Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

McInerney’s path to becoming a hacker is subtly different to many other hackers. He started as a 22-year old psychology graduate rather than a computer-obsessed 9-year old kid.

A hacker has posted online over 760,000 records belonging to employees of Bank of America, Koch, Nokia, JLL, Xerox, Morgan Stanley, and Bridgewater.

Hackers have caused close to $1.49 billion in cryptocurrency losses this year, with $71 million worth of assets stolen in November.

Energy sector contractor ENGlobal Corporation has restricted access to some of its systems in response to a ransomware attack.

Cisco has updated an advisory for CVE-2014-2120 to warn customers that the vulnerability has been exploited in the wild. 

AWS has launched Security Incident Response, a new service for quick and efficient security event management.

The ‘Bootkitty’ prototype UEFI bootkit contains an exploit for LogoFAIL and was created in a South Korea university program.

Roundup of the forty-nine cybersecurity-related merger and acquisition (M&A) deals announced in November 2024.

A critical-severity vulnerability in open source enterprise network monitoring tool Zabbix could lead to full system compromise.

Alder Hey Children’s Hospital and Wirral University Teaching Hospital have fallen victim to cyberattacks, including one involving ransomware.

Russian authorities have reportedly arrested Mikhail Matveev, who is wanted by the US for ransomware attacks against critical infrastructure.

People on the Move

SSH Communications Security has appointed Pauli Haikonen as the company’s Chief Information Security Officer (CISO).

Cloud and container security firm Sysdig has tapped William Welch as CEO on its path to an IPO.

Dave Scher has been promoted to Deputy Chief Information Officer at MITRE.

Anti-ransomware platform Arms Cyber has named Bob Kruse as its CEO.

Darren Sankbeil has been named Chief Strategy Officer (CSO) at Dragos.

More People On The Move
UEFI vulnerability UEFI vulnerability

The ‘Bootkitty’ prototype UEFI bootkit contains an exploit for LogoFAIL and was created in a South Korea university program.

Russian hacker arrested Russian hacker arrested

Russian authorities have reportedly arrested Mikhail Matveev, who is wanted by the US for ransomware attacks against critical infrastructure.

Microsoft patches exploited vulnerability Microsoft patches exploited vulnerability

Microsoft informed customers that vulnerabilities affecting cloud, AI and other services have been patched, including an exploited flaw.

Top Cybersecurity Headlines

The Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery.

Supply chain management software provider Blue Yonder has been targeted in a ransomware attack that caused significant disruptions for some customers.

Russian cyberspy group APT28 conducted a Nearest Neighbor Attack, where it hacked into the building across the street from the victim for a Wi-Fi attack. 

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack Demonstration to learn how hackers operate and gain knowledge to strengthen your defenses against deepfake and BEC fraud.

Register

Learn how to develop a holistic solution that provides you and your team the power to mitigate cyber threats effectively within your OT environment.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

Huddle with your peers to measure the costs, benefits, and risks of deploying machine learning and predictive AI tools in the enterprise, the threat from adversarial AI and deepfakes, and preparation for the inevitable compliance and regulations. (December 4, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

TOKYO - Yahoo Japan Corp. has said it suspects up to 22 million user IDs may have been stolen during an unauthorised attempt to access the administrative system of its Yahoo! Japan portal.

WASHINGTON - US authorities seized the accounts of a Bitcoin digital currency exchange operator, claiming it was functioning as an "unlicensed money service business," court documents showed Friday.

RIYADH - Several government Internet sites have come under "coordinated and simultaneous" cyber attack, an information security spokesman in the oil-rich kingdom reported on Friday.

ROME - Italian police on Friday arrested four alleged hackers believed to belong to the activist group Anonymous for attacking websites, including those of the Vatican and the parliament in Rome. The four have been placed under house arrest and communications police carried out a dozen raids.

LONDON - The website of Britain's Financial Times appeared to have been hacked on Friday by the Syrian Electronic Army, a mysterious group seemingly aligned with the regime of President Bashar al-Assad.

Trust comes at a price. However, while IT security professionals understand this, they often treat trust as an afterthought. As a result, companies suffer the consequences in unexpected recovery costs and failed business relationships.

Researchers at Zscaler have discovered a fake YouTube page that is hosting malicious Chrome extensions. Such pages, as seen in the past, prey on the uninformed users with poorly patched systems to spread malware.

LONDON - Four members of the LulzSec international hacking group were sentenced to prison terms in Britain on Thursday for masterminding cyber attacks on major global institutions, including Sony Pictures and the CIA.

Network security vendor Palo Alto Networks, today announced that its next generation firewalls have achieved Common Criteria certification at Evaluation Assurance Level 4+ (EAL4+), making Palo Alto Networks firewalls validated for deployment in critical infrastructures, ranging from national governments to enterprise and financial institution networks.

Fixmo, a provider of mobile security and risk management solutions, today launched Fixmo SharePlace, a data leakage prevention (DLP) solution designed to provide secure and compliant remote access to Microsoft SharePoint from iOS and Android devices.

Today’s businesses must be able to rapidly adapt to changing market conditions – to support a new venture, merger/acquisition, etc. As business needs change, so too must the underlying security policies.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

GitHub has launched a $1.25 million fund to be invested in improving the security of 125 open source projects.

Cloud Security

Cloud Security

AWS has launched Security Incident Response, a new service for quick and efficient security event management.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.