Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

ConnectWise ships patches for extremely critical security defects in its ScreenConnect remote desktop access product and urges emergency patching.

Shadowserver Foundation has identified roughly 28,000 Microsoft Exchange servers impacted by a recent zero-day.

Supply chain security insights: A successful attack against a supplier can lead to multiple opportunities against the supplier’s downstream customers.

Volt Typhoon and two other threat groups that emerged in 2023 can pose a serious threat to ICS/OT, according to industrial cybersecurity firm Dragos.

Attackers are exploiting a recent remote code execution flaw in the Bricks Builder WordPress plugin to deploy malware.

Cactus ransomware has added Schneider Electric to its leak site, claiming to have stolen 1.5 terabytes of data.

The LockBit ransomware operation has been severely disrupted by an international law enforcement operation resulting in server seizures and arrests.

Recent Anatsa Android banking trojan attacks have become more targeted, showing an evolution in tactics.

Alleged Raccoon Infostealer operator Mark Sokolovsky is awaiting trial in the US, after being extradited from the Netherlands.

Russian cyberespionage group targets European government, military, and critical infrastructure entities via Roundcube vulnerabilities.

The BlackCat/Alphv ransomware group has taken credit for the LoanDepot and Prudential Financial attacks, threatening to sell or leak data.

Google’s new AI Cyber Defense Initiative focuses on boosting cybersecurity through artificial intelligence.

Chinese hackers use Android and iOS trojans to obtain information needed to steal money from victims’ bank accounts.

Executives from Adobe, Amazon, Google, IBM, Meta, Microsoft, OpenAI and TikTok gathered at the Munich Security Conference to announce a framework for how they respond to AI-generated deepfakes that deliberately trick voters.

Tel Aviv startup raises $8 million in Series A funding to help developers add secure access approval flows to applications.

Lockbit ransomware takedown Lockbit ransomware takedown

The LockBit ransomware operation has been severely disrupted by an international law enforcement operation resulting in server seizures and arrests.

MMS Fingerprint Hack MMS Fingerprint Hack

The existence of a previously unknown infection technique used by spyware firm NSO Group is suggested by a single line in a contract between NSO and the telecom regulator of Ghana.

Wi-Fi attack Wi-Fi attack

A couple of Wi-Fi authentication bypass vulnerabilities found in open source software can expose enterprise and home networks to attacks.

Top Cybersecurity Headlines

ConnectWise ships patches for extremely critical security defects in its ScreenConnect remote desktop access product and urges emergency patching.

Shadowserver Foundation has identified roughly 28,000 Microsoft Exchange servers impacted by a recent zero-day.

Supply chain security insights: A successful attack against a supplier can lead to multiple opportunities against the supplier’s downstream customers.

Volt Typhoon and two other threat groups that emerged in 2023 can pose a serious threat to ICS/OT, according to industrial cybersecurity firm Dragos.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the live webinar to learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Upcoming Virtual Events

CISOs and risk management leaders must understand clearly the role of cyber insurance in a robust security program, ongoing changes to premiums and policy pricing, the errors that could deny coverage and how it all fits into global incident response planning.

Learn More
Cyber AI & Automation Summit

SecurityWeek’s inaugural Cyber AI & Automation Summit pushes the boundaries of security discussions by exploring the implications and applications of predictive AI, machine learning, and automation in modern cybersecurity programs.

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place in 2023 as a virtual event. (June 13-14, 2023)

Learn More

As CISOs and corporate defenders grapple with the intricacies of securing sensitive data passing through multi-cloud deployments and APIs, the importance of frameworks, tools, controls and design models have surfaced to the front burner. (July 19, 2023)

Learn More

Vulnerabilities

Cybercrime

Supply chain security insights: A successful attack against a supplier can lead to multiple opportunities against the supplier’s downstream customers.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Only 54% of major code changes go through a full security review, a new CrowdStrike State of Application Security report reveals.