Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Generative-AI security startup SydeLabs emerges from stealth mode with $2.5 million in seed funding led by RTP Global.

Noteworthy stories that might have slipped under the radar: US government conducting airline privacy review, SEC’s overreaching SolarWinds hack probe, MFA bombing of Apple users.

US Defense Department releases defense industrial base cybersecurity strategy with a focus on four key goals.

It is the CISO’s responsibility to build and maintain a high functioning team in a difficult environment – cybersecurity is a complex, continuous, and adversarial environment like none other outside of military conflict.

The US Department of Energy announces $15 million funding for university-based electric power cybersecurity centers.

Harvard Pilgrim Health Care says the personal information of over 2.8 million individuals was stolen in a year-old ransomware attack.

JetBrains patches 26 security issues in TeamCity and takes steps to avoid malicious exploitation of vulnerabilities.

U.S. federal agencies must show that their artificial intelligence tools aren’t harming the public, or stop using them, under new rules unveiled by the White House on Thursday. “When government agencies use AI tools, we will now require them to verify that those tools do not endanger the rights and safety of the American people,” […]

Maintainers of the Python Package Index (PyPI) repository were forced to suspend new project creation and new user registration to mitigate a malware upload campaign.

Splunk patches high-severity vulnerabilities in Enterprise, including an authentication token exposure issue.

A significant cybersecurity challenge arises from managing the immense volume of data generated by numerous IT security tools, leading organizations into a reactive rather than proactive approach.

Threat intelligence firm EclecticIQ documents the delivery of malware phishing lures to government and private energy organizations in India.

Coro has raised $100 million in Series D funding for its enterprise-grade platform tailored for the small- and mid-sized market.

Cisco has released patches for multiple IOS and IOS XE software vulnerabilities leading to denial-of-service (DoS).

Zafran has emerged from stealth mode with a risk and mitigation platform and $30 million in funding from Sequoia Capital and Cyberstarts.

he Complexity and Need to Manage Mental Well-Being in the Security Team he Complexity and Need to Manage Mental Well-Being in the Security Team

It is the CISO’s responsibility to build and maintain a high functioning team in a difficult environment – cybersecurity is a complex, continuous, and adversarial environment like none other outside of military conflict.

Threat Intelligence Report Threat Intelligence Report

In just the first two months of 2024, threat intelligence firm Flashpoint has logged dramatic increases in all major threat indicators.

AI vulnerability exploitation AI vulnerability exploitation

Disputed Ray AI framework vulnerability exploited to steal information and deploy cryptominers on hundreds of clusters.

Top Cybersecurity Headlines

Generative-AI security startup SydeLabs emerges from stealth mode with $2.5 million in seed funding led by RTP Global.

Noteworthy stories that might have slipped under the radar: US government conducting airline privacy review, SEC’s overreaching SolarWinds hack probe, MFA bombing of Apple…

US Defense Department releases defense industrial base cybersecurity strategy with a focus on four key goals.

It is the CISO’s responsibility to build and maintain a high functioning team in a difficult environment – cybersecurity is a complex, continuous, and…

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit dives into Threat hunting tools and frameworks, and explores the value of threat intelligence data in the defender’s security stack.

Learn More

Vulnerabilities

Cybercrime

Oracle unveiled Oracle Identity Management 11g Release 2 today, the latest version in its Identity Management platform. With Oracle Identity Management 11g, organizations can securely make the shift to cloud computing and rolling out mobile and social infrastructures, Oracle said. With so many applications living on mobile devices and in the cloud, it's important these applications get the same kind of management and security tools as the on-premise systems do.

By Including The Counterattack in IT Security Strategy Planning, Security Teams Can Quickly Change The Dynamics of a Cyber Attack...Any competent military commander knows that when put in a defensive position, defense forces are never be able to withstand long and sustained offensive attacks. The assumption that the front line of defense will eventually be breached is also true in the realm of the information security battle of defense.

What Should Financial Services Firms Look for to Ensure a Security Technology Can Address Their Needs?Perhaps no industry has a greater need for network and data security than the financial services industry. Widely considered to be ‘critical infrastructure,’ not only are banking and financial market networks handling the life savings of individuals, but the lifeblood of the global economy.

Two USB drives containing personal information on 2.4 million voters residing in districts within the Waterloo region of Southern Ontario, Canada were lost three months ago, according to recent disclosures from the agency who oversees general elections in Canada. Offering an explanation as to why Elections Ontario waited so long to release word of the breach, Greg Essensa, their chief electoral officer, said, “I did not want to make an irresponsible public notification or worry Ontarians needlessly.”

Cloud storage provider Dropbox, has taken on outside help in order to investigate a potential breach, which is being blamed as the reason for a sudden spike in spam directed at the service’s users.On Wednesday, users who said that they used unique email addresses when associating with Dropbox were seeing a massive flux in spam.InBoxes targeted by the spammer are seeing advertisements for EU Dice, Euro Gaming Palace, Premier Players Club, Vegas Virtual, SP Casino, and Best2day Support, and this...

ITWallStreet.com, a job board for IT talent looking to work in the financial district, was hacked on Wednesday – leaving some 50,000 users exposed. The attacker, going by Masakaki and claiming roots with TeamGhostShell, said the breach was part of a larger effort that focuses on financial institutions.ITWallStreet.com allows users to “discreetly connect with Wall Street’s IT career community.”

The Department of Homeland Security, through its Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), issued a warning last Friday about security vulnerabilities in the Tridium Niagara AX Framework, a popular software platform that integrates various control systems and devices and allows them to be managed over the Internet.The scary part? The security flaws were reported months ago, and permanent a fix has not yet been created.

Zero-day disclosures, new tools and exploits abound in this year's Black Hat conference in Las Vegas. Next week, the Caesar's Palace hotel in Las Vegas will host the 15th annual gathering of the minds in the world of security known as Black Hat USA.

Armed with an extra $22.4 million in its pocket following a Series C financing round announced just over a week ago, AlienVault, the San Mateo, California-based company behind open source SIEM, OSSIM, and the AlienVault Open Threat Exchange, today announced the latest version of its suite of security management products.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

BlueFlag Security emerges from stealth mode with $11.5 million in a seed funding round led by Maverick Ventures and Ten Eleven Ventures.

Cloud Security

Cloud Security

Please the fireside chat as Phil Bues, Cloud Research Manager at IDC, discusses the challenges and best practices for cybersecurity leaders managing cloud identities.