CISO role shows significant gains amid corporate recognition of cyber risk

Microsoft embraces common weakness enumeration standard for vulnerability disclosure

FBI director echoes past warnings, as critical infrastructure hacking threat festers

With Sisense compromise, the race begins to understand the impact

SEC cyber disclosure rules put CISO liability under the spotlight

Barracuda patch bypassed by novel malware from China-linked threat group

CrowdStrike soars on security tool consolidation demand

US leads takedown of Qakbot malware, which automated initial infections

Cyber insurance providers increase scrutiny on enterprise risk, report finds

Corporate boards expand cybersecurity risk oversight, report finds

Software industry urged to assume risk on open source security

Barracuda ESG zero-day exploit still under way after patches fail

Hackers target Pentagon contract site via compromised routers

SentinelOne pursues potential sale amid slow growth, report says

Palo Alto Networks closely watched ahead of late Friday Q4 report

Suncor CEO says company mostly recovered from June cyberattack

SEC cyber rules ignite tension between reputation and security risk

Microsoft, cloud security under the microscope with federal cyber review

White House wants input on open source security, memory-safe languages

New York rolls out statewide cybersecurity strategy

NIST releases draft overhaul of its core cybersecurity framework

Rapid7 to cut 18% of workforce, shutter certain offices

AWS pledges $20M to K-12 cyber training, incident response

CISA seeks to address visibility, resilience in 3-year strategic plan

White House rolls out millions in funding to combat K-12 cyberattacks

Broad SBOM adoption takes root as businesses watch their supply chains

Tenable CEO calls out Microsoft delay on months-old Azure vulnerability

Businesses improved cyber incident response times following Log4j, report finds

White House looks to close massive cyber skills gap

Reddit names seasoned IT security leader as new CISO

New Jersey Supreme Court to hear Merck insurance dispute over NotPetya attack

TSA revises security directives for oil and gas pipelines to test resilience

SEC votes to overhaul disclosure rules for material cyber events

White House taps longtime military, intelligence leader for national cyber director

New York cyber lead warns of what states face in critical infrastructure defense

Citrix zero day exposes critical infrastructure, one provider hit

Microsoft attackers may have data access beyond Outlook, researchers warn

DDoS attacks, growing more sophisticated, surged in Q2

Microsoft offers free security logs amid backlash from State Department hack

White House unveils consumer labeling program to strengthen IoT security

Microsoft hardens key issuance systems after state-backed hackers breach Outlook accounts

Cybersecurity funding drops sharply in Q2

IronNet restructures management in deal to go private

RomCom uses Word documents in new phishing campaign, Microsoft warns

Microsoft warns China-linked APT actor hacked US agency, other email accounts

Rockwell Automation, Honeywell warned of critical vulnerabilities in industrial products