Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Australian financial services provider Latitude says roughly 14 million user records were stolen in a recent cyberattack.

Webinar on third-party identity access risks will discuss topics such as unauthorized access, data breaches, and the manipulation or theft of sensitive information

The UK’s National Crime Agency has been running several DDoS-for-hire websites to collect information about individuals looking to launch such attacks.

Apple has released security updates for older iPhones to address a vulnerability exploited in attacks.

Microsoft says it has evidence that Russian APT actors were exploiting a nasty Outlook zero-day as far back as April 2022, upping the stakes on organizations to start hunting for signs of compromise.

Executive order will require the head of any U.S. agency using commercial spyware programs to certify that the program doesn’t pose a significant counterintelligence or other security risk.

Security researchers raked in more than $1 million in prizes at this year’s CanSecWest Pwn2Own software exploitation contest.

Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra’s GoAnywhere software.

Law enforcement in Australia announce the arrest of four individuals accused of running business email compromise (BEC) schemes.

Criminals are set to take advantage of artificial intelligence like ChatGPT to commit fraud and other cybercrimes, Europe’s policing agency warned.

GitHub replaced the RSA SSH private key used to secure Git operations for GitHub.com after it was exposed in a public GitHub repository.

Twitter sent a copyright notice to code hosting service GitHub to request the removal of a repository that contained Twitter source code.

Intel Corp. co-founder Gordon Moore, who the breakneck pace of progress in the digital age with a simple 1965 prediction of how quickly engineers would boost the capacity of computer chips, has died. He was 94.

CVE-2023-23397 CVE-2023-23397

Microsoft says it has evidence that Russian APT actors were exploiting a nasty Outlook zero-day as far back as April 2022, upping the stakes on organizations to start hunting for signs of compromise.

Twitter Source Code Leaks on GitHub Twitter Source Code Leaks on GitHub

Twitter sent a copyright notice to code hosting service GitHub to request the removal of a repository that contained Twitter source code.

Tesla hacked at Pwn2wn Tesla hacked at Pwn2wn

Researchers at offensive hacking shop Synacktiv demonstrated successful exploit chains and were able to “fully compromise” Tesla’s newest electric car and take top billing at the annual Pwn2Own contest.

Top Cybersecurity Headlines

Australian financial services provider Latitude says roughly 14 million user records were stolen in a recent cyberattack.

Webinar on third-party identity access risks will discuss topics such as unauthorized access, data breaches, and the manipulation or theft of sensitive information

The UK’s National Crime Agency has been running several DDoS-for-hire websites to collect information about individuals looking to launch such attacks.

Apple has released security updates for older iPhones to address a vulnerability exploited in attacks.

SecurityWeek Industry Experts

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents. (Sponsored by: Immersive Labs)

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems. (Sponsored by: Saviynt)

Register

Upcoming Virtual Events

Attack Surface Management Summit

As network defenders adopt Attack Surface Management tools to continuously monitor for signs of weaknesses, this event will share best practices and actionable information to reduce risk from exposed attack surfaces.

Learn More
Ransomware Resilience & Recovery Summit

This event will separate hype from reality. SecurityWeek’s Ransomware Resilience and Recovery Summit will help cybersecurity teams to plan, prepare, and recover from ransomware incidents that continue to impose major costs businesses.

Learn More
Supply Chain Security Summit

The surge in software supply chain attacks has sent defenders scrambling to find mitigations and solutions. This event will address the complex nature of the problem, best practices for mitigating security issues, and tools and frameworks available.

Learn More
Zero Trust Strategies Summit

Zero Trust is more than a marketing buzzword. In this event, security experts will decipher the confusing world of Zero Trust, and share war stories on securing organizations by eliminating implicit trust and continuously validating every stage of digital interaction.

Learn More

Vulnerabilities

Cybercrime

Researchers at offensive hacking shop Synacktiv demonstrated successful exploit chains and were able to “fully compromise” Tesla’s newest electric car and take top billing at the annual Pwn2Own contest.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Twitter sent a copyright notice to code hosting service GitHub to request the removal of a repository that contained Twitter source code.

Cloud Security

Cloud Security

The U.S. government’s cybersecurity agency ships a new tool to help network defenders hunt for signs of compromise in Microsoft’s Azure and M365 cloud...