Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Ireland’s Data Protection Commission said it has opened an inquiry into Google’s Pathways Language Model 2, also known as PaLM2.

“It’s critical to not only back up your critical workloads, but also to secure those backups against subsequent modification and deletion.”

SplxAI has raised $2 million in pre-seed funding to help organizations identify vulnerabilities in AI chat applications.

The Tel Aviv company attracts $15 million in a Series A investment to build an AI-powered compliance and risk management platform.

Intel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products.

Five reasons why “Ambulance Chasing” and mocking harm the security profession and are never a good idea.

Noise generated by the pixels on a screen can be leveraged to exfiltrate data from air-gapped computers in what is called a PIXHELL attack.

Microsoft has started introducing support for post-quantum algorithms in SymCrypt, its main cryptographic library.

Ivanti has released patches for multiple vulnerabilities in Endpoint Manager, Cloud Service Appliance, and Workspace Control.

Golf course management company KemperSports has disclosed a cyberattack and data breach impacting over 62,000 individuals. 

Google has released a Chrome 128 security update to resolve high-severity memory safety vulnerabilities.

People on the Move

Cloud networking firm Aviatrix has named John Qian as CISO.

CrowdStrike has appointed Kartik Shahani as vice president of India and SAARC.

Jill Popelka has been appointed CEO at Darktrace, after serving as COO for three months.

GitHub has appointed Alexis Wales as its new Chief Information Security Officer.

Cybersecurity and intelligence solutions provider Nightwing has appointed Christopher Jones as CTO and CDO.

More People On The Move
Intel CPU attack Intel CPU attack

Intel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products.

Windows Downgrade Attack Windows Downgrade Attack

Patch Tuesday: Microsoft raises an alarm for in-the-wild exploitation of a critical flaw in Windows Update.

AI Convention AI Convention

Signed on September 5, 2024, the AI Convention is a laudable intent but suffers from the usual exclusions and exemptions necessary to satisfy multiple nations.

Top Cybersecurity Headlines

An academic researcher has devised a new method of exfiltrating data from air-gapped systems using radio signals from memory buses.

Kaspersky’s customers in the US are being acquired by cybersecurity firm Pango and will be offered UltraAV antimalware software.

Researchers and the TSA have different views on the impact of vulnerabilities in an airport security application that could allegedly allow the bypass of certain airport security systems.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from cybersecurity experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

Hackers Breached An Adobe Server To Gain Access To Code Signing InfrastructureAdobe will be revoking a code signing certificate next week after discovering two pieces of malware that had been digitally signed with Adobe's credentials.

A new study by NSS Labs found Microsoft Internet Explorer outstripped the competition when it came to protecting users from socially-engineered malware. Google Chrome was a distant second, and performed dismally when blocking click-fraud malware, the research and testing company said.

While the world of malware creation may be mysterious to many, malicious apps that infect mobile devices are plentiful and easy to create. Because of readily available tools that enable even a novice developer to create mobile applications that fall on the dark side of the fence, users should be cautious when downloading and installing mobile apps, especially from non-official App Stores. 

On Tuesday, SourceForge and the phpMyAdmin project reported that one of their mirrors was serving a compromised version of the MySQL management application. The investigation is ongoing SourceForge said, but it is believed that the nvumber of potential victims were small.

The FTC has reached a settlement with seven rent-to-own companies, and the developer of a tracking tool, which the agency said was used to violate consumer privacy. The problem stems from the tool itself, which used a “Detective Mode” to track computers that were stolen or behind on payments.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

SaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to,...