Virtual Event Now Live: Cloud Security Summit | July 17 - Access Livestream
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Atlassian releases security-themed updates to fix several high-severity vulnerabilities in its Bamboo, Confluence and Jira products.

The additional funds will be used to further the development of new tools to counter the expanding threat of AI-generated voice deepfakes.

Furniture manufacturer Bassett Furniture was recently targeted in a ransomware attack that resulted in a shutdown of manufacturing facilities. 

Interpol arrests 300 people in a global crackdown on West African crime groups specializing in online financial fraud.

MNGI Digestive Health tells the Maine AGO that hackers accessed the personal information of 765,000 individuals.

A recently patched Apache HugeGraph-Server vulnerability tracked as CVE-2024-27348 is being targeted in attacks.

Join us as we explore the latest trends in the world of SaaS security, cyberattacks against cloud infrastructure, data security posture management (DSPM), and the hype and promise of AI and LLM technologies.

Chrome 126 security updates released this week resolve high-severity vulnerabilities reported by external researchers.

Oracle releases 386 new security patches to resolve roughly 240 unique CVEs as part of its July 2024 Critical Patch Update.

Pharmacy chain Rite Aid says 2.2 million people are impacted by a recent data breach for which the RansomHub group has taken credit.

NATO will establish a new cyber center to better protect against increasingly sophisticated cyber threats.

People on the Move

CISA has appointed Jeff Greene as Executive Assistant Director for Cybersecurity and Trent Frazier as Assistant Director for Stakeholder Engagement.

Anirban Sengupta has been named the CTO and SVP of Engineering of cloud networking and security firm Aviatrix.

Axonius has named Nick Degnan as its first Chief Revenue Officer and Rob Casselman as its first Chief Customer Officer.

Craig Boundy has left Experian to join McAfee as President and CEO.

Forcepoint has promoted Ryan Windham from Chief Customer and Strategy Officer to Chief Executive Officer.

More People On The Move
Rite Aid ransomware data breach Rite Aid ransomware data breach

Pharmacy chain Rite Aid says 2.2 million people are impacted by a recent data breach for which the RansomHub group has taken credit.

Kaspersky software ban Kaspersky software ban

Kaspersky is shutting down operations in the US and laying off employees following the recent Commerce Department ban.

AT&T Data Breach AT&T Data Breach

The massive AT&T breach has been linked to an American hacker living in Turkey and reports say the telecom giant paid a $370,000 ransom.

Top Cybersecurity Headlines

Google’s parent company Alphabet is reportedly in advanced talks to acquire the hotshot Israeli data security startup.

Data breach exposed records of call and text interactions for nearly all AT&T’s wireless customers and has been linked to the recent attacks targeting Snowflake customers.

Few people understand AI, nor how to use nor control it, nor where it is going. Yet politicians wish to regulate it.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s annual cloud security virtual summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure and APIs.

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

Learn More

Vulnerabilities

Cybercrime

IBM Report Says Security is a Top Barrier to Adoption in Business Analytics, Mobile, Social Business and CloudAs business demand for mobile, cloud, social business, and business analytics rises, enterprises have to deal with security concerns and severe IT skill shortages, IBM said in its latest Tech Trends Report.

Shortly after a few Pakistani websites were defaced, the Pakistan Cyber Army (PCA) responded with a massive defacement campaign focusing on China, less than 24-hours after taking out 26 Bangladeshi government domains. As is the case with most defacements from the PCA, or similar groups, the motive is mostly entertainment – unless there is a chance for political propagandizing. According to messages left by the PCA, it would see that propaganda was the aim this time around.

In February of 2008, two backup tapes containing data maintained by the U.S. Secret Service were left behind on a DC Metrorail. Now, nearly five years after the fact, the Department of Homeland Security's Office of Inspector General (DHS-OIG) is launching an investigation into the incident.

Researchers from Rapid7 and the Shadowserver Foundation discovered something unique last week. While browsing files on USENET, they discovered a botnet that has thousands of endpoints, and was able to operate without detection for months. To make matters worse, the botmaster took to Reddit earlier this year in order to brag about it.

Rapid7 on Friday released Metasploit Pro 4.5, the latest version of its flagship penetration testing and security risk assessment tool. The new release brings capabilities that let organizations simulate social engineering attacks and help understand just how vulnerable they may be to phishing attacks.

When I was a boy growing up in New Jersey, the basement in our older family home would flood several times a year. It was on a concrete slab and usually dried out after a few days, so it was okay. I came home from college one weekend and upon hearing my mom say she was going to carpet the basement, I reminded her of the periodic floods. She looked me in the eye and said, "Dammit Alan, I’m doing...

In what appears to be another case of the FBI taking credit for cracking a case they created, a former sailor is being charged with attempted espionage, after he allegedly tried to deliver naval secrets to the Russian Federation.

LONDON - A British student was on Thursday convicted for his role in a series of cyber-attacks by the hacking group Anonymous that cost the US online payments giant PayPal millions of dollars. Christopher Weatherhead, 22, was found guilty of participating in attacks by Anonymous on PayPal, MasterCard and other companies that refused to process payments to the whistleblowing website WikiLeaks.

Before arriving at Apple this fall, Kristin Paget used to break things at Microsoft. Now, her job will be to help secure Mac OS X for Apple, as the company that was once blasé about security starts to take things seriously. Paget’s LinkedIn profile lists her as working at Apple since September 2012 as a “Core OS Security Researcher”.

RIM is planning to release BlackBerry 10, the latest edition of its mobile operating system, on Jan. 30, and with that release comes an unmentioned security feature – password blocking. RIM hasn’t officially announced the protection settings, but a BlackBerry site in the U.K. discovered a list of 106 passwords that are forbidden on the new mobile OS.

Microsoft is planning to release seven security bulletins to close out the year. Five of the bulletins are rated 'Critical', while the other two are classified as 'Important.' All totaled, the bulletins address 11 vulnerabilities affecting Microsoft Word, Windows, Office, Windows Server and Internet Explorer (IE). The two 'Important' bulletins both address issues in Windows.

As the world races to adopt cloud computing, there is still a nagging challenge for IT security professionals: How can applications and infrastructure be trusted and controlled when organizations have seemingly given up both to their cloud providers? With Forrester Research forecasting public cloud computing to reach $57 billion in 2013 and exploding to over $157 billion by 2020, IT security needs to find an approach that works or risk becoming marginalized.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.

Cloud Security

Cloud Security

Join us as we explore the latest trends in the world of SaaS security, cyberattacks against cloud infrastructure, data security posture management (DSPM), and...