Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Report finds most organizations have suffered financial impact of $500,000 or more from cyberattacks on cyber-physical systems over past year.

Noteworthy stories that might have slipped under the radar: students dox people with Meta’s Ray-Ban smart glasses, OT hunting guide for water systems, NVD backlog still significant. 

Google Cloud makes new confidential computing options generally available and expands attestation support.

Inside the collapse of IronNet: Some say the firm collapsed, in part, because it engaged in questionable business practices, produced subpar offerings, and could have been vulnerable to meddling by the Kremlin.

Roundup of the 37 cybersecurity-related merger and acquisition (M&A) deals announced in September 2024.

Pixel 9 comes with improved security hardening mitigations against common exploits on cellular basebands.

Russian authorities have arrested 96 individuals suspected of having ties to US-disrupted UAPS and Cryptex cryptocurrency exchanges.

According to a barebones Apple advisory, the new iOS 18.0.1 fixes two bugs that expose passwords and audio snippets to malicious hackers.

The coordinated action resulted in the seizure of more than 100 domains used for spear-phishing targets in the US, UK, and Europe.

CISO salaries are getting higher and experience counts. Average annual compensation for these cybersecurity leaders is more than $550K.

The hack of a police system that exposed contact details of all Dutch police officers was almost certainly carried out by hackers working for a foreign government, the justice minister said.

People on the Move

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

Mario Duarte, formerly head of security at Snowflake, has joined Aembit as CISO.

Kevin Mandia has joined Expel’s board of directors and has been named chair of the board at SpecterOps.

More People On The Move
Fall of IronNet Fall of IronNet

Inside the collapse of IronNet: Some say the firm collapsed, in part, because it engaged in questionable business practices, produced subpar offerings, and could have been vulnerable to meddling by the Kremlin.

CISOs Salaries CISOs Salaries

CISO salaries are getting higher and experience counts. Average annual compensation for these cybersecurity leaders is more than $550K.

Rackspace Breach Rackspace Breach

A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day.

Top Cybersecurity Headlines

Cloudflare recently mitigated another record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion Pps. 

Previously seized LockBit websites have been used to announce more arrests, charges and infrastructure disruptions.

That dream of a decentralized privacy-retaining identity system able to combat AI-driven bots and deepfakes may not be as elusive as feared – courtesy of Tools for Humanity (TfH) and Worldcoin.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

The hacker alleged to be behind the Georbot attack against the country of Georgia has been caught on camera, the nation’s CERT has said. The eventual outing of the accused botmaster was the result of Georgia CERT’s work, where they used his own malware against him.

A dizzying array of services and products are available to people interested in embarking on the cyber-crime lifestyle. The offerings cover the entire criminal enterprise from getting started, distribution, and monetizing attacks, and aren't all that expensive, according to an analysis of the underground market by Trend Micro.

WASHINGTON - US telecom networks took a hit from superstorm Sandy, which knocked out some emergency call centers in the northeast, the Federal Communications Commission said Tuesday. FCC chairman Julius Genachowski told reporters that a "very small number" of emergency call centers were knocked out in the storm, causing urgent 911 calls to be rerouted, in some cases without the normal location identifiers.

Secunia, a Copenhagen, Denmark-based provider of vulnerability management solutions, has updated its vulnerability management platform to proactively alert organizations of software vulnerabilities so they can hopefully be addressed before infrastructure is compromised.

Storage giant EMC today said that it has signed a definitive agreement to acquire privately held Silver Tail Systems, a provider of web session intelligence and behavioral analytics for fraud and cybercrime detection.

Security firm Imperva has published its hacker intelligence report for October, which is the company’s second report focusing on the activity of one of the Web’s largest hacking forums. In addition to training resources, such as tutorials and scripts, Imperva also detected a market for social networking fraud. “By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts,” said Amichai Shulman, Imperva’s CTO.

A recent study by AT&T and the Polytechnic Institute of New York University (NYU-Poly) has discovered that while a majority of small businesses allow the use of mobile devices (phones and tablets), very few of them are taking any proactive measures when it comes to device security.

A new report from Trend Micro highlights how network traffic can be used to detect advanced persistent threats (APTs) through the correlation of threat intelligence.

According to The Hill, a blog reporting on Congressional activities, the cybersecurity bill that has had a rocky life in Washington is now likely dead. Both sides of the political spectrum are showing little interest in working out the issues.

On Friday, Mozilla issued another security fix for issues discovered after the release of Firefox 16.0.1, which if exploited, would allow Cross-Site Scripting (XSS) or code execution. The latest release is available now in the update channel and for direct download. Friday’s release marks the third time this month that security issues needed to be addressed. It’s also the 14th critical fix released for version 16.

WASHINGTON - It is expected to be the mother of all cyber diplomatic battles. When delegates gather in Dubai in December for an obscure UN agency meeting, fighting is expected to be intense over proposals to rewrite global telecom rules to effectively give the United Nations control over the Internet.

WatchGuard Technologies, a Seattle, Washington-based IT security solutions vendor, said early this week that its UTM security appliances will soon be able to configure themselves, thanks to “RapidDeploy”, a new cloud-based configuration utility.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.

ICS/OT

ICS/OT

Report finds most organizations have suffered financial impact of $500,000 or more from cyberattacks on cyber-physical systems over past year.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.