Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

U.S. fighter jets successfully shot down the high altitude spy balloon launched by and belonging to China.

After French satirical magazine Charlie Hebdo’s launched a cartoon contest to mock Iran, an Iranian cyber retaliated in January.

A cyberattack caused a nearly daylong outage of the nation’s new 988 mental health helpline on Dec. 1, 2022, federal officials said

The Pentagon said a Chinese spy balloon was over the central United States, and that the U.S. rejected China’s claims that it was not being used for surveillance.

Former Ubiquiti employee Nickolas Sharp has admitted in court to abusing company-provided credentials to steal data and then attempting to extort Ubiquiti.

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

A critical authentication vulnerability in Jira Service Management Server and Data Center allows attackers to impersonate users.

VMware patches CVE-2023-20854, a vulnerability that can be exploited by a malicious hacker to delete arbitrary files.

Critical Oracle E-Business Suite vulnerability exploited in attacks shortly after PoC is published.

The U.S. is tracking a suspected Chinese spy balloon spotted over U.S. airspace, officials said on Feb. 2, 2023.

GoAnywhere MFT users warned about a zero-day remote code injection exploit that can be targeted directly from the internet

Google announces an expansion of its OSS-Fuzz rewards program to help find software vulnerabilities before they are exploited.

A high-severity format string vulnerability in F5 BIG-IP can be exploited to cause a DoS condition and potentially execute arbitrary code.

US Shoots Down Chinese Spy Balloon US Shoots Down Chinese Spy Balloon

U.S. fighter jets successfully shot down the high altitude spy balloon launched by and belonging to China.

Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op

After French satirical magazine Charlie Hebdo’s launched a cartoon contest to mock Iran, an Iranian cyber retaliated in January.

Venture Funding for Cybersecurity Venture Funding for Cybersecurity

SecurityWeek investigates how political/economic conditions will affect venture capital funding for cybersecurity firms during 2023.

Top Cybersecurity Headlines

U.S. fighter jets successfully shot down the high altitude spy balloon launched by and belonging to China.

After French satirical magazine Charlie Hebdo’s launched a cartoon contest to mock Iran, an Iranian cyber retaliated in January.

A cyberattack caused a nearly daylong outage of the nation’s new 988 mental health helpline on Dec. 1, 2022, federal officials said

The Pentagon said a Chinese spy balloon was over the central United States, and that the U.S. rejected China’s claims that it was not…

SecurityWeek Industry Experts



Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Upcoming Virtual Events

Attack Surface Management Summit

As network defenders adopt Attack Surface Management tools to continuously monitor for signs of weaknesses, this event will share best practices and actionable information to reduce risk from exposed attack surfaces.

Learn More
Ransomware Resilience & Recovery Summit

This event will separate hype from reality. SecurityWeek’s Ransomware Resilience and Recovery Summit will help cybersecurity teams to plan, prepare, and recover from ransomware incidents that continue to impose major costs businesses.

Learn More
Supply Chain Security Summit

The surge in software supply chain attacks has sent defenders scrambling to find mitigations and solutions. This event will address the complex nature of the problem, best practices for mitigating security issues, and tools and frameworks available.

Learn More
Zero Trust Strategies Summit

Zero Trust is more than a marketing buzzword. In this event, security experts will decipher the confusing world of Zero Trust, and share war stories on securing organizations by eliminating implicit trust and continuously validating every stage of digital interaction.

Learn More

Vulnerabilities

Cybercrime

On demand IT security risk and compliance solutions provider, Qualys, and RSA, The Security Division of EMC (NYSE: EMC), have expanded their technology partnership to make QualysGuard vulnerability management and IT policy compliance data available to RSA’s client base.

Top 10 Malware Threats for AprilSunbelt Software has announced the top 10 most prevalent malware threats for the month of April 2010. With nine of ten detections from March still on the list for April, it shows continued prevalence of Trojan horse programs circulating on the Internet. A new loader for a rogue security product making it into the top 10.

IT security and data protection firm Sophos announced that it has reached an agreement to sell a majority interest in the company to private equity group Apax Partners. The transaction will value the company at $830 million. Following the transaction, the founders of Sophos will retain a significant minority shareholding.

SecurityWeek staff has confirmed that portable storage, authentication, and trusted virtual computing solutions provider, IronKey, has raised $22 million in venture capital funding.

Managed information security services provider, SecureWorks, Inc., announced today the hire of Colonel Barry R. Hensley, former Director of the Army's Global Network Operations and Security Center. Hensley will be joining as Vice President of SecureWorks' Counter Threat Unit.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Cloud Security

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

ICS/OT

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...