Members of Congress asked the U.S. Justice Department to investigate how foreign hackers breached a water authority near Pittsburgh, prompting CISA to warn other water and sewage-treatment utilities that they may be vulnerable.
The US has announced sanctions against North Korean cyberespionage group Kimsuky over its intelligence gathering activities.
Apple’s security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1.
Cybersecurity predictions for 2024 to help security professionals in prioritizing efforts to navigate the ever-changing threat landscape.
When too much subjectivity is mixed into risk assessment, it can produce a risk picture that is not an accurate representation of reality.
It’s crucial to thoroughly assess the risk profiles of various SSE platforms and weigh their suitability against their organization’s risk tolerance before adopting SSE.
To share or not to share threat intelligence isn’t the question. It’s how to share, what to share, where and with whom.
By embracing a strategy that combines technological advancements with critical thinking skills, collaboration, and a culture of continuous learning, organizations can safeguard against AI’s disruptive effects.
CISOs and risk management leaders must understand clearly the role of cyber insurance in a robust security program, ongoing changes to premiums and policy pricing, the errors that could deny coverage and how it all fits into global incident response planning.
SecurityWeek’s inaugural Cyber AI & Automation Summit pushes the boundaries of security discussions by exploring the implications and applications of predictive AI, machine learning, and automation in modern cybersecurity programs.
Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place in 2023 as a virtual event. (June 13-14, 2023)
As CISOs and corporate defenders grapple with the intricacies of securing sensitive data passing through multi-cloud deployments and APIs, the importance of frameworks, tools, controls and design models have surfaced to the front burner. (July 19, 2023)
-
Apple’s security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1.
-
Zyxel patches at least 15 security flaws that expose users to authentication bypass, command injection and denial-of-service attacks.
-
The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023.
-
Threat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure.
-
Office supply retail giant confirms security incident disrupted online orders, communications channels and customer service lines.
-
US Treasury sanctions Sinbad, saying the cryptocurrency mixer is laundering funds for North Korean hacking group Lazarus.
-
Amir Golshan of Los Angeles was sentenced to 96 months in prison for perpetrating multiple cybercrime schemes.
-
Hacktivism is evolving. It is important for both the law and cyber defenders to understand the current and potential activity of hacktivism to better…
