Enterprise Security Tech

Tenable security researchers have uncovered a pair of previously unknown vulnerabilities in Google Looker  that, when chained together, could allow attackers to take complete control of a Looker instance and, in cloud environments, potentially reach across customer boundaries. The flaws were were responsibly disclosed through Google’s Cloud Vulnerability Reward Program , and patched on Google-managed systems. The risk now falls squarely on organizations that run Looker them

Coinbase has confirmed a newly disclosed insider breach after a contractor improperly accessed sensitive customer data late last year, adding to a growing list of incidents that show how fragile trust boundaries can become when internal tools fall into the wrong hands. The cryptocurrency exchange said the incident occurred in December and affected roughly 30 customers. According to the company, the access was detected by its internal security team and tied to a single contra

Cydome is taking aim at one of clean energy’s most stubborn security gaps: how to protect offshore wind farms that are expensive, dangerous, and sometimes impossible to physically reach. The maritime and critical infrastructure security firm this week unveiled a deployment model designed specifically for offshore renewable energy facilities, where traditional cybersecurity assumptions break down. Instead of requiring new hardware or on-site technicians, the company’s softwar

Cynet is sharpening its focus on adversary intelligence with the appointment of MacKenzie Brown as Vice President of Threat Intelligence Strategy, a move that reflects how quickly the economics of cyber defense are changing for managed service providers and their customers. The company, Cynet, has built its reputation around a unified security platform designed to surface attacker behavior in real time. But visibility alone does not win modern cyber battles. Attackers automa

Security teams have spent years tuning their defenses to catch malicious links and suspicious attachments. Attackers have responded by removing the obvious signals altogether. Forcepoint X-Labs researchers have uncovered a phishing campaign that relies on a quiet, multi-stage chain built from tools most enterprises implicitly trust: PDFs, mainstream cloud storage, and a familiar SaaS login brand. There is no malware payload, no overtly malicious URL in the email body, and no