Penetration testing stories - Page 5

Sophos has launched Advisory Services, a new suite of cybersecurity tests to identify and fix security gaps within organisations, enhancing cyber resilience.

Astra Security has launched a new platform to identify and secure undocumented and shadow APIs, tackling rising threats from unmonitored digital interfaces.

ReveNet warns APAC's USD $55bn A2P SMS revenue faces steep decline without urgent operator action to tackle rising costs, fraud, and fragmented regulation.

Microsoft patches 176 vulnerabilities this September, including critical flaws in Azure Linux, SQL Server, and Azure HPC, with no current exploits reported.

Healthcare sector excels in preventing serious security flaws but takes nearly two months to fix them, risking sensitive data exposure amid rising cyber threats.

New DripDropper malware exploits then patches a Linux cloud flaw, securing exclusive access to servers via Apache ActiveMQ vulnerability CVE-2023-46604.

Rapid7 launches Vector Command Advanced, a platform combining automated and human-led tests to enhance security and simplify compliance with PCI, ISO 27001, and NIST.

CISO report reveals AI, supply chain, and insider threats prompt security leaders to adopt offensive strategies and continuous testing for better resilience.

New research shows 15% of CISOs fully leverage crowdsourced security to better tackle AI safety and data privacy challenges in large firms.

CREST launches Pathway and Pathway+ programmes to guide firms through staged progression towards full cyber security accreditation and trust.

A zero-day flaw in Microsoft SharePoint servers puts over 9,000 systems at risk, with active exploits threatening critical data security globally.

Check Point Software Technologies has earned CREST accreditation for its penetration testing services, affirming its high standards in cybersecurity assurance.

Spectrum names Deane Jessep CTO to lead New Zealand's sovereign AI strategy, tackling cloud costs, data sovereignty, and AI governance in enterprise and government sectors.

A race condition vulnerability in nopCommerce gift cards lets attackers redeem the same card repeatedly, exploiting a flaw in the checkout process.

Zyxel Networks adopts CISA's Secure by Design Pledge, enhancing SMB networking security with MFA, unique passwords, and transparent vulnerability reporting worldwide.

LevelBlue's acquisition of Trustwave creates the world's largest pure-play managed security services provider, enhancing global cyber defence capabilities.

New research reveals 84% of fintechs lack robust API security, exposing sensitive payment data to significant cyber risks beyond regulated sectors.

LevelBlue will acquire Trustwave, creating the world's largest pure-play managed security services provider with enhanced global cybersecurity capabilities.

AI powers 80% of phishing attacks, causing USD $112 million in losses in India by May 2025, as cybercrime evolves with machine-generated deception.

Trustwave reveals a surge in AI-driven and ransomware attacks, with tech firms facing 85% of global ransomware incidents amid rising cyber threats.