Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

The growing collaboration between authoritarian governments and criminal hackers has alarmed national security officials and cybersecurity experts.

New threat report shows that the potential for disruption to November’s Election Day is severe, and the threat is real.

A critical-severity flaw in GitHub Enterprise Server could lead to unauthorized access to the vulnerable instances.

Volkswagen has issued a statement after the 8Base ransomware group claimed to have stolen valuable data from the company’s systems.

CISOs from Box and Smartsheet discuss the route toward, the role within, and the future of being a successful CISO.

Splunk has released patches for multiple vulnerabilities in Splunk Enterprise, including two high-severity remote code execution flaws.

Door access controllers remain vulnerable to remote hacker attacks for extended periods of time, a researcher has found.

Automattic has rolled out updates for 101 Jetpack versions released over the past eight years to resolve a critical vulnerability.

Entry points in packages across multiple programming languages are susceptible to exploitation in supply chain attacks.

Intel and AMD respond to new attack methods named TDXDown and CounterSEVeillance that can be used against TDX and SEV technology.

With all sessions now available on demand, the online summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

People on the Move

Former Darktrace CEO Poppy Gustafsson has joined the UK government as Minister for Investment.

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn’s first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

More People On The Move
Trusted execution environment (TEE) vulnerabilities Trusted execution environment (TEE) vulnerabilities

Intel and AMD respond to new attack methods named TDXDown and CounterSEVeillance that can be used against TDX and SEV technology.

Iran cyberattacks Iran cyberattacks

The Iran-linked APT OilRig has intensified cyber operations against the United Arab Emirates and the broader Gulf region.

Fidelity Data Breach Fidelity Data Breach

Fidelity Investments is notifying 77,000 individuals that their personal information was compromised in a data breach.

Top Cybersecurity Headlines

OpenAI has disrupted 20 cyber and influence operations this year, including the activities of Iranian and Chinese state-sponsored hackers.

SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices.

Mozilla has released a Firefox 131 update to resolve CVE-2024-9680, a code execution vulnerability exploited in the wild as a zero-day.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

Stoke-on-Trent City Council (UK) has been smacked with a £120,000 fine for failing to secure sensitive information that was being transmitted electronically. The data, child protection documents, was accidentally delivered to a person not related to the case, and wasn’t properly encrypted the Information Commissioner’s Office (ICO) said, posing a significant breach of the Data Protection Act.

WASHINGTON - Defense Secretary Leon Panetta on Thursday demanded Congress take action after November elections to ensure stable funding for the US military and to break a partisan deadlock over the country's budget deficit. "When Congress returns to town after the election, there is a great deal of critical work that needs to be done," Panetta told a news conference.

According to a new report from the Anti-Phishing Working Group (APWG), an industry organization focused on combating phishing and cybercrime, the average uptime of phishing websites dropped during the first half of 2012. That’s a good thing, as the longer a site hosting phishing attack remains online and accessible, the more money and data cybercriminals can pilfer from victims.

LAS VEGAS - McAfee FOCUS - Xerox and McAfee unveiled a new layer of security protection for printers at the McAfee FOCUS 12 conference this week in Las Vegas. The two companies discussed how McAfee's Embedded Control software – a filtering method that allows only approved programs to get through - will be used by multifunction printers to prevent attacks.

LAS VEGAS - McAfee FOCUS 2012 - Solving security challenges to critical infrastructure companies requires partnerships between vendors, a panel of solution providers and experts said today at McAfee's Focus conference in Las Vegas. Working closely with suppliers, explained Gary Woodward, director of business development at Emerson Process Management and Water Solutions, ensures that products are integrated and working optimally.

The modern enterprise IT environment is extremely complex. A myriad of smartphones, tablets, applications and network devices, along with the growing use of virtualization and cloud services, all present an increasing volume of management and security concerns.

An assembly of tech giants including AMD, Honeywell, Intel, Lockheed Martin, and RSA, has come together to form the “Cyber Security Research Alliance”, a consortium that will focus on the "grand challenges" for cyber security and next generation technologies.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.