Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

The largest U.S. water utility disconnects customer portal and suspends billing services following a cyberattack.

Multi-factor authentication is a necessary safeguard, but its limitations show why organizations can’t rely on it alone to prevent breaches.

Researchers find Smart TVs from Samsung and LG use a Shazam-like tracker to monitor what you watch. Opting out is complex and time-consuming.

The perfctl malware has been targeting vulnerabilities and misconfigurations in millions of Linux systems, likely infecting thousands.

MITRE’s AI Incident Sharing initiative helps organizations receive and hand out data on real-world AI incidents.

With 75+ sessions, the conference brings together hundreds of delegates to explore cutting-edge strategies and solutions to fortify OT environments and enhance resilience.

Universal Music Group is informing hundreds of individuals about a recent data breach impacting personal information. 

Okta has resolved a vulnerability that could have allowed attackers to bypass sign-on policies and gain access to applications.

Comcast says over 230,000 customers were affected by a data breach at Financial Business and Consumer Solutions.

The China-linked group Salt Typhoon hacked AT&T and Verizon, possibly compromising wiretap systems, according to WSJ.

Report finds most organizations have suffered financial impact of $500,000 or more from cyberattacks on cyber-physical systems over past year.

People on the Move

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn’s first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

Mario Duarte, formerly head of security at Snowflake, has joined Aembit as CISO.

More People On The Move
American Water Hacked American Water Hacked

The largest U.S. water utility disconnects customer portal and suspends billing services following a cyberattack.

Linux vulnerability Linux vulnerability

The perfctl malware has been targeting vulnerabilities and misconfigurations in millions of Linux systems, likely infecting thousands.

China hacks Verizon and AT&T China hacks Verizon and AT&T

The China-linked group Salt Typhoon hacked AT&T and Verizon, possibly compromising wiretap systems, according to WSJ.

Top Cybersecurity Headlines

Inside the collapse of IronNet: Some say the firm collapsed, in part, because it engaged in questionable business practices, produced subpar offerings, and could have been vulnerable to meddling by the Kremlin.

CISO salaries are getting higher and experience counts. Average annual compensation for these cybersecurity leaders is more than $550K.

A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

With millions of dollars on the line, Google took the smart money this week and patched Chrome ahead of today’s Pwn2Own and Pwnium competitions at the CanSecWest conference taking place this week in Vancouver.

Researchers from Kaspersky Lab have discovered “AlbaBotnet”, an emerging botnet that appears to be gearing up to inflict financial damage on accounts at banks in Chili.According to Kaspersky researchers, AlbaBotnet focuses on utilizing targeted phishing attacks designed to steal online accounts details, currently at two major Chilean banks.

A vulnerability patched in February by Oracle has been added to the Blackhole Exploit Kit, researchers have discovered. This wouldn’t normally be a headline event in and of itself, but most people seem to ignore Java once installed, and are vulnerable to dozens of attacks thinks to kits like this and the number of issues in the Java codebase.

For the third time in less than a month, organizations and home users who are still using Java, for whatever reason that may be, now need to apply yet another update. This latest patch, released Monday, addresses a bug that was first reported more than a month ago.

A few months ago, I wrote a column expressing my deep concern over the lack of progress in the debate about domain name registration data (a/k/a the WHOIS). The debate aims to reach collective understanding and agreement regarding the purpose of that data and, specifically, who should have access to it and how.

PRAGUE - Hackers attacked several top Czech news websites on Monday, overloading them with hundreds of thousands of requests per second to make them inaccessible, publishers said. "News servers have been facing a massive DDoS (Distributed Denial of Service) attack since 8:30 am (0730 GMT)," iDNES.cz, the website of the top-selling Czech broadsheet DNES, said on its Facebook profile.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.