the SOC competition, it continues to be a valuable platform for security professionals to test their skills, learn new techniques, and potentially advance their careers.
more → Techradar, September 19,2025
Most Companies Admit Their Current Security Can't Stop AI Cybercrime
IT leaders are increasingly worried about AI-powered attacks
more → Security Boulevard, September 18,2025
Getting Better Results from NHI Security
How Can We Achieve Better NHI Security?
more → Security Boulevard, September 18,2025
Insider Threats And The Power Of Just-In-Time Privileged Access
For compliance leaders, legal teams, and executives, staying static means falling behind: missed deadlines, unexpected liabilities, and reputational risk are now real dangers. This article walks through the evolving compliance landscape in 2025, showing how organizations can anticipate shifts, build resilient programs, and adapt not just to survive but to prosper in a world where regulatory uncertainty is the new normal.
more → Help Net Security, September 18,2025
Global Hiring Risks: What You Need To Know About Identity Fraud And Screening Trends
Hiring new employees has always carried some risk, but that risk is growing in new ways, and identity fraud is becoming more common in the hiring process. HireRight's 2025 Global Benchmark Report takes a close look at how organizations around the world are handling background screening. The findings come from more than 1,100 HR and risk management professionals across North America, EMEA, and APAC.
more → SC Media, September 17,2025
How Exposure Management Could Have Prevented This Data Breach
Dissecting a $250M breach - How one of North America's largest banks, despite a strong cybersecurity posture, fell victim to a chained cloud exploit that exposed more than 100 million customer records.
more → Analytics Insight, September 16,2025
How Cybercriminals Use AI To Build Fake Websites That Fool You
A Detailed Overview of How Cybercriminals Use Advanced Technology to Create Fake Websites and Scam the Masses
more →
Security Boulevard, September 15,2025
An Overview Of Passwordless Authentication
The Password Problem: Why Passwordless?
more → The Hacker News, September 15,2025
6 Browser-Based Attacks Security Teams Need To Prepare For Right Now
Attacks that target users in their web browsers have seen an unprecedented rise in recent years. In this article, we'll explore what a "browser-based attack" is, and why they're proving to be so effective.
more →
DARKReading, September 15,2025
Building Resilient IT Infrastructure From The Start
CISA's Secure by Design planted a flag. Now, it's on those who care about safeguarding systems to pick up the torch and take action to secure systems throughout the enterprise.
more → Help Net Security, September 15,2025
Most Enterprise AI Use Is Invisible To Security Teams
Most enterprise AI activity is happening without the knowledge of IT and security teams. According to Lanai, 89% of AI use inside organizations goes unseen, creating risks around data privacy, compliance, and governance.
more → SC Media, Friday, September 12th, 2025
Why Security Automation Must Evolve In The Age Of AI
Speed has always been a priority in security operations. But in today's SOC, speed without precision can exacerbate the damage of a cyberattack. A hasty, overbroad automated response can disrupt core systems and business operations, eroding trust and driving costs.
more → Help Net Security, Wednesday, September 10th, 2025
AI Agents Are Here, Now Comes The Hard Part For CISOs
AI agents are being deployed inside enterprises today to handle tasks across security operations. This shift creates new opportunities for security teams but also introduces new risks.
more → Help Net Security, Wednesday, September 10th, 2025
CISOs, Stop Chasing Vulnerabilities And Start Managing Human Risk
Breaches continue to grow in scale and speed, yet the weakest point remains unchanged: people. According to Dune Security's 2025 CISO Risk Intelligence Survey, over 90 percent of incidents still originate from user behavior rather than technical flaws.
more → Security Boulevard, Wednesday, September 10th, 2025
Best Identity And Access Management (IAM) Software
In today's interconnected world, securing your organization's digital assets and ensuring only the right people have access is paramount. Identity and Access Management (IAM) software provides the crucial framework to achieve this, controlling who can access what information and resources.
more → Solutions Review, Tuesday, September 9th, 2025
AI-Powered Cyber Threats: A CTO's Perspective on Next-Generation Threat Intelligence
In 2025, the cybersecurity landscape will have taken on an entirely different level of sophistication: AI and machine learning will be the future attack vectors, and teams will need AI to master them. As a technologist who experienced the transition from signature-based detection to behavioral analytics, I see a significant shift in how attackers work, and our enterprise counterparts had better take notice. Recent industry intelligence shows a 19 percent climb in CISO concerns around AI-powered cyber threats, indicating that conventional security paradigms desperately need a strategic overhaul.
more →
Help Net Security, Monday, September 8th, 2025
Cybersecurity Research Is Getting New Ethics Rules, Here's What You Need To Know
Top cybersecurity conferences are introducing new rules that require researchers to formally address ethics in their work. Starting with the 2026 USENIX Security Symposium, all submissions must include a stakeholder-based ethics analysis.
more → Dark Reading, Monday, September 8th, 2025
The Critical Failure In Vulnerability Management
Organizations are seeking assistance to fix critical vulnerabilities. Solutions that orchestrate and automate network device protection put us on the right path.
more → Cyber Defense, Sunday, September 7th, 2025
Your Cyber Policy is a Security Control: Why CISOs Need a Seat at the Table
It's that time of the year again- time to renew the corporate cyber insurance policy, and as the most senior cyber security professional in the company you are asked to fill out the annual cyber security questionnaire.
more → Security Boulevard, Thursday, September 4th, 2025
Making Self-Service Password Reset And Account Recovery Secure
Self-service password reset (SSPR) and self-service account recovery (SSAR) are essential for reducing IT workload and empowering users. However, these solutions, if not implemented securely, can become an organization's biggest security hole.
more → techradar.pro, Thursday, September 4th, 2025
Aligning It And Security Teams For Optimal Business Success
How can IT and Security teams become more aligned?
more → The Register, Wednesday, September 3rd, 2025
DDoS Is The Neglected Cybercrime That's Getting Bigger. Let's Kill It Off
Don't worry, there's a twist at the end
more →
ZDNet, Wednesday, September 3rd, 2025
I'm Ditching Passwords For Passkeys For One Reason - And It's Not What You Think
Passkeys promise to replace passwords. The reality is far more confusing. But you should move to them anyway. Here's why.
more →