Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

American Water is reconnecting and reactivating the systems that were taken offline earlier this week due to a cybersecurity incident.

What are CISOs and security leaders prioritizing versus the security operators?

Cybersecurity startup Simbian has launched three LLM AI Agents that work as virtual employees but with the speed, stamina, and accuracy of robots.

With all sessions now available on demand, the online summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

Doctor Web says no development or user data was compromised after pro-Ukraine hacktivists claimed the theft of 10 Tb of files.

The Internet Archive has been hacked and hit by a significant DDoS attack, with 31 million users reportedly being impacted by a data breach.

Risk management startup Cyrisma has raised $7 million in a Series A funding round led by Blueprint Equity.

SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices.

Continuous automated red teaming platform provider WatchTowr has raised $19 million in a Series A funding round. 

CISA has added a FortinetFortiOS vulnerability tracked as CVE-2024-23113 to its Known Exploited Vulnerabilities (KEV) catalog.

Mozilla has released a Firefox 131 update to resolve CVE-2024-9680, a code execution vulnerability exploited in the wild as a zero-day.

People on the Move

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn’s first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

More People On The Move
Windows Kernel Access Windows Kernel Access

SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices.

Firefox exploited Firefox exploited

Mozilla has released a Firefox 131 update to resolve CVE-2024-9680, a code execution vulnerability exploited in the wild as a zero-day.

Palo Alto Networks Palo Alto Networks

Palo Alto warns that attackers can access usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

Top Cybersecurity Headlines

Patch Tuesday: Redmond warns that attackers are rigging Microsoft Saved Console (MSC) files to execute remote code on targeted Windows systems. 

Google and Amnesty have seen evidence that a Qualcomm chipset vulnerability tracked as CVE-2024-43047 may be exploited in the wild.

The largest U.S. water utility disconnects customer portal and suspends billing services following a cyberattack.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

On Tuesday, SourceForge and the phpMyAdmin project reported that one of their mirrors was serving a compromised version of the MySQL management application. The investigation is ongoing SourceForge said, but it is believed that the nvumber of potential victims were small.

The FTC has reached a settlement with seven rent-to-own companies, and the developer of a tracking tool, which the agency said was used to violate consumer privacy. The problem stems from the tool itself, which used a “Detective Mode” to track computers that were stolen or behind on payments.

Network security provider Arbor Networks has teamed with Alcatel-Lucent to establish a new proof-of-concept laboratory in Singapore for communications service providers to conduct testing of technologies to fight distributed denial-of-service (DDoS) attacks.

DUBAI - An Islamist group on Tuesday said it will carry out new cyber attacks on US banking targets, according to SITE Intelligence Group, following similar attacks last week in response to an anti-Islam film.

Some Twitter users are getting hit with a malware attack that is spreading through direct messages. The messages take a variety of forms, noted Sophos Senior Technology Consultant Graham Cluley, including one where the recipient is told something about them has been posted on Facebook. In one iteration, the message says: "your in this" and includes a link to Facebook.  

PARIS - The French government on Tuesday summoned Facebook managers to explain rumors that some users' old private messages were being posted publicly on the social network. Facebook denied the rumors that personal messages were appearing on the users' "Timelines" which can be accessed by a large Internet audience.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.