Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

ARPA-H has announced a $50 million investment in tools to help IT teams better secure hospital environments.

Rockwell Automation is concerned about internet-exposed ICS due to heightened geopolitical tensions and adversarial cyber activity globally.

Veeam Backup Enterprise Manager update resolves multiple vulnerabilities, including a critical authentication bypass.

Critical vulnerability in GitHub Enterprise Server allows unauthenticated attackers to obtain administrative privileges.

Ivanti has released product updates to resolve multiple vulnerabilities, including critical code execution flaws in Endpoint Manager.

SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit takes place on Wednesday, May 22nd as a fully immersive virtual summit.

Claroty shows how Honeywell ControlEdge Virtual UOC vulnerability can be exploited for unauthenticated remote code execution.

Google released a Chrome 125 update to resolve four high-severity vulnerabilities reported by external researchers.

As chatbots become more adventurous, the dangers will increase.

Leading artificial intelligence companies made pledge to develop AI safely, while world leaders agreed to build a network of publicly backed safety institutes to advance research and testing of the technology.

QNAP rolls out patches for multiple vulnerabilities after proof-of-concept exploit published for a remote code execution vulnerability.

People on the Move

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

Joe Levy has been appointed Sophos’ permanent CEO, and Jim Dildine has been named the company’s CFO.

CISA executive assistant director for cybersecurity Eric Goldstein is leaving the agency after more than three years.

OT zero trust access and control company Dispel has appointed Dean Macris as its CISO.

More People On The Move

As chatbots become more adventurous, the dangers will increase.

CISA CISA

CISA has added CVE-2023-43208, an unauthenticated remote code execution vulnerability, to its KEV catalog. 

Google Cloud AI Features Google Cloud AI Features

Google is invoking the ‘monoculture’ word in response to a scathing U.S. government report on Microsoft’s inadequate cybersecurity practices.

Top Cybersecurity Headlines

ARPA-H has announced a $50 million investment in tools to help IT teams better secure hospital environments.

Rockwell Automation is concerned about internet-exposed ICS due to heightened geopolitical tensions and adversarial cyber activity globally.

Veeam Backup Enterprise Manager update resolves multiple vulnerabilities, including a critical authentication bypass.

Critical vulnerability in GitHub Enterprise Server allows unauthenticated attackers to obtain administrative privileges.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit dives into Threat hunting tools and frameworks, and explores the value of threat intelligence data in the defender’s security stack.

Learn More

Vulnerabilities

Cybercrime

Penetration Testing Platform Introduces Interface for SIEM Integration, Public and Private Cloud Deployments, Brings New SCADA Exploits and MoreRapid7, a Boston-based provider of vulnerability management and penetration testing solutions, today announced the launch of Metasploit Pro 4.0, the latest edition of its penetration testing solution.

Good Software to be Offered with SteelCloud's Appliance Technology to Deliver iPhone and Android Security to the GovernmentSteelCloud, Inc. and Good Technology today announced a partnership that will bring together SteelCloud and Good Technology's Good For Government™ enterprise-class mobile mail and personal information management solution to address government mobile security requirements.

WhiteHat Security, a provider of website risk management solutions, has secured $8 million in new capital to fuel company growth. In its growth plans, the in Santa Clara, California based company says it will open a Threat Research Center in Houston, Texas, and increase its staff nearly sixty percent in 2011. The company also is rumored to have a new product line in the works.

Passware, a provider of password cracking software, today said that the latest edition of its flagship password cracking forensic suite, Passware Kit Forensic v11, can extract Mac OS X Lion user login passwords from system memory in a matter of minutes.

The number of top-level domains on the Internet is set to increase dramatically over the next few years. Today's familiar .com, .org and .info addresses are going to be supplemented with dozens or hundreds of new extensions such as .blog, .sport, .london, .music and .gay. This rapid expansion will happen under the new generic top-level domain (gTLD) program launched by ICANN, the non-profit organization that oversees the Domain Name System (DNS).

F5 Networks announced enhancements to its application and data security solutions designed to help customers combat cyber attacks and prevent loss of service and data.

Data security firm Imperva, today released the results of study which revealed that web applications are probed or attacked about 27 times per hour or about once every two minutes.As a part of the company’s ongoing Hacker Intelligence Initiative, Imperva monitored and categorized more than 10 million individual attacks across the internet, including attacks witnessed via onion router (TOR) traffic as well as attacks targeting 30 different enterprise and government web applications.

Oslo, Norway based Norman, a provider of malware analysis solutions, today announced the launch of its next generation malware analysis platform, Norman Malware Analyzer G2.The G2 platform incorporates new sandboxing technology that emulates Windows environments, enabling malware analysts to observe malware’s behavior – including in virtualized environments – without putting live, operational systems at risk.

A hacker that had been found with more than 675,000 stolen credit card numbers that reportedly led to loses totaling more than $36 million, was sentenced on Friday to 120 months in prison. After pleading guilty on April 21, 2011, Rogelio Hackett Jr., 25, of Lithonia, Georgia, was slapped with a maximum prison sentence and ordered to pay a $100,000 fine by a U.S. District Judge in Alexandria, Virginia, for trafficking in counterfeit credit cards and aggravated identity theft.

When he was a puppy, my dog watched a lady bug crawl across a window on our back porch. Eventually, the lady bug fell, and as it lay upside down on the carpet flipping its wings and wiggling its legs, my dog snapped it up, licking his chops. He immediately started gacking, and soon spit the lady bug back out, scraping the roof of his mouth with his tongue. Later that day, another lady bug dropped next to him, and...

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

A critical vulnerability tracked as CVE-2024-34359 and dubbed Llama Drama can allow hackers to target AI product developers.

Cloud Security

Cloud Security

Google is invoking the 'monoculture' word in response to a scathing U.S. government report on Microsoft's inadequate cybersecurity practices.