All news in category “Events and Conferences”

🚀 Infosecurity Europe 2026 will introduce a new Cyber Startup competition and a dedicated Cyber Startups Zone, giving five emerging companies a platform to present technologies and connect with potential customers, partners and investors. The live pitching event takes place on Tuesday 2 June and will be judged by industry figures including Shlomo Kramer alongside CISOs Mun Valiji and Kirsty Kelly. The winner receives a prize package that includes a free exhibition stand at Infosecurity Europe 2027, PR support from Origin Communications and a brand workshop from Dusted.

🔒 At Pwn2Own Berlin (May 14–16), researchers uncovered 47 zero-day vulnerabilities and shared almost $1.3 million in prize money, with Devcore taking $505,000. The enterprise-focused competition targeted AI databases, coding agents, LLM toolchains and NVIDIA products. Notable wins included exploits against VMware ESXi, Microsoft Exchange, SharePoint and a sandbox escape on Microsoft Edge. ZDI will disclose the findings to vendors, who have 90 days to patch.

🏆 The Pwn2Own Berlin 2026 contest at OffensiveCon (May 14–16) awarded security researchers $1,298,250 for exploiting 47 zero-day vulnerabilities across browsers, enterprise apps, servers, virtualization, containers, LLMs and local privilege escalation. Competitors earned $523,000 on day one, $385,750 on day two, and $389,500 on day three. DEVCORE topped the leaderboard with $505,000 and 50.5 Master of Pwn points; Cheng‑Da Tsai secured the highest single payout of $200,000 for an Exchange RCE chain.

🔒 During day two of Pwn2Own Berlin 2026 at OffensiveCon (May 14–16), competitors earned $385,750 by exploiting 15 unique zero-day vulnerabilities across enterprise products, including Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux. Cheng-Da Tsai (Orange Tsai) earned $200,000 by chaining three bugs to achieve remote code execution as SYSTEM on Exchange, while other researchers demonstrated privilege escalations on Windows and RHEL and exploited the NVIDIA Container Toolkit. The AI category also saw multiple successes against coding agents such as Cursor AI and OpenAI Codex. Under Pwn2Own rules all targets run the latest patched OS versions and vendors receive a 90-day disclosure window to issue fixes.

🎤 Bruce Schneier lists his upcoming speaking engagements through July 2026, including virtual and European events. He will give a virtual talk on “The Security of Trust in the Age of AI” for the Financial Women’s Association of New York at 6:00 PM ET on May 21, 2026. He is scheduled to speak at the Potsdam Conference on National Cybersecurity (evening of June 24), the Digital Humanism Conference in Vienna on June 26, and the Nuremberg Digital Festival on July 1. The list is maintained on this page.

🔒 Tomorrow at 2:00 PM ET, BleepingComputer will host a live webinar titled "From phishing to fallout: Why MSPs must rethink both security and recovery," with Austin O'Saben and Adam Marget of Kaseya. The session explains why prevention alone is insufficient as AI-driven phishing, ransomware, SaaS abuse and BEC evolve faster than many defenses. It will show how attackers exploit trusted infrastructure and why organizations must combine security, backups and rapid recovery. Attendees will learn practical steps to reduce downtime and disruption.

🔒This webinar delivers a practical, technical playbook for identifying and neutralizing a corporate 'Patient Zero'—the first compromised device that enables rapid lateral movement. Speakers will unpack how generative AI enables stealthy phishing, the critical five-minute window, and how Zero Trust isolation halts spread. Attendees gain an actionable Recovery Blueprint to contain, remediate, and restore systems.

🔒 On May 14, 2026 at 2:00 PM ET, BleepingComputer will host a live webinar titled From phishing to fallout: Why MSPs must rethink both security and recovery with Austin O'Saben and Adam Marget of Kaseya. The session examines how AI-driven phishing, business email compromise, ransomware, and SaaS compromise are reshaping the threat landscape for managed service providers. Attendees will learn why prevention and recovery must operate together and how SaaS backups and a formal BCDR plan can reduce downtime and data loss.

🔔 On June 02, 2026 at 12:00 PM ET, BleepingComputer will host a live webinar titled From alert to containment: Fixing the gaps in network incident response with Edgar Ortiz, Solutions Engineering Leader at Tines. The session explores why incidents escalate when response processes—triage, enrichment, and routing—break down, not because of a lack of alerts. Attendees will learn how intelligence workflows that combine automation and AI can enrich alerts, prioritize and route incidents, and coordinate containment across systems to reduce response times and prevent broader service disruption.

🎖️ The Hacker News has opened submissions for the Cybersecurity Stars Awards 2026, a global recognition program celebrating excellence across products, companies, industry solutions, and professionals. The initiative aims to highlight often unseen defensive achievements and deliver visibility to CISOs, security leaders, and enterprise buyers. Submissions are accepted through May 15, 2026, and entries will be assessed via a structured, impartial review. Winners will be announced on May 26, 2026.

🤖 Join hands-on developer workshops across North America that teach secure, scalable deployment of agentic AI for enterprises. These sessions are practical, bring-your-laptop labs where Platform, Security, and Data practitioners build end-to-end solutions, including GKE cluster hardening, secure sandboxing, and governed data pipelines. Tracks cover GKE + Data and Data Engineering & Analytics, with guidance from Google experts. Attendees leave with runnable labs and operational best practices to accelerate production adoption.

🔒 BleepingComputer and Kaseya will host a live webinar on May 14, 2026 at 2:00 PM EDT examining how modern attacks — led by AI-driven phishing and brand impersonation — are outpacing traditional defenses. The session explains why many MSPs segregate security and backup functions, creating gaps that threat actors exploit after initial compromise. Attendees will learn how to combine prevention, detection, and rapid recovery with SaaS backups and a robust BCDR strategy to minimize downtime and data loss.

🔒 In February 2026 researchers flagged a major shift: threat actors now deploy custom AI agents that automate attacks through the kill chain, from Active Directory mapping to rapid Domain Admin takeover. Join a technical webinar with Picus Security leaders Kevin Cole and Gursel Arici for a deep dive into Autonomous Exposure Validation. Learn how to safely ingest threat intelligence, simulate attacks, and close the gap between CTI, Red, and Blue teams to speed detection and remediation.

🔎 Join BleepingComputer's live webinar on April 30 at 2:00 PM ET to learn how to spot early indicators of cyberattacks before they escalate. Experts from Flare Systems and threat intelligence researcher Tammy Harper will demonstrate how monitoring dark web forums, Telegram channels, vulnerability discussions, and access marketplaces surfaces actionable signals. The session will show how to separate meaningful indicators from background noise and translate intelligence into prioritized defensive actions so teams can proactively reduce risk.

🔒 Join a webinar with Ofer Gayer, VP of Product at Miggo Security, that examines how AI is accelerating automated exploitation and compressing the time between disclosure and active attack. The session explains the concept of the Collapsing Exploit Window and why traditional patch cycles and manual prioritization are no longer sufficient. Attendees will receive practical guidance on prioritizing real-world risk and applying mitigations such as virtual patching to defend at machine speed.

🚀 At Google Cloud Next '26, developers and practitioners are offered 55+ new hands-on codelabs, with a curated list of 10 highlighted labs designed to translate conference announcements into working code. Contributors Megan O'Keefe and Karl Weinmeister emphasize a practical shift—89% of sessions focus on AI—and these labs target multi-agent orchestration, data grounding, deployment, and enterprise security. Each lab provides step-by-step guidance to build, ground, secure, and scale agentic systems using Google Cloud tools.

▶️Google Cloud will host Next '26 developer livestreams — daily broadcasts from the show floor that deconstruct major announcements into hands-on demos, reproducible steps, and immediate developer workflows. Viewers can expect real-time coding, interviews with builders and community leaders, focused security and platform deep dives, and surprise guests. Streams air April 22–23 (times PT) across Google Cloud Tech channels, with replays available. Join the Gemini Enterprise Agent Ready (GEAR) program for curated post-event resources.

🔒 BleepingComputer will host a live webinar on May 14, 2026 at 2:00 PM ET that examines why managed service providers must align security and recovery strategies. Experts from Kaseya will explain how AI-driven phishing, BEC, and ransomware are evading traditional controls and how integrating backup and disaster recovery with detection reduces downtime. Attendees will receive practical guidance to strengthen MSP cyber resilience.

🔐 This live webinar explains why unmanaged non-human identities—service accounts, API tokens, AI agent connections, and OAuth grants—are now a primary vector for cloud breaches. You will learn a repeatable discovery process to surface every automated credential, a framework to right-size permissions, and how to implement an automated lifecycle policy so dead credentials are revoked. Attendees receive an Identity Cleanup Checklist to apply immediately.

🚚 Modern trucks are "rolling networks" loaded with communications systems, sensors, cloud-connected devices and Wi-Fi, creating expansive attack surfaces. Ben Wilkens of NMFTA warns that cybercriminals exploit the sector’s uptime pressure with ransomware, extortion and cyber-enabled cargo theft. Core hygiene—MFA, network segmentation, social engineering training and timely patching—can significantly reduce risk but must be adapted for small carriers. NMFTA advances research, guidance and an annual conference to help the industry collaborate and strengthen defenses.