Upcoming Virtual Event: Cloud Security Summit | July 17 - Register Now
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Google’s parent company Alphabet is reportedly in advanced talks to acquire the hotshot Israeli data security startup.

Noteworthy stories that might have slipped under the radar: Apple’s spyware warning, CDK Global’s ransom payment, Platinum giant Sibanye hit by cyberattack.

Successful exploitation could allow attackers to deliver executable attachments to inboxes.

Advance Auto Parts says the personal information of 2.3 million was compromised after hackers accessed its Snowflake account.

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.

Data breach exposed records of call and text interactions for nearly all AT&T’s wireless customers and has been linked to the recent attacks targeting Snowflake customers.

Akira and EstateRansomware cybercrime gangs have been exploiting a year-old Veeam Backup & Replication vulnerability in recent attacks.

London startup Tracebit has raised $5 million in seed funding for its cloud-native threat detection and deception solution.

A threat actor tracked as CrystalRay has hit 1,500 victims since February, stealing credentials and deploying backdoors.

GitLab issues an advisory for a critical-severity vulnerability that allows an attacker to trigger a pipeline as another user.

In response to recent intrusions, CISA and the FBI are urging businesses and device manufacturers to eliminate OS command injection vulnerabilities at the source.

People on the Move

ICS and OT cybersecurity solutions provider TXOne Networks appoints Stephen Driggers as its new CRO.

Identity orchestration provider Strata Identity has appointed Aldo Pietropaolo as Field CTO.

Cybersecurity provider for the aviation industry Cyviation has appointed Eliran Almog as Chief Executive Officer.

Outpost24 has appointed Ido Erlichman as its new Chief Executive Officer.

Managed security platform Deepwatch has named John DiLullo as Chief Executive Officer.

More People On The Move
AT&T Data Breach AT&T Data Breach

Data breach exposed records of call and text interactions for nearly all AT&T’s wireless customers and has been linked to the recent attacks targeting Snowflake customers.

AI Regulation Challenges AI Regulation Challenges

Few people understand AI, nor how to use nor control it, nor where it is going. Yet politicians wish to regulate it.

BlastRADIUS BlastRADIUS

Security vendor InkBridge Networks calls urgent attention to the discovery of a decades-old design flaw (CVE-2024-3596) in the popular RADIUS protocol.

Top Cybersecurity Headlines

Seven nations are backing Australia in calling out a China-linked hacking group for compromising government networks.

On the eve of NATO’s 75th anniversary summit in Washington DC, Mandiant outlines the current state of cyberthreats facing NATO and aligned countries.

The Supreme Court’s striking down of the Chevron Doctrine will have a major effect on the determination and enforcement of cyber regulation in the US.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s annual cloud security virtual summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure and APIs.

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

Learn More

Vulnerabilities

Cybercrime

On Friday, the PCI Security Standards Council published a set of guidelines for organizations looking to get a handle on risk assessment and threat identification. Specifically, the guidelines relate to section 12.1.2 of the standard, and are drafted to act as a supplement to help businesses discover vulnerabilities and other threats to payment card data.

The Greatest Problem With the Perception of Cyberwar is That it is a Separate Thing to Conventional Warfare. That is Just the Novelty Factor.

TBILISI - Georgia has detained 11 senior police and Tbilisi's deputy mayor for alleged cyber spying on opposition leaders, in the latest arrest of officials who served under President Mikheil Saakashvili, prosecutors said Friday. The officials are accused of using a malware to access computers of political parties opposed to Saakashvili, whose long dominant party was defeated in the October parliamentary elections by a coalition led by billionaire Bidzina Ivanishvili.

JERUSALEM - Israel admitted Sunday it has been targeted in a mass cyber-warfare campaign that has witnessed millions of attempts to hack state websites since the start of its Gaza offensive four days ago. Finance Minister Yuval Steinitz told reporters the government had been forced to wage war on "a second front" -- of cyber attacks against Israel.

LockPath, an Overland Park, Kansas-based provider of governance, risk management and compliance (GRC) solutions, this week launched version 3.0 of its Keylight platform, an update that brings improved reporting features and new content integration capabilities, as well as advanced assessment tools.

The Xtreme RAT malware, which has been at the center of several reports of cyber attacks on Israel has expanded, researchers have discovered. This news follows a recent report from Norman ASA, who reported that the attack campaign has been going on now for more than a year.

Romania-based anti-virus firm BitDefender conducted a controlled test on Windows 8, in order to determine how strong the basic defenses were, and attempted to infect the new OS with some of the most common malware on the Web. When all was said and done, Redmond’s latest creation was found to be just as vulnerable to common malware as Windows 7, despite the compensating controls being pitched by the company.

Researchers from the Georgia Tech Information Security Center (GTISC) and the Georgia Tech Research Institute (GTRI), released their 2013 cyber-threat forecast on Wednesday. The report examines what they think will be the most serious issues online in the next twelve months. The face of cybersecurity has changed over the last year, the report says, as attackers have aligned with national agendas, and taken aim at businesses and governments alike.

WASHINGTON - A US commission on Wednesday urged lawmakers to consider tighter rules on investment by Chinese state-owned firms, warning that they may pose economic as well as security risks. In an annual report to Congress, the US-China Economic and Security Review Commission also called for efforts to bring China into arms reduction talks due to Beijing's growing expenditure on opaque weapons programs.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.