SecurityWeek

Researchers at mobile security firm Lookout have published information on two recently discovered Android spyware families employed by an advanced persistent threat (APT) group named Confucius.

President Joe Biden's administration has asked a US federal court to pause proceedings aimed at banning TikTok to allow for a fresh review of the national security threat from the popular Chinese-owned video app.

An analysis of 30 popular mobile health (mHealth) applications has revealed that all of them expose the full patient records of millions of people.

Security Summits Series Offers Cybersecurity Professionals an Immersive Online Experience to Learn and Connect on Critical Issues

After members of Congress criticized as “disorganized” the U.S. response to a massive breach of government departments and private corporations discovered late last year, the White House announced Wednesday that a senior national security official had been leading the effort since the first day of the Biden administration.

Siemens this week released nine new security advisories describing vulnerabilities affecting the company’s products.

Police have arrested 10 people in the U.K., Belgium and Malta for allegedly hijacking mobile phones belonging to U.S. celebrities including internet influencers, sports stars and musicians to steal personal information and millions in cryptocurrency, authorities said.

While Working From Home We Need to Avoid Engaging in Practices That May Typically Circumvent Controls at Work

CYE, a Tel Aviv, Israel-based company on a mission to help companies identify “real-life” cyber risks by leveraging humans and machines, announced today that it has raised $100 million in growth funding through a financing round led by private equity firm EQT.

Enterprise IoT security company Armis on Wednesday announced another major funding round that brings its valuation to $2 billion.Armis said it raised $125 million in the latest round, which brings the total investment secured by the company to $300 million. 

Apple on Tuesday released macOS security updates to patch a recently disclosed vulnerability in the Sudo utility.Present in most Unix- and Linux-based operating systems out there, Sudo is a tool that allows users to execute programs with the privileges of another user, which by default is superuser.

SAP has released seven new security notes on February 2021 Security Patch Day, including a Hot News note that addresses a critical flaw in SAP Commerce. It also updated six previously released notes.

Security researcher Alex Birsan discovered a way to breach tens of organizations through software dependencies, and he earned tens of thousands of dollars in bug bounties from Microsoft, Apple and some of the other affected companies.

Messaging apps such as Messenger or WhatsApp and video calls on Zoom face stricter privacy rules in Europe, after a draft law passed a key EU hurdle on Wednesday.

Intel on Tuesday announced the release of updates that patch tens of vulnerabilities across many of the company’s software and hardware products.

Two severe vulnerabilities in the NextGEN Gallery WordPress plugin could have exposed more than 800,000 websites to complete takeover, WordPress security company Defiant reported on Monday.

Antivirus solutions provider Emsisoft revealed last week that a third-party had accessed a publicly exposed database containing technical logs.

A hacker’s botched attempt to poison the water supply of a small Florida city is raising alarms about just how vulnerable the nation’s water systems may be to attacks by more sophisticated intruders. Treatment plants are typically cash-strapped, and lack the cybersecurity depth of the power grid and nuclear plants.

Microsoft's scheduled monthly batch of security patches landed with a loud thud Tuesday with fixes for at least 56 security vulnerabilities in a range of operating system and software products.

Adobe on Tuesday announced the availability of patches for 50 vulnerabilities across six of its products, including a zero-day vulnerability in Reader that has been exploited in the wild.