SecurityWeek

CrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution.

SaaS app log analysis highlights the rapid smash and grab raid: in, steal, and leave in 30 minutes.

After a cybersecurity incident, what should organizations do to learn from it and improve their security posture for the future?

In modern security parlance, ‘immutable’ has three primary associations: immutable servers, immutable backup, and immutable data.

The US is offering up to $10 million for Iranian individuals accused of hacking water utility industrial control systems last year.

Vulnerabilities found in solar power systems could have been exploited by hackers to cause disruption and possibly blackouts.

AWS has patched vulnerabilities in several products, including flaws that could have been exploited to take over accounts.

Censys has found more than 40,000 internet-exposed ICS devices in the US, and notifying owners is in many cases impossible.

Researchers disclose the details of GhostWrite, a RISC-V CPU vulnerability that can be exploited to gain full access to targeted devices.

Researcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days.

The UK Information Commissioner’s Office announced its intention to fine Advanced Computer Software Group £6.09 million.

Scamnetic emerges from stealth mode with an AI-based scam detection solution and over $1 million in pre-seed funding.

What does “secure by default” mean for the average company as you implement security systems and protocols?

The ransomware scourge is still growing and still successful for attackers, Rapid7’s Ransomware Radar Report 2024 shows.

LoanDepot reported expenses totaling nearly $27 million related to the ransomware attack that came to light in January 2024.

A Chrome 127 update patches five vulnerabilities, and Firefox 129 addresses over a dozen security holes.

Microsoft is trying to determine “why other airlines were able to fully restore business operations so much faster than Delta.”

CrowdStrike says the Falcon sensor crash that blue-screened Windows machines was caused by a "confluence" of vulnerabilities and testing gaps.

A ransomware attack targeted the central data systems of Paris’ Grand Palais and other museums in the Réunion des Musées Nationaux network.

Samsung has paid out nearly $5 million through its bug bounty program since 2017 and the tech giant announced that the top reward has increased to $1 million.