SecurityWeek

A survey conducted recently by cybersecurity firm Fortinet showed that more than 90% of organizations that use operational technology (OT) systems have experienced some sort of cyber incident in the past year.

The Supreme Court on Thursday limited prosecutors’ ability to use an anti-hacking law to charge people with computer crimes.

A Nigerian national was arrested recently in the United States on charges related to hacking into user accounts at a payroll processing company, to steal payroll deposits.

Two members of the notorious Carbanak cybergang were sentenced to 8 years in prison, Kazakhstani authorities announced this week.

Enterprise security vendor Cisco has shipped fixes for a wide range of severity vulnerabilities, including patches for high-risk flaws in the widely deployed Webex Player, SD-WAN software, and ASR 5000 series software.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday announced the availability of a new guide for cyber threat intelligence analysts on the use of the MITRE ATT&CK framework.

Trend Micro on Thursday disclosed the details of a recently patched privilege escalation vulnerability that has been found to impact macOS, iOS and iPadOS.

There’s a gap between the promise of a security technology and operational reality

Newly discovered cyber weapon uses elaborate multi-stage infection-chain to make detection and analysis difficult

Enterprise mobile security company Hypori this week announced it raised $20 million in a Series A funding round led by GreatPoint Ventures (GPV). To date, the company raised $33.9 million.

US President Joe Biden said Wednesday he is "looking" at possible retaliation after the White House linked Russia to a cyberattack against global meat processing giant JBS.

Cybersecurity professionals have seen a surge in cyberattacks in the past year, and many blamed the trend on more employees working from home due to the COVID-19 pandemic, according to a report published on Thursday by VMware.

The FBI has publicly confirmed that the REvil ransomware was used in the cyberattack that forced the world’s largest meat processing company to shut down systems.

oak9 on Wednesday announced the launch of its Infrastructure-as-Code (IaC) security platform, backed by a $5.9 million seed funding round.IaC is the process of managing and provisioning of infrastructure through code instead of through manual processes.

FireEye (NASDAQ: FEYE) on Wednesday announced plans to sell its products business, including the FireEye name, as part of a $1.2 billion transaction that splits off the Mandiant Solutions unit from the company’s endpoint protection and cloud security products.

Microsoft’s aggressive push to ferret out security problems in the firmware powering IoT devices took on new urgency this week with the acquisition of ReFirm Labs, an early-stage startup that helps businesses pinpoint and fix weak links at the firmware layer.

The world’s largest meat processing company has resumed most production after a weekend cyberattack, but experts say the vulnerabilities exposed by this attack and others are far from resolved.

Steamship Authority Hit by Cyberattack 

Cisco’s Talos threat intelligence and research unit on Wednesday disclosed the details of several SMB-related vulnerabilities patched recently by Apple in its macOS operating system.SMB, which stands for Server Message Block, is a protocol for sharing files, printers, and serial ports. Apple’s own SMB stack is called SMBX.

More than 17,000 websites are exposed to attacks targeting a critical zero-day vulnerability in the Fancy Product Designer WordPress plugin, the Wordfence team at WordPress security company Defiant warns.