Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam.

U.S. fighter jets successfully shot down the high altitude spy balloon launched by and belonging to China.

After French satirical magazine Charlie Hebdo’s launched a cartoon contest to mock Iran, an Iranian cyber retaliated in January.

A cyberattack caused a nearly daylong outage of the nation’s new 988 mental health helpline on Dec. 1, 2022, federal officials said

The Pentagon said a Chinese spy balloon was over the central United States, and that the U.S. rejected China’s claims that it was not being used for surveillance.

Former Ubiquiti employee Nickolas Sharp has admitted in court to abusing company-provided credentials to steal data and then attempting to extort Ubiquiti.

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

A critical authentication vulnerability in Jira Service Management Server and Data Center allows attackers to impersonate users.

VMware patches CVE-2023-20854, a vulnerability that can be exploited by a malicious hacker to delete arbitrary files.

Critical Oracle E-Business Suite vulnerability exploited in attacks shortly after PoC is published.

The U.S. is tracking a suspected Chinese spy balloon spotted over U.S. airspace, officials said on Feb. 2, 2023.

GoAnywhere MFT users warned about a zero-day remote code injection exploit that can be targeted directly from the internet

Google announces an expansion of its OSS-Fuzz rewards program to help find software vulnerabilities before they are exploited.

US Shoots Down Chinese Spy Balloon US Shoots Down Chinese Spy Balloon

U.S. fighter jets successfully shot down the high altitude spy balloon launched by and belonging to China.

Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op

After French satirical magazine Charlie Hebdo’s launched a cartoon contest to mock Iran, an Iranian cyber retaliated in January.

Venture Funding for Cybersecurity Venture Funding for Cybersecurity

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Top Cybersecurity Headlines

Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam.

U.S. fighter jets successfully shot down the high altitude spy balloon launched by and belonging to China.

After French satirical magazine Charlie Hebdo’s launched a cartoon contest to mock Iran, an Iranian cyber retaliated in January.

A cyberattack caused a nearly daylong outage of the nation’s new 988 mental health helpline on Dec. 1, 2022, federal officials said

SecurityWeek Industry Experts



Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Upcoming Virtual Events

Attack Surface Management Summit

As network defenders adopt Attack Surface Management tools to continuously monitor for signs of weaknesses, this event will share best practices and actionable information to reduce risk from exposed attack surfaces.

Learn More
Ransomware Resilience & Recovery Summit

This event will separate hype from reality. SecurityWeek’s Ransomware Resilience and Recovery Summit will help cybersecurity teams to plan, prepare, and recover from ransomware incidents that continue to impose major costs businesses.

Learn More
Supply Chain Security Summit

The surge in software supply chain attacks has sent defenders scrambling to find mitigations and solutions. This event will address the complex nature of the problem, best practices for mitigating security issues, and tools and frameworks available.

Learn More
Zero Trust Strategies Summit

Zero Trust is more than a marketing buzzword. In this event, security experts will decipher the confusing world of Zero Trust, and share war stories on securing organizations by eliminating implicit trust and continuously validating every stage of digital interaction.

Learn More

Vulnerabilities

Cybercrime

The Recovery Accountability and Transparency Board announced today that Recovery.gov has moved to a cloud computing infrastructure, a technology that will allow for more efficient computer operations, improved security and reduced costs.

Log Management and Security Event Management solution provider, LogLogic, today announced that it is cutting the price of its Security Event Management (SEM) products by more than 50% in order to make SEM technology more accessible to companies of all sizes.“Vendors seem to be hiding all sorts of costs as add-ons, feature upgrades, and installation services,” said Guy Churchward, CEO of LogLogic. “LogLogic is committed to offering a complete product at a transparent price, with zero compromise on the core...

AT&T (NYSE:T) today announced an update to its Secure E-mail Gateway Service through a partnership with McAfee. The new service, delivered as a "Security as a Service" (SaaS) solution, integrates McAfee's e-mail protection technology and global threat intelligence with AT&T's network gateway nodes to deliver enhanced SaaS capabilities for customers throughout the world.

AT&T, working with local officials and business leaders, is conducting a full-scale disaster recovery simulation - a Network Disaster Recovery Exercise - in the Metro Detroit area from May 6 to May 14 near The Dearborn Inn.Last week, a fleet of 22 semi-tractor trailers was brought into Dearborn, loaded with networking equipment for creating a temporary central network office. A team of more than 60 permanent and volunteer NDR team members assembled and turned up the central network office, first...

Twitter is being flooded with reports of DNS outages in Germany, Austria and some other European countries. Many users are reporting ".de" domains not resolving and that several root servers are failing.Update 9:24AM EST: The issue seems to be limited to .de domain names due to an outage of .de zone TLD servers. The problem appears to be in a configuration or database issue as some domains are working and some are not. For example, as of now, facebook.de works...

A survey of 353 network administrators entitled “What Keeps Network Administrators Up At Night,” asked the administrators to rank their top three priorities, with the results showing that 25% ranked "securing remote access" as being their top priority, while 15% said "keeping viruses definitions up to date" was a top priority.

On October 21, 2002, the Internet’s core root server system as a whole came under a significant attack. A coordinated distributed denial-of-service attack aimed to knock the 13 domain name system root servers – the closest thing the Internet has to a single point of failure – offline. Had it succeeded, electronic communications would have eventually frozen up and e-commerce would have slowly ground to a halt. The economic consequences could have been dire.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Cloud Security

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

ICS/OT

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...