Enterprise Security Tech

A DragonForce ransomware attack has exposed a new problem for enterprise defenders: attackers are no longer just hiding behind disposable servers and shady domains. They are increasingly blending into the trusted cloud services companies rely on every day. Broadcom’s Symantec and Carbon Black threat hunters say they found a new Go-based backdoor, tracked as Backdoor.Turn, during an investigation into an attack on a U.S. services company. The malware is notable because it rout

Eastman Kodak has confirmed it is investigating a data breach after the ShinyHunters extortion group claimed it stole more than 2.2 million records containing customer personally identifiable information and internal corporate data. Kodak said an unauthorized third party briefly accessed a limited amount of company data and that outside cybersecurity experts are helping determine what was accessed and copied. The company said it is working with law enforcement and does not be

Cinchy has appointed cybersecurity veteran J.Paul Haynes as chief executive officer, a move that signals the company’s push to position itself at the center of enterprise AI governance, data access control, and secure AI adoption. The appointment comes as companies move from generative AI pilots into more serious deployments involving copilots, automated workflows, and AI agents that can access sensitive business data. That shift is raising a harder question for security and

BreachRx has appointed Phil Venables, partner at Ballistic Ventures and former CISO of Google Cloud and Goldman Sachs, to its board of directors, a move that signals how quickly cyber incident response is becoming a board-level systems problem. The company, which builds cyber incident response management software, is positioning Venables’ appointment around a larger shift in enterprise security: breaches, privacy events, third-party outages, rogue AI agents, and regulatory de

ArmorCode is expanding its Agentic AI Platform with new capabilities designed to help manufacturers prepare for the European Union’s Cyber Resilience Act, a sweeping cybersecurity regulation that will force companies selling digital products in Europe to prove they can find, manage, disclose, and remediate serious vulnerabilities on strict timelines. The update targets makers of products with digital elements, a broad category that can include connected devices, software-enab