Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

The growing collaboration between authoritarian governments and criminal hackers has alarmed national security officials and cybersecurity experts.

New threat report shows that the potential for disruption to November’s Election Day is severe, and the threat is real.

A critical-severity flaw in GitHub Enterprise Server could lead to unauthorized access to the vulnerable instances.

Volkswagen has issued a statement after the 8Base ransomware group claimed to have stolen valuable data from the company’s systems.

CISOs from Box and Smartsheet discuss the route toward, the role within, and the future of being a successful CISO.

Splunk has released patches for multiple vulnerabilities in Splunk Enterprise, including two high-severity remote code execution flaws.

Door access controllers remain vulnerable to remote hacker attacks for extended periods of time, a researcher has found.

Automattic has rolled out updates for 101 Jetpack versions released over the past eight years to resolve a critical vulnerability.

Entry points in packages across multiple programming languages are susceptible to exploitation in supply chain attacks.

Intel and AMD respond to new attack methods named TDXDown and CounterSEVeillance that can be used against TDX and SEV technology.

With all sessions now available on demand, the online summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

People on the Move

Former Darktrace CEO Poppy Gustafsson has joined the UK government as Minister for Investment.

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn’s first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

More People On The Move
Trusted execution environment (TEE) vulnerabilities Trusted execution environment (TEE) vulnerabilities

Intel and AMD respond to new attack methods named TDXDown and CounterSEVeillance that can be used against TDX and SEV technology.

Iran cyberattacks Iran cyberattacks

The Iran-linked APT OilRig has intensified cyber operations against the United Arab Emirates and the broader Gulf region.

Fidelity Data Breach Fidelity Data Breach

Fidelity Investments is notifying 77,000 individuals that their personal information was compromised in a data breach.

Top Cybersecurity Headlines

OpenAI has disrupted 20 cyber and influence operations this year, including the activities of Iranian and Chinese state-sponsored hackers.

SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices.

Mozilla has released a Firefox 131 update to resolve CVE-2024-9680, a code execution vulnerability exploited in the wild as a zero-day.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

BEIJING - Professional social networking websites such as LinkedIn trying to tap into China's vast business world are finding a formidable domestic foe -- the ingrained system of personal connections known as "guanxi".

WASHINGTON - Taiwan-based electronics maker HTC settled charges with US regulators that it failed to provide adequate security for smartphones and tablet computers sold to Americans, officials said Friday.

SAN FRANCISCO - Microsoft joined Facebook and Apple on Friday on the list of US technology titans targeted in recent cyberattacks.

For a brief time on Thursday, NBC.com, as well as other brand-related domains, were hijacked and used to deliver malware to visitors. The broadcasting corporation is still working to determine how the compromise occurred and how long the malicious code existed on their Web-based properties.

Over the years, I have heard variations of the thought that is roughly: “I don’t have to secure these systems because they will be reset tomorrow”. I used to hear this from kiosk vendors and libraries, but I now hear it from organizations that are rolling-out Virtual Desktop Infrastructure (VDI) and public cloud initiatives.

BEIJING - China's full-throated denials of hacking and counter-accusations of its own do nothing to allay growing concern over large-scale cyberspying alleged in a bombshell report this week, Western analysts said.

Earlier this week, Mac security firm Intego discovered a new type of malware for Mac OS X, which will pose a bit of a problem when it comes to protection, given its use of Open SSH. Yet, while there is speculation, the methods used to propagate the malicious code remains unknown.

LONDON - A Pakistani student failed Thursday in a High Court bid to avoid extradition from Britain to the United States on computer hacking allegations stemming from an FBI "sting". Usman Ahzaz, 24, came to Britain to study for a degree in information systems and computing.

Chances are you’ve never heard of Dr. John Snow. But the methods he used more than 150 years ago to solve the mystery of a cholera outbreak in London can be applied today to help you get to the heart of a malware outbreak in your enterprise.

BEIJING - Chinese state media stepped up the war of words Thursday over allegations of sophisticated cyberattacks on US firms, branding the accusations a "commercial stunt" and accusing Washington of ulterior motives.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.