Latest News

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

More than a dozen new Mac malware families were discovered in 2022, including information stealers, cryptocurrency miners, loaders, and backdoors, and many of them have been linked to China.

Secure access service edge (SASE) provider Netskope on Thursday announced that it has raised $401 million in an oversubscribed financing round. To date, the company has raised close to $1.5 billion.

In a recent attack against a Ukrainian organization, Russian state-sponsored threat actor Turla leveraged legacy Andromeda malware likely deployed by other hackers via an infected USB drive, Mandiant reports.

The cybercriminals behind the Dridex banking trojan have adopted a new tactic in recent attacks targeting macOS devices, overwriting the victim’s document files to deliver their malicious code, Trend Micro reports.

More than 200 government, education, and healthcare organizations in the United States fell victim to ransomware in 2022, data gathered by cybersecurity firm Emsisoft shows.

Many devices made by Microsoft, Lenovo, Samsung and likely others are affected by potentially serious UEFI firmware vulnerabilities in Qualcomm Snapdragon chips.

Cloud company Rackspace has completed its investigation into the recent ransomware attack and found that the hackers did access some customer resources.

France's data regulator said Wednesday that it had fined Apple eight million euros ($8.5 million) for breaching privacy laws on its App Store.The CNIL said the US tech giant had installed trackers on the devices of French users without directly asking their consent, allowing it to place targeted ads within the App Store.

The SecurityWeek editorial team huddled over the holidays to look back at the stories that shaped 2022 and, more importantly, to stare into a shiny crystal ball to find the cybersecurity narratives that will dominate this year’s headlines.

Zoho this week announced patches for a high-severity SQL injection vulnerability in ManageEngine Password Manager Pro, PAM360, and Access Manager Plus.ManageEngine is an enterprise software solution offering management capabilities for endpoints, enterprise services, identity and access, IT operations, and security information and events.

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car functions and start or stop the engine.

US burger chain Five Guys has disclosed a data breach impacting job applicants, and the company may be facing a lawsuit over the cybersecurity incident.Five Guys appears to have started informing customers on December 29, when it also notified state authorities about the incident.

Enterprise communication and collaboration platform Slack has informed customers that hackers have stolen some of its private source code repositories, but claims impact is limited.