SecurityWeek

Several potentially serious vulnerabilities discovered in Fortinet’s FortiWeb web application firewall (WAF) could expose corporate networks to attacks, according to the researcher who found them.

Cybersecurity companies and U.S. intelligence agencies are investigating the possible role played by a product from JetBrains in the recently discovered SolarWinds hack, according to reports.

A newly identified malware attack campaign has been exfiltrating emails from targeted organizations using a JavaScript backdoor injected into a webmail system widely used in Taiwan.  

The Justice Department disclosed on Wednesday that it was among the federal agencies harmed by a massive breach of government networks that U.S. officials have linked to Russia.

Fraud Detection Solutions Must be Easily Integrated Into Security and Fraud Operations

Security researchers have spotted a brand new ransomware family taking aim at corporate networks, warning that professional cybercriminals have already hit multiple organizations with the file-encryption scheme.

Industrial cybersecurity firm Dragos has hired Steve Applegate, former VP and Deputy CISO at PepsiCo, as Chief Information Security Officer (CISO).

Vulnerabilities discovered by Cisco Talos researchers in SoftMaker Office can be exploited for arbitrary code execution by creating malicious documents and tricking victims into opening them.

The U.S. government on Wednesday announced the launch of another bug bounty program conducted in collaboration with hacker-powered cybersecurity platform HackerOne.

A class action lawsuit was filed on behalf of SolarWinds investors this week over the cybersecurity breach suffered by the Texas-based IT management solutions provider.

Singapore has admitted data collected for contact-tracing can be accessed by police despite earlier assurances it would only be used to fight the coronavirus, sparking privacy concerns Tuesday about the scheme.

President Donald Trump has signed an executive order banning transactions with eight Chinese apps including Alipay and WeChat Pay in an escalation of a trade war that has been unfolding through most of his term.

Top national security agencies confirmed Tuesday that Russia was likely responsible for a massive hack of U.S.

The U.S. government has released a plan with a list of top-priority items to mitigate threats and provide security to the crucial maritime sector.

Wanted: Spies from all backgrounds and walks of life.Striving to further diversify its ranks, the CIA launched a new website Monday to find top-tier candidates who will bring a broader range of life experiences to the nation’s premier intelligence agency

Reseachers are raising the alarm for a newly identified operation leveraging a new Remote Access Tool (RAT) written in Golang to steal crypto-currency from unsuspecting users.

Cloud-delivered network security startup iboss on Tuesday announced the closing of a new $145 million financing deal to speed up growth in a lucrative market.

Data security solutions provider Netwrix has merged with Stealthbits, a cybersecurity company focused on protecting sensitive data and credentials. 

Citrix on Monday informed customers that it released firmware updates for its Application Delivery Controller (ADC) and Gateway products to prevent threat actors from abusing the appliances to launch and amplify distributed denial-of-service (DDoS) attacks.

Google this week announced the January 2021 security updates for Android devices, which address 42 vulnerabilities, including four rated critical severity.