Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Lehigh Valley Health Network has agreed to pay a $65 million settlement in a class-action suit filed over a 2023 data breach.

Ireland’s Data Protection Commission said it has opened an inquiry into Google’s Pathways Language Model 2, also known as PaLM2.

“It’s critical to not only back up your critical workloads, but also to secure those backups against subsequent modification and deletion.”

SplxAI has raised $2 million in pre-seed funding to help organizations identify vulnerabilities in AI chat applications.

The Tel Aviv company attracts $15 million in a Series A investment to build an AI-powered compliance and risk management platform.

Intel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products.

Five reasons why “Ambulance Chasing” and mocking harm the security profession and are never a good idea.

Noise generated by the pixels on a screen can be leveraged to exfiltrate data from air-gapped computers in what is called a PIXHELL attack.

Microsoft has started introducing support for post-quantum algorithms in SymCrypt, its main cryptographic library.

Ivanti has released patches for multiple vulnerabilities in Endpoint Manager, Cloud Service Appliance, and Workspace Control.

Golf course management company KemperSports has disclosed a cyberattack and data breach impacting over 62,000 individuals. 

People on the Move

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

Exabeam has appointed Kish Dill as Chief Customer Success Officer.

Cloud networking firm Aviatrix has named John Qian as CISO.

CrowdStrike has appointed Kartik Shahani as vice president of India and SAARC.

More People On The Move
Intel CPU attack Intel CPU attack

Intel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products.

Windows Downgrade Attack Windows Downgrade Attack

Patch Tuesday: Microsoft raises an alarm for in-the-wild exploitation of a critical flaw in Windows Update.

AI Convention AI Convention

Signed on September 5, 2024, the AI Convention is a laudable intent but suffers from the usual exclusions and exemptions necessary to satisfy multiple nations.

Top Cybersecurity Headlines

An academic researcher has devised a new method of exfiltrating data from air-gapped systems using radio signals from memory buses.

Kaspersky’s customers in the US are being acquired by cybersecurity firm Pango and will be offered UltraAV antimalware software.

Researchers and the TSA have different views on the impact of vulnerabilities in an airport security application that could allegedly allow the bypass of certain airport security systems.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from cybersecurity experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

With the myriad of smartphone, tablets, applications and network security devices -- along with the growing use of virtualization and cloud services -- all presenting an increasing volume of management and security concerns, network and security complexity remains a major challenge.

Mexico City - Hackers claimed a cyber attack on the Mexican defense ministry website on Wednesday, posting a manifesto from the Zapatista rebel group for two hours. The name of the group "Anonymous Mexico" was visible on the website in front of a black background, with phrases from the manifesto of the Zapatista National Liberation Army (EZLN).

In a blog post examining cases from 2012, Verizon Business’ Andrew Valentine presented a tale of a critical infrastructure firm in the U.S. who called them into investigate suspicious VPN connections to China. As it turns out, this was no complex hack, just a lazy developer – or a smart one depending on how you view things.

Zettaset, a Mountain View, California-based provider of Big Data management and security solutions, announced on Wednesday that it has closed a $10 million Series B round of venture funding. The new cash will be used to expand research and development and sales and marketing in order meet increasing demand from enterprise customers, the company said.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

SaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to,...