SecurityWeek

A Chrome 127 update patches five vulnerabilities, and Firefox 129 addresses over a dozen security holes.

Microsoft is trying to determine “why other airlines were able to fully restore business operations so much faster than Delta.”

CrowdStrike says the Falcon sensor crash that blue-screened Windows machines was caused by a "confluence" of vulnerabilities and testing gaps.

A ransomware attack targeted the central data systems of Paris’ Grand Palais and other museums in the Réunion des Musées Nationaux network.

Samsung has paid out nearly $5 million through its bug bounty program since 2017 and the tech giant announced that the top reward has increased to $1 million.

Modern ransomware attacks are multi-staged and highly targeted. First, attackers research the target organization and its employees.

Hackers targeted MDM firm Mobile Guardian and remotely wiped thousands of devices, but there is no evidence of data compromise.

Email security firm Abnormal Security has raised $250 million in a Series D funding round at a $5.1 billion valuation. 

Microsoft paid out $16.6 million to over 340 security researchers through its bug bounty programs over the past year.

CrowdStrike and Delta are fighting over who is to blame for the airline canceling thousands of flights following the massive outage.

Google has patched CVE-2024-36971, a high-severity kernel zero-day vulnerability in Android that has been exploited in targeted attacks. 

AWS says a massive neural network graph model with 3.5 billion nodes and 48 billion edges is speeding up the prediction and detection of malicious domains.

The introduction of AI can bring benefits to the enterprise while not introducing additional risk that is beyond acceptable levels.

Chinese group StormBamboo spotted delivering Windows and macOS malware by compromising an ISP and using DNS poisoning.

Nakasone will assess the firm’s investments and offer strategic support to portfolio companies in the fight against adversarial advances in the cyber domain.

A new Linux kernel exploitation technique named SLUBStick makes heap vulnerabilities more dangerous. 

Organizations are being warned of a newly discovered Apache OFBiz vulnerability as exploitation of another recent flaw is observed.

The US Justice Department has sued TikTok, accusing the company of illegally collecting children’s data and violating an online privacy law.

Keytronic says the recent ransomware attack resulted in expenses and lost revenue totaling more than $17 million.

Einstein has led CISA’s AI efforts since 2023 as CISA’s Senior Advisor for AI.