A zero-day vulnerability in Progress Software’s MOVEit Transfer product has been exploited to hack organizations and steal their data.
Kaspersky said its corporate network has been targeted with a zero-click iOS exploit, just as Russia’s FSB said iPhones have been targeted by US intelligence.
A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations.
When teams have a way to break down enterprise silos and see and understand what is happening, they can improve protection across their increasingly dispersed and diverse environment.
Regardless of the use case your security organization is focused on, you’ll likely waste time and resources and make poor decisions if you don’t start with understanding your threat landscape.
Industry standard frameworks and guidelines often lead organizations to believe that deploying more security solutions will result in greater protection against threats.
With proactive steps to move toward Zero Trust, technology leaders can leverage an old, yet new, idea that must become the security norm.
A wave of layoffs, coupled with increased recruitment efforts by cybercriminals, could create the perfect conditions for insider threats to flourish
SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.
RegisterSecurityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.
Regsiter
Burnout in Cybersecurity – Can It Be Prevented?
Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.
Zero Trust is more than a marketing buzzword. In this event, security experts will decipher the confusing world of Zero Trust, and share war stories on securing organizations by eliminating implicit trust and continuously validating every stage of digital interaction.
SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence. (May 24, 2023)
Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place in 2023 as a virtual event. (June 13-14, 2023)
As CISOs and corporate defenders grapple with the intricacies of securing sensitive data passing through multi-cloud deployments and APIs, the importance of frameworks, tools, controls and design models have surfaced to the front burner. (July 19, 2023)
-
A zero-day vulnerability in Progress Software’s MOVEit Transfer product has been exploited to hack organizations and steal their data.
-
Google is offering a bug bounty reward of up to $180,000 for a full chain exploit leading to a sandbox escape in the Chrome…
-
Critical authentication bypass and high-severity command injection vulnerabilities have been patched in Moxa’s MXsecurity product.
-
Adobe is inviting security researchers to join its private bug bounty program on the HackerOne platform.
-
A Mirai botnet has been exploiting a recently patched vulnerability tracked as CVE-2023-28771 to hack many Zyxel firewalls.
-
A credential phishing campaign using the legitimate SuperMailer newsletter distribution app has doubled in size each month since January 2023.
-
Wisconsin teen Joseph Garrison is charged with launching a credential stuffing attack that affected roughly 60,000 user accounts.
-
Security researchers have identified the second developer of Golden Chickens, a malware suite used by financially-motivated hacking groups Cobalt Group and FIN6.
