Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.

Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe. 

Noteworthy stories that might have slipped under the radar: a possible Adobe Reader zero-day, researchers mistakenly hijack .mobi TLD, and an exploited WhatsApp View Once bypass.

Apple has released a patch for Vision Pro after researchers showed how an attacker can obtain passwords typed by looking at keys.

The recently observed Hadooken malware targeting Oracle WebLogic applications is linked to multiple ransomware families.

A joint report from the Committees on China and Homeland Security warns of the security risks posed by Chinese cranes in US ports.

The designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate.

A 17-year-old from England has been arrested by the NCA over the recent cyberattack on Transport for London.

Doctor Web warns of the new Vo1d Android malware infecting roughly 1.3 million TV boxes running older OS versions.

GitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw.

Fortinet has confirmed suffering a data breach impacting customers after a hacker leaked files allegedly stolen from the company.

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

Exabeam has appointed Kish Dill as Chief Customer Success Officer.

Cloud networking firm Aviatrix has named John Qian as CISO.

More People On The Move
iPhone security iPhone security

Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.

CrowdStrike Microsoft CrowdStrike Microsoft

Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe. 

UK data centers UK data centers

The designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate.

Top Cybersecurity Headlines

Fortinet has confirmed suffering a data breach impacting customers after a hacker leaked files allegedly stolen from the company.

Financial services giant Mastercard is acquiring Recorded Future from private equity firm Insight Partners for $2.6 billion.

Hackers believed to be operating on behalf of the Iranian government have deployed malware to Iraqi government networks. 

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from cybersecurity experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

MANILA - Philippine President Benigno Aquino has signed into law a bill to combat cybercrime, his spokeswoman said Saturday, in a bid to stamp down on everything from forgery to child pornography. The bill will be a boost to law-enforcers who have previously complained of difficulty charging people who use the Internet to commit crimes as there were no legal codes that penalize their acts.

STOCKHOLM - The co-founder of The Pirate Bay filesharing website was on Friday detained in Sweden, days after his deportation from Cambodia, officials said. Gottfrid Svartholm Warg, 27, faces a one-year prison sentence for promoting copyright infringement in his home country.

SAN FRANCISCO - Internet rights champions on Friday were fearful that free speech online may be among the victims of violence spurred by an anti-Islam video posted to YouTube. A decision by YouTube parent Google to deny access to the video in Libya and Egypt even though the film's hateful message isn't aimed at a particular person was seen by some as a compassionate step onto a slippery slope.

WASHINGTON - The White House said Friday it had contacted video sharing website YouTube to ask for a review of an anti-Muslim movie that sparked riots and attacks on US diplomatic posts in the Arab World. National Security Council spokesman Tommy Vietor said that officials "reached out to YouTube to call the video to their attention and ask them to review whether it violates their terms of use."

By Taking The Approach of Assuming You Have Been Hacked, It Can Go a Long Way In Being Proactive About Possible Attacks...Information security practitioners have always considered "keeping the bad guys out" a core element of their profession, but the flood of highly-publicized security breaches (together with an unknown but likely higher number of unpublicized breaches) clearly demonstrates that we are not excelling at this task, to put things lightly.

Anonymous on Thursday posted credit card numbers in retaliation for what it claimed was an FBI raid arresting one of its members. The group said Barrett Brown was arrested in an FBI raid while participating in an online chat Wednesday. Contacted by AFP, the FBI declined to comment. But a video posted by the group, a loosely knit collective with no clearly defined leadership structure, showed the chat interrupted by what appeared to be a raid.

Cybersecurity services firm KEYW Corporation (NASDAQ: KEYW) announced after the bell on Thursday that it would acquire Sensage, Inc., a Redwood City, California-based provider of Security Information and Event Management (SIEM) and event data warehousing solutions, in a cash and stock deal valued at up to $34.5 million.

Government budgets are not infinite, but with some work, they can be made a bit more elastic. Stretching a budget however means finding efficiencies that will allow agencies to cut costs, and that, means understanding what your organization needs to protect and prioritizing, according to attendees at the (ISC)2 Security Congress in Philadelphia.

WASHINGTON - The leaders of a congressional probe into two Chinese telecom giants expressed fresh concerns Thursday about the firm's links to the Beijing government, as the companies defended their integrity.

Threat prevention provider FireEye, and Splunk, the recently gone public provider of software that helps organizations gather and make use of machine data from multiple sources, today announced the availability of Splunk for FireEye, an application that makes information on inbound and outbound events from

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

SaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to,...