Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Report finds most organizations have suffered financial impact of $500,000 or more from cyberattacks on cyber-physical systems over past year.

Noteworthy stories that might have slipped under the radar: students dox people with Meta’s Ray-Ban smart glasses, OT hunting guide for water systems, NVD backlog still significant. 

Google Cloud makes new confidential computing options generally available and expands attestation support.

Inside the collapse of IronNet: Some say the firm collapsed, in part, because it engaged in questionable business practices, produced subpar offerings, and could have been vulnerable to meddling by the Kremlin.

Roundup of the 37 cybersecurity-related merger and acquisition (M&A) deals announced in September 2024.

Pixel 9 comes with improved security hardening mitigations against common exploits on cellular basebands.

Russian authorities have arrested 96 individuals suspected of having ties to US-disrupted UAPS and Cryptex cryptocurrency exchanges.

According to a barebones Apple advisory, the new iOS 18.0.1 fixes two bugs that expose passwords and audio snippets to malicious hackers.

The coordinated action resulted in the seizure of more than 100 domains used for spear-phishing targets in the US, UK, and Europe.

CISO salaries are getting higher and experience counts. Average annual compensation for these cybersecurity leaders is more than $550K.

The hack of a police system that exposed contact details of all Dutch police officers was almost certainly carried out by hackers working for a foreign government, the justice minister said.

People on the Move

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

Mario Duarte, formerly head of security at Snowflake, has joined Aembit as CISO.

Kevin Mandia has joined Expel’s board of directors and has been named chair of the board at SpecterOps.

More People On The Move
Fall of IronNet Fall of IronNet

Inside the collapse of IronNet: Some say the firm collapsed, in part, because it engaged in questionable business practices, produced subpar offerings, and could have been vulnerable to meddling by the Kremlin.

CISOs Salaries CISOs Salaries

CISO salaries are getting higher and experience counts. Average annual compensation for these cybersecurity leaders is more than $550K.

Rackspace Breach Rackspace Breach

A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day.

Top Cybersecurity Headlines

Cloudflare recently mitigated another record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion Pps. 

Previously seized LockBit websites have been used to announce more arrests, charges and infrastructure disruptions.

That dream of a decentralized privacy-retaining identity system able to combat AI-driven bots and deepfakes may not be as elusive as feared – courtesy of Tools for Humanity (TfH) and Worldcoin.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

Deloitte Survey Shows Few State CISOs Are Confident In Their States' Ability to Defend Against Cyber Attacks Less than a quarter of state chief information security officers were confident in their states' ability to safeguard data from attacks, according to a recent Deloitte & Touche survey. Only 32 percent of the CISOs felt state employees have the "required cyber-security competency."

OTTAWA - Canada "has been slow" to set up firewalls to protect against cyber threats to critical infrastructure, leaving the nation vulnerable to crippling attacks, the auditor general warned Tuesday. In a report, Auditor General Michael Ferguson said the government has made only "limited progress" over the past decade to safeguard electrical grids, telecommunications infrastructure, banking systems, manufacturing and transportation, as well as its own computers.

BRUSSELS - The European Commission outlined measures Tuesday to tighten controls on online gambling, a fast-growing, multi-billion-euro industry, to combat fraud, money laundering and rigging of sport fixtures. "Consumers, but more broadly all citizens, must be adequately protected," European internal markets commissioner Michel Barnier said.

Return Path, provider of email intelligence information and solutions, today launched two anti-phishing solutions that it says will arm brand marketers and IT security professionals with tools to protect their brands through visibility into known, unknown and potentially harmful, fraudulent email traffic.

The Federal Trade Commission has published a staff report containing guidelines and recommendations for companies that use facial recognition technologies. The compilation of best practices is aimed at protecting consumers when such technologies are deployed for purposes such as marketing.

According to its security roundup for Q3 2012, Trend Micro says that the number of high-risk and overall dangerous applications targeting the Android platform is more than five times the size it was last quarter.

Digital Guardian 6.1 Includes Advanced Malware Prevention, Detection and Containment, Extends Coverage to Windows 8 and iOS Verdasys, a Waltham, Massachusetts-based information security solutions provider, this week released Digital Guardian 6.1, a new solution touted by the company as the beginning of the DLP 3.0 era.

CloudLock, a provider of cloud data security solutions, today launched “CloudLock Apps Firewall”, a solution that the company says helps enterprises discover, classify and enable trusted third party mobile and web applications that require access to users’ Google Apps accounts and data.

TAIPEI - Taiwan legislators on Monday demanded a thorough evaluation of sensitive sectors in which China has invested or are open to Chinese investment. The move comes as Taiwan lifts restrictions on investments by China as the two former enemies forge closer economic ties. Parliament's defense committee passed a resolution from the ruling Kuomintang party calling on security authorities to follow similar moves in the United States and Britain.

Report Shows Notable Increase in Cross-Site Attacks In Q3 2012FireHost, a Dallas, Texas-based secure cloud hosting company, today revealed the findings of its latest web application attack report for the third quarter of 2012.

Researchers from two universities in Germany have published a paper on the state of SSL within several Android applications, and the findings were far from positive. According to their research, many of the tested applications failed to properly implement SSL, leaving millions of users – based on installation figures – exposed to basic Man-In-The-Middle (MITM) attacks.

On Friday, Microsoft announced that it has reached a settlement with Andrey N. Sabelnikov, a Russian software programmer, after naming him in the lawsuit surrounding the takedown of the Kelihos botnet. Friday’s announcement marked the close of the Kelihos case, which was initiated earlier this year, after last September’s takedown actions against the botnet itself.

BEIJING - US security fears over two China telecom firms have spotlighted Western suspicions Chinese companies are state-influenced, a culture clash analysts say could loom larger as the country's businesses look overseas.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.

ICS/OT

ICS/OT

Report finds most organizations have suffered financial impact of $500,000 or more from cyberattacks on cyber-physical systems over past year.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.