Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Schneider Electric, Siemens, CISA, and Phoenix Contact have released January 2025 Patch Tuesday ICS security advisories.

Patch Tuesday: Adobe ships patches for more than a dozen security defects in a wide range of software products.

Patch Tuesday: Microsoft’s January Patch Tuesday rollout includes fixes for 160 security defects, the largest number of CVEs addressed in any single month since at least 2017.

The executive order comes on the heels of the Biden administration’s proposed restrictions on exports of AI chips, an attempt to balance national security concerns about the technology with economic interests of producers and other countries.

Since no technical means have been found to curtail criminal extortion through prevention or attack, the new proposal is to eliminate its profitability.

WEF’s Global Cybersecurity Outlook 2025 report highlights key challenges like the skills gap, third-party risks, and resilience disparities between businesses and private sectors.

BforeAI has raised $10 million in Series B funding, which brings the total raised by the security firm to more than $30 million.

With a security-first culture fully in play, developers will view the protected deployment of AI as a marketable skill, and respond accordingly.

Apparently malicious NPM packages linked to Snyk raised some concerns, but the security firm clarified that it’s part of a research project.

New York identity management startup raises $36 million in an unusually large seed round co-led by Team8 and Intel Capital.

Cyber threat intelligence can inform decisions but is a complex issue. Where it is complete and accurate it is a huge boon.

People on the Move

Stephanie Crowe has been appointed head of the Australian Cyber Security Centre (ACSC).

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

Adam Zoller has joined CrowdStrike as Chief Information Security Officer.

Ekta Singh-Bushell is the first COO of industrial cybersecurity company Dragos.

More People On The Move
zero-day flaw zero-day flaw

Patch Tuesday: Microsoft’s January Patch Tuesday rollout includes fixes for 160 security defects, the largest number of CVEs addressed in any single month since at least 2017.

Cloud attacks exploiting Aviatrix vulnerability Cloud attacks exploiting Aviatrix vulnerability

Attackers are exploiting a critical vulnerability in Aviatrix Controller to execute arbitrary code in AWS cloud environments.

Treasury Hacked by China Treasury Hacked by China

Chinese cyberspies targeted offices dealing with foreign investments and sanctions in the recent US Treasury hack. 

Top Cybersecurity Headlines

A research project into vulnerabilities affecting Microsoft’s PlayReady DRM raises some questions on responsible disclosure.

Google Cloud’s Mandiant has linked the exploitation of CVE-2025-0282, a new Ivanti VPN zero-day, to Chinese cyberspies.

Ivanti confirms zero-day exploitation of a remotely exploitable code execution flaw in its Connect Security product line.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Explore trends and technologies that will shape the future of cybersecurity. Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.(February 26, 2025)

Learn More

Supply Chain Security Summit
Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. (March 19, 2025)

Learn More

Vulnerabilities

Cybercrime

Chances are you’ve never heard of Dr. John Snow. But the methods he used more than 150 years ago to solve the mystery of a cholera outbreak in London can be applied today to help you get to the heart of a malware outbreak in your enterprise.

BEIJING - Chinese state media stepped up the war of words Thursday over allegations of sophisticated cyberattacks on US firms, branding the accusations a "commercial stunt" and accusing Washington of ulterior motives.

WASHINGTON - Amid rising concern over alleged cyber crime originating from China, the White House will unveil a new plan Wednesday to help US firms thwart the theft of billions of dollars in trade secrets.

Discussions on making the Internet as secure as possible began alongside the growth of the Internet. And we’re still having those discussions because, as the Internet has evolved, so have the ways of securing it. Every aspect of the Internet calls for a unique means of being secured. As one example, let me address Internet security and domain names.

In a blog post on the company’s war against scams and spam, Google announced on Tuesday that they’ve worked-up a method that is stopping nearly all of the attacks aimed at Gmail account holders. According to the data, only .3% of the malicious or potentially unwanted messages are hitting inboxes.

BEIJING - China's defense ministry Wednesday rebuffed a report linking its People's Liberation Army to sophisticated cyberattacks on US firms, saying there was no internationally agreed definition of hacking.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.