SecurityWeek

The Bank of England will make an assessment next year about the risks posed by artificial intelligence and machine learning.

Microsoft announced a major shakeup of its security hierarchy, removing the CISO and Deputy CISO and handing the reins to a recent hire.

iVerify, a seed-stage startup spun out of Trail of Bits, ships a mobile threat hunting platform to neutralize iOS and Android zero-days.

LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images.

The Shadowserver Foundation warns of an increase in the number of devices hacked via recent Cisco IOS XE vulnerabilities.

Chrome 120 was released in the stable channel with patches for 10 vulnerabilities, including five externally reported flaws.

The Dragos Community Defense Program is offering free OT cybersecurity software to small electric, water, and natural gas utilities in the US. 

A new GAO report reveals that 20 out of 23 US federal agencies have not fully implemented incident response plans.

US government agency was targeted in attacks that involved exploitation of an Adobe ColdFusion vulnerability tracked as CVE-2023-26360.

CISA has added to its Known Exploited Vulnerabilities Catalog four Qualcomm bugs, including three exploited as zero-days.

AI-powered attacks will become progressively more common, and a well-rounded security approach involves more than simply managing incidents effectively.

Forescout has found 21 vulnerabilities in Sierra Wireless OT/IoT routers that could expose critical infrastructure organizations to remote attacks. 

Personal genetics firm 23andMe said hackers accessed the personal information about 6.9 million of its members.

Facebook parent Meta and IBM launched a new group called the AI Alliance that’s advocating for an “open science” approach to AI development.

ArmorCode raises $40 million in a Series B funding round to help organizations ship secure applications.

Lasso warns of more than 1,600 leaked Hugging Face API tokens belonging to hundreds of organizations.

The details of 10 unpatched Loytec building automation product vulnerabilities have been disclosed two years after their discovery.

Israeli early-stage startup snags financing from Battery Ventures, PayPal Ventures and Nationwide Ventures.

BlackBerry attributes cyberattack against an aerospace organization in the US to a new threat actor named AeroBlade.

Thirty-four cybersecurity-related merger and acquisition (M&A) deals were announced in November 2023.