SecurityWeek

Cisco’s Smart Install protocol is still being abused in attacks — five years after the networking giant issued its first warning — and there are still roughly 18,000 internet-exposed devices that could be targeted by hackers.

Intel this week announced the availability of patches for 73 vulnerabilities identified across multiple products, including several high-severity flaws that can be exploited to escalate privileges.According to Intel, more than half of the bugs were discovered internally and 40% were reported through its bug bounty program.

Cyber risk management solutions provider Brinqa this week announced that it received $110 million in growth capital from private equity firm Insight Partners.

A pipeline company CEO on Tuesday defended his decisions to abruptly halt fuel distribution for much of the East Coast and pay millions to a criminal gang in Russia as he faced down one of the most disruptive ransomware attacks in U.S. history.

Industrial automation giants Siemens and Schneider Electric on Tuesday released several security advisories to inform customers about tens of vulnerabilities affecting their products. The companies have provided patches and recommendations for reducing the risk of exploitation.

One drug trafficker texted another that he had a "job" and a proven way to get it done: two kilograms of cocaine from Bogota using the French embassy's protected diplomatic pouch.

Automated endpoint management startup Aiden Technologies on Tuesday announced that it closed a $2.9 million seed funding round led by Right Side Capital Management.Congress Avenue Ventures, the Gaingels, and SAJE Investments also participated in the round, along with various advisors and strategic individual investors.

German software maker SAP this week released 17 new security notes documenting security vulnerabilities being fixed as part of the company's June 2021 SAP Security Patch Day.

New York City’s law department was been hit with a cyberattack that forced officials to take the 1,000-lawyer agency offline, but Mayor Bill de Blasio said he believes no data was compromised in the hack.

Microsoft’s Patch Tuesday will take on extra urgency this month with the news that at least six previously undocumented vulnerabilities are being actively exploited in the wild.

Adobe’s product security response machine revved into high gear this week with the release of multiple patches for gaping security holes in widely deployed software products.

Organizations have been warned about denial of service (DoS) vulnerabilities found in RabbitMQ, EMQ X and VerneMQ, three widely used open source message brokers.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today announced that it has partnered with the crowdsourced cybersecurity community for the launch of its vulnerability disclosure policy (VDP) platform.

Google this week announced the availability of the latest monthly security patches for the Android operating system, which address more than 50 vulnerabilities, including several rated critical severity.

A couple of vulnerabilities discovered in industrial controllers made by WAGO, a German company specializing in electrical connection and automation solutions, can be exploited to disrupt technological processes, which in some cases could lead to industrial accidents, according to Russian cybersecurity firm Positive Technologies.

Police arrested more than 800 people worldwide in a huge global sting involving encrypted phones that were secretly planted by the FBI, law enforcement agencies said Tuesday.

The Justice Department has recovered most of a multimillion-dollar ransom payment made to hackers after a cyberattack that caused the operator of the nation’s largest fuel pipeline to halt its operations last month, officials said Monday.

United States trucks and military vehicles maker Navistar International Corporation has confirmed a cyberattack that resulted in some data being stolen.

A newly identified piece of malware that targets Windows Server containers can execute code on the underlying node and then spread in the Kubernetes cluster, according to a warning from security researchers at Palo Alto Networks.