Cybersecurity firm Sophos Group plc today announced a new partnership with Boise State University’s Insitute for Pervasive Security to provide Boise State University access to Sophos’ endpoint security offerings to create experiential learning opportunities for students and assist in addressing the worldwide cybersecurity skill gap. The issues with a shortage of cybersecurity workers have been well-documented. A report from ...

Network automation platform startup BackBox Software Inc. today announced the launch of Network Vulnerability Manager, a new service that offers deep integration with vulnerability management for network teams. The new NVM, which is offered alongside BackBox’s existing Network Automation Platform, integrates automated operating system upgrades and network configuration management capabilities with network vulnerability management into ...

A new report from threat detection and response startup Vade Secure SASU finds a substantial increase in phishing and malware attacks in the third quarter, so large that the level of attacks is some of the highest ever recorded for any quarter. The Vade Q3 Phishing and Malware Report found that there was a 173% increase in phishing ...

The U.S. Cybersecurity and Infrastructure Agency, the Federal Bureau of Investigation and the Multi-State Information Sharing and Analysis Center today released a Cybersecurity Advisory over a recently disclosed vulnerability in Atlassian Corp.’s Confluence Data Center and Server that opens the door to malicious cyber threat actors. Tracked as CVE-2023-22515, the vulnerability has a Common Vulnerabilities and Exposure ...

Cisco Systems Inc. is warning customers of its IOS XE devices of a critical vulnerability that has no patch and is actively being exploited in the wild. The vulnerability, tracked as CVE-2023-20198, has been given the highest possible Common Vulnerabilities and Exposure score of 10 and is found in all Cisco IOS XE devices that have the ...

The Open Source Security Foundation today launched its Malicious Packages Repository, an open-source system for collecting and publishing cross-ecosystem reports of malicious packages. Claimed to be the first open-source system of its type, the repository was created in response to the rising number of attacks that include malicious open-source packages. Malicious packages, in terms of ...

Cloud data protection startup Nightfall AI today announced a new partnership with cybersecurity company Snyk Ltd. to provide developers with artificial intelligence-powered secrets scanning capabilities. Secrets, in terms of what Nightfall scans for, are passwords, application programming interface keys, token and database credentials used by applications to validate users’ identities, ensure secure communications and provide access to privileged ...

Enterprise identity protection and cyber resilience startup Semperis Ltd. today announced the expansion of Forest Druid, its community-driven attack path management tool, to include support for Microsoft Entra ID, the service previously known as Azure AD. The additional support, coming after the company added support for Okta Inc. to its Purple Knight tool in August, is designed ...

In commemoration of the 20th anniversary of Cybersecurity Awareness Month, Google LLC today introduced various updates and initiatives to enhance cybersecurity and ensure user-friendly online experiences. Cybersecurity Awareness Month was created in 2004 as a collaborative effort between the U.S. government and industry to ensure users have the resources they need to stay safer and ...

Simpson Manufacturing Co. Inc., an engineering firm and building material provider in the U.S., has been struck by a cyberattack that caused disruptions in its information technology infrastructure and applications. The disclosure was made in a filing with the Securities and Exchange Commission, with the company saying that after becoming aware of the malicious activity, ...