SecurityWeek

Carnival Corp. said Thursday that a data breach in March might have exposed personal information about customers and employees on Carnival Cruise Line, Holland America Line and Princess Cruises.

CDN, cybersecurity and cloud services provider Akamai has blamed an outage that occurred on Thursday on an issue with its Prolexic DDoS attack protection service.Akamai’s Prolexic Routed is a fully managed service designed to protect an organization’s online assets against distributed denial-of-service (DDoS) attacks.

Google’s ongoing struggles with in-the-wild zero-day attacks against its flagship Chrome browser isn’t going away anytime soon.

Google wants to bring “salsa” to drive enforcement at the software supply chain security party.

Gateley, a legal and professional services group in the UK, on Wednesday revealed that it’s investigating a cybersecurity incident that resulted in the exposure of some data, including client information.

US President Joe Biden delivered a stern warning Wednesday to Russian leader Vladimir Putin over ransomware attacks emanating from Russia, saying he was prepared to retaliate against any more cyber assaults on American infrastructure.

A Russian national accused of operating online services designed to help malware evade detection by security products was convicted this week in the United States.

Previously I explored why the importance of evaluating cybersecurity prior to mergers and acquisitions and the layers of security management that involves. However, the security strategy goes beyond having an understanding of what’s involved.

Industrial cybersecurity company Claroty on Thursday announced that it has raised $140 million in a Series D funding round, which brings the total raised by the firm to $235 million.

Cybersecurity researchers in Europe say they have discovered a flaw in an encryption algorithm used by cellphones that may have allowed attackers to eavesdrop on some data traffic for more than two decades.In a paper published Wednesday, researchers from Germany, France and Norway said the flaw affects the GPRS - or 2G - mobile data standard.

Ukrainian police have carried out nearly two dozen raids targeting alleged associates of a Russian-speaking ransomware gang it blamed for a half billion dollars in cyberattacks and extortion that hit the United States and South Korea especially hard.

Threat hunters at Kaspersky are sounding a warning for an Iranian APT actor that has been silently conducting domestic cyber-surveillance operations for the last six years.

The EU's proposed new rules to rein in tech giants risk undermining the security of the iPhone, Apple chief Tim Cook warned Wednesday.The European Union last year unveiled tough draft rules targeting tech giants like Apple, Google, Amazon and Facebook that could shake up the way Big Tech does business.

Google has finally enabled end-to-end encryption (E2EE) for the Messages app in Android but the privacy-enhancing tool remains somewhat limited.Google announced end-to-end encryption is now available in Android, but only for one-on-one conversations between users of the Messages app.

Google this week announced that it has released open source tools and libraries that can be used by developers to implement fully homomorphic encryption (FHE).

A critical vulnerability discovered in a ThroughTek P2P software development kit (SDK) used by multiple security camera manufacturers can be exploited to gain remote access to camera feeds.

Facebook is subject to EU privacy challenges from watchdogs in any of the bloc’s member states, not just its lead regulator in Ireland, the bloc’s top court ruled Tuesday, in a ruling that has implications for other big tech companies.

Even before the pandemic, the last couple of years has seen a series of seismic shifts in data privacy and security for companies. In 2021, there’s no denying things have changed. Some offices are opening up, but for many of us in the data security trenches, we’re still in the middle of a pandemic. Many of us are still firmly embedded in a protocol that’s been in place for more than a year now. 

Vulnerabilities discovered in some older Schneider Electric PowerLogic products can allow hackers to remotely take control of devices or disrupt them.

Vulnerabilities identified in the STEM Audio Table conference room speakerphone could be exploited by hackers for various purposes, including to eavesdrop on conversations, according to cybersecurity research firm GRIMM.