SecurityWeek

The SEC filed charges against SolarWinds and its CISO over misleading investors about its cybersecurity practices and known risks.

The Chief Information Officer of Canada determined that WeChat and Kaspersky applications present an unacceptable level of risk to privacy and security.

A 20-year-old Floridian was sentenced to prison for his role in a hacking scheme that led to the theft of $1 million in cryptocurrency.

Proofpoint removes a formidable competitor from the crowded email security market and adds technology to address risk from misdirected emails.

The LockBit ransomware gang claims to have stolen large amounts of data from aerospace giant Boeing.

New capability detects attacks on iMessage servers and allows users to verify a conversation partner’s identity.

Researchers document the Wiki-Slack attack, a new technique that uses modified Wikipedia pages to target end users on Slack.

Hackers have demonstrated 58 zero-days and earned more than $1 million in rewards at Pwn2Own Toronto 2023.

Are whistleblowers traitors to the company, a danger to corporate brand image, and a form of insider threat? Or are they an early warning safety valve that can be used to strengthen cybersecurity and compliance?

President Joe Biden on Monday will sign a sweeping executive order to guide the development of artificial intelligence — requiring industry to develop safety and security standards, and introducing new consumer protections.

Noteworthy stories that might have slipped under the radar: Ex-NSA employee spying for Russia, EU threat landscape report, cyber education funding

The StripedFly malware has APT-like capabilities, but remained unnoticed for five years, posing as a cryptocurrency miner.

A critical-severity vulnerability in F5 BIG-IP CVE-2023-46747 allows unauthenticated attackers to execute code remotely.

U.N. Secretary-General António Guterres assembled a global advisory panel to report on international governance of artificial intelligence and its risks, challenges and key opportunities.

Mirth Connect versions prior to 4.4.1 are vulnerable to CVE-2023-43208, a bypass for an RCE vulnerability.

Smart speakers, printers, routers, NAS devices, and mobile phones were hacked on the second day at Pwn2Own Toronto 2023.

AI cybersecurity firm Cranium has raised $25 million in Series A funding, which brings the total investment in the company to $32 million.

There are key steps every organization should take to leverage threat and event data across the lifecycle of a cyber incident.

Kansas is calling a massive computer outage that’s kept most of the state’s courts offline for 2 weeks a “security incident” and experts say it's likely ransomware.

CISA and the HHS have released resources for healthcare and public health organizations to improve their security.