Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Intel Corp. co-founder Gordon Moore, who the breakneck pace of progress in the digital age with a simple 1965 prediction of how quickly engineers would boost the capacity of computer chips, has died. He was 94.

Dope.security raised $16 million in Series A funding for its fly-direct Secure Web Gateway (SWG).

The US Justice Department charged Conor Brian Fitzpatrick, founder of BreachForums, a major underground website for computer hackers.

Researchers at offensive hacking shop Synacktiv demonstrated successful exploit chains and were able to “fully compromise” Tesla’s newest electric car and take top billing at the annual Pwn2Own contest.

The U.S. government’s cybersecurity agency ships a new tool to help network defenders hunt for signs of compromise in Microsoft’s Azure and M365 cloud deployments.

A critical-severity flaw in the WooCommerce Payments WordPress plugin could allow attackers to take over site administrator accounts.

Proof-of-concept code to exploit a just-patched security hole in the Veeam Backup & Replication product has been published online.

CISA has sent notifications to more than 60 organizations as part of a new initiative to alert entities of early-stage ransomware attacks.

Join us for the virtual experience as we bring together security experts to discuss the complex nature of the supply chain problem, best practices for mitigating security issues.

A nearly six-hour grilling of TikTok’s CEO by lawmakers brought the platform’s 150 million U.S. users no closer to an answer as to whether the app will be wiped from their devices.

New CISA and NSA guidance includes recommended best practices for identity and access management (IAM) administrators.

On March 15, 2023, the SEC announced a proposal for new cybersecurity requirements for covered entities.

Intel’s newest vPro platform brings threat prevention features with dozens of security capabilities built into the silicon.

Tesla hacked at Pwn2wn Tesla hacked at Pwn2wn

Researchers at offensive hacking shop Synacktiv demonstrated successful exploit chains and were able to “fully compromise” Tesla’s newest electric car and take top billing at the annual Pwn2Own contest.

Intel vPro security Intel vPro security

Intel’s newest vPro platform brings threat prevention features with dozens of security capabilities built into the silicon.

Burnout in cybersecurity Burnout in cybersecurity

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Top Cybersecurity Headlines

Intel Corp. co-founder Gordon Moore, who the breakneck pace of progress in the digital age with a simple 1965 prediction of how quickly engineers…

Dope.security raised $16 million in Series A funding for its fly-direct Secure Web Gateway (SWG).

The US Justice Department charged Conor Brian Fitzpatrick, founder of BreachForums, a major underground website for computer hackers.

Researchers at offensive hacking shop Synacktiv demonstrated successful exploit chains and were able to “fully compromise” Tesla’s newest electric car and take top billing…

SecurityWeek Industry Experts

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents. (Sponsored by: Immersive Labs)

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems. (Sponsored by: Saviynt)

Register

Upcoming Virtual Events

Attack Surface Management Summit

As network defenders adopt Attack Surface Management tools to continuously monitor for signs of weaknesses, this event will share best practices and actionable information to reduce risk from exposed attack surfaces.

Learn More
Ransomware Resilience & Recovery Summit

This event will separate hype from reality. SecurityWeek’s Ransomware Resilience and Recovery Summit will help cybersecurity teams to plan, prepare, and recover from ransomware incidents that continue to impose major costs businesses.

Learn More
Supply Chain Security Summit

The surge in software supply chain attacks has sent defenders scrambling to find mitigations and solutions. This event will address the complex nature of the problem, best practices for mitigating security issues, and tools and frameworks available.

Learn More
Zero Trust Strategies Summit

Zero Trust is more than a marketing buzzword. In this event, security experts will decipher the confusing world of Zero Trust, and share war stories on securing organizations by eliminating implicit trust and continuously validating every stage of digital interaction.

Learn More

Vulnerabilities

Cybercrime

One third of small-to-medium-sized businesses (SMBs) experienced a malware or virus infection via social networks through July of this year, and 23 percent actually lost sensitive data via these networks, according to Panda Security’s first annual Social Media Risk Index.

McAfee today announced the discoveries in its 2010 “Digital Music & Movies Report: The True Cost of Free Entertainment” revealing a growing number of cyber threats associated with the popularity of online music and videos. McAfee researchers found that adding the word “free” to searches increases the risk of landing on a malicious site.

HP Acquires ArcSight for $1.5 Billion - $43.50 Per Share in CashHP (NYSE:HPQ) and ArcSight Inc. (Nasdaq:ARST) made an official announcement Monday morning that HP would acquire ArcSight for $43.50 per share in cash, valuing the company at $1.5 billion. ArcSight shares closed Friday at $35.10 giving ArcSight a market cap of $1.21 Billion.

In a recent investigation, it was discovered that cybercriminals are creating 57,000 new “fake” websites each week looking to imitate and exploit approximately 375 high-profile brands. eBay and Western Union were the most targeted brands, making up 44 percent of exploited brands discovered. Visa, Amazon, Bank of America and PayPal also heavily targeted by cybercriminals.Banks comprise the majority of fake websites by far with 65 percent of the total. Online stores and auction sites came in at 27 percent, with...

Secure electronic payment solutions provider VeriFone Systems, Inc. (NYSE: PAY), announced Wednesday that had acquired Semtek, an endpoint encryption solution company. The transaction is an all stock transaction in which Semtek shareholders will receive VeriFone common shares valuing the company at $18 million.

Cybercrime - Staring into the Eye of the BeastI have a problem. Actually, we all have a problem. You see, our life is gooood. Digitally, at least. We’re on the technology speed train, addicted, going full throttle without any desire to slow down. On the contrary, we strive to shift gears to quicken technology’s advancement. We can’t see our lives differently now and we’re expecting things to just get better. But here’s the problem – the bad-guys know this too.

The Norton Cybercrime Report: The Human Impact - Report Gauges Emotional Impact of Cybercrime, Shows 65% of Internet Users a Victim of CybercrimeCybercrime is real, it’s big, and it’s affecting a huge portion of the global Internet population.

Pareto Networks announced Daniel "Dan" Ryan, former executive vice president and general manager of McAfee's (MFE) network security business unit, will serve as CEO of the Cloud-based networking company.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Backslash Security banks seed-stage capital to build new technology to identify and mitigate “toxic code flows” in cloud-native applications.

Cloud Security

Cloud Security

The U.S. government’s cybersecurity agency ships a new tool to help network defenders hunt for signs of compromise in Microsoft’s Azure and M365 cloud...