Security Experts:

WRITE FOR US

IT Security News Headlines

rss icon

Virginia County Confirms Personal Information Stolen in Ransomware Attack
Project Zero Flags 'Patch Gap' Problems on Android
Irish Regulator Fines Meta 265 Million Euros Over Data Breach
Hack-for-Hire Group Targets Android Users With Malicious VPN Apps
Crackdown on African Cybercrime Leads to Arrests, Infrastructure Takedown
long dotted

More Security Headlines

Twitter Data Breach Bigger Than Initially Reported
A massive Twitter data breach disclosed a few months ago appears to be bigger than initially reported, possibly with over 100 million accounts impacted. [Read More]
Cisco ISE Vulnerabilities Can Be Chained in One-Click Exploit
Vulnerabilities in Cisco ISE could lead to the injection of arbitrary commands, security protection bypass, and XSS attacks. [Read More]
Google Patches Eighth Chrome Zero-Day of 2022
Google releases emergency Chrome update to address actively exploited zero-day vulnerability. [Read More]
US Bans Huawei, ZTE Telecoms Gear Over Security Risk
US authorities announced a ban on the import or sale of communications equipment deemed "an unacceptable risk to national security" -- including gear from Chinese giants Huawei Technologies and ZTE. [Read More]
EU Parliament Website Attacked After MEPs Slam Russian 'Terrorism'
The European Parliament website was hit by a cyberattack claimed by pro-Russian hackers shortly after lawmakers approved a resolution calling Moscow a "state sponsor of terrorism". [Read More]
Proofpoint: Watch Out for Nighthawk Hacking Tool Abuse
Security researchers at Proofpoint call attention to the discovery of a commercial red-teaming attack tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors. [Read More]
Cross-Tenant AWS Vulnerability Exposed Account Resources
A cross-tenant vulnerability in AWS abused the AppSync service to provide access to resources within a target organization’s account. [Read More]
Facebook Parent Meta Links Influence Campaign to US Military
Facebook parent Meta says the US military was behind tens of recently removed accounts, pages and groups that were part of an influence operation. [Read More]
Microsoft Warns of Boa Web Server Risks After Hackers Target It in Power Grid Attacks
Microsoft has warned organizations about the risks associated with Boa, a discontinued web server, after hackers exploited it in attacks aimed at a power grid. [Read More]
CISA Updates Infrastructure Resilience Planning Framework
CISA has released an updated version of IRPF, which provides responders with new tools and guidance for improving infrastructure resilience. [Read More]

SecurityWeek Experts

rss icon

Gordon Lawson's picture
Digesting CISA's Cross-Sector Cybersecurity Performance Goals
Gordon Lawson - Compliance
Basic cyber hygiene may seem rudimentary, but as highlighted in CISA’s four key challenges above, it is something organizations of all sizes struggle with.
Read full story
Torsten George's picture
Cyber Resilience: The New Strategy to Cope With Increased Threats
Torsten George - Network Security
When implemented properly, cyber resilience can be considered a preventive measure to counteract human error, malicious actions, and decayed, insecure software.
Read full story
Galina Antova's picture
Risk Mitigation Strategies to Close the XIoT Security Gap
Galina Antova - ICS/OT
Understanding the vulnerability landscape of the XIoT to properly assess and mitigate risk is critically important to protect livelihoods and lives.
Read full story
Marc Solomon's picture
Balancing Security Automation and the Human Element
Marc Solomon - Incident Response
When we start to consider the human element of the security automation equation, and its impact on the automation capabilities we select and how we measure progress, we can accelerate automation initiatives and the benefits we derive.
Read full story
Joshua Goldfarb's picture
Bringing Bots and Fraud to the Boardroom
Joshua Goldfarb - Fraud & Identity Theft
If security can learn to communicate in a way that executives and boar members can understand, internalize, and act upon, it serves to benefit tremendously.
Read full story
Derek Manky's picture
Offense Gets the Glory, but Defense Wins the Game
Derek Manky - Incident Response
Organizations may better align their defenses to adapt and react proactively to rapidly changing attack approaches when they have a better grasp of the objectives and strategies employed by their adversaries.
Read full story
Jeff Orloff's picture
Tailoring Security Training to Specific Kinds of Threats
Jeff Orloff - Training & Certification
By focusing on attack tactics and techniques that pose clear and present danger to the business, a company can achieve the greatest return on its training initiatives.
Read full story
Gordon Lawson's picture
How to Prepare for New SEC Cybersecurity Disclosure Requirements
Gordon Lawson - Incident Response
The new SEC requirements are putting on paper what many companies—public and private—should have been investing in already.
Read full story
Landon Winkelvoss's picture
Leveraging Managed Services to Optimize Your Threat Intelligence Program During an Economic Downturn
Landon Winkelvoss - Risk Management
How organizations can use managed services to optimize their threat intelligence program during an economic downturn.
Read full story
Torsten George's picture
Cybersecurity Awareness Month: 5 Actionable Tips
Torsten George - Network Security
Here are five best practices for defeating against most attacks, hopefully making the need for future Cybersecurity Awareness Months obsolete.
Read full story