Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

The bill was approved on a bipartisan basis, 273-147, though it will still have to clear the Senate to become law.

A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks.

Financial terms of the translation were not disclosed but reports out of Tel Aviv valued the deal in the range of $350 million.

Operational for at least ten years, RubyCarp has its own botnet, its own tools, and its own community of users that concentrate on cryptomining and credential phishing.

Noteworthy stories that might have slipped under the radar: Moscow sewage system hacked, a new women in cybersecurity report, PasteHub domain seized by law enforcement. 

Military planners envision a scenario in which hundreds, even thousands of AI-powered machines engage in coordinated battle.

Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar. 

Speaker Mike Johnson is expected to bring forward a Plan B that would reform and extend Section 702 of the Foreign Intelligence Surveillance Act for a shortened period of two years.

Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls.

Checkmarx warns of a new attack relying on GitHub search manipulation to deliver malicious code.

A critical vulnerability in multiple programming languages allows attackers to inject commands in Windows applications.

People on the Move

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

Certificate lifecycle management firm Sectigo has hired Jason Scott as its CISO.

The State of Vermont has appointed John Toney as the state’s new CISO.

The National Security Agency (NSA) appointed Dave Luber as its new cybersecurity director, after Rob Joyce retired from the agency on March 31.

Enterprise AI security firm TrojAI announced the appointment of Lee Weiner as CEO.

More People On The Move
Palo Alto Networks Palo Alto Networks

A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks.

Microsoft breach Microsoft breach

The US government says Midnight Blizzard’s compromise of Microsoft corporate email accounts “presents a grave and unacceptable risk to federal agencies.”

How AWS disrupts DDoS attacks and is tackling IP Spoofing at the source How AWS disrupts DDoS attacks and is tackling IP Spoofing at the source

SecurityWeek speaks to Tom Scholl, VP and distinguished engineer at AWS, on how the organization tackles IP Spoofing and DDoS attacks.

Top Cybersecurity Headlines

The bill was approved on a bipartisan basis, 273-147, though it will still have to clear the Senate to become law.

A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks.

Financial terms of the translation were not disclosed but reports out of Tel Aviv valued the deal in the range of $350 million.

Operational for at least ten years, RubyCarp has its own botnet, its own tools, and its own community of users that concentrate on cryptomining…

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit dives into Threat hunting tools and frameworks, and explores the value of threat intelligence data in the defender’s security stack.

Learn More

Vulnerabilities

Cybercrime

In an effort to increase the level of protection against Advanced Persistent Threats targeting the manufacturing and process industry, McAfee and Siemens have partnered together, today announcing that Siemens-Division Industry Automation is officially tested and compatible with McAfee Application Control.

New Product Family Delivers Secure, Unified Network Access and Application Control SolutionsJuniper Networks today announced availability of the Juniper Networks MAG Series Junos Pulse Gateways, designed to provide a single point of convergence for managing the secure network connectivity for the mobile workforce.

ESET today announced the availability of ESET NOD32 Antivirus 4 Business Edition for Linux Desktop and ESET NOD32 Antivirus 4 for Linux, the company's new security solutions for corporate workstations and home computers running Linux.

According to a report released today by Commtouch, malware sent via email increased by 400% in the last week of March 2011. Commtouch says this significant increase was detected two weeks after the Rustock botnet was taken down.The rustock botnet was taken down in early March by an effort headed by Microsoft in cooperation with authorities and the legal system. Following the takedown, when the Rustock botnet was no longer cranking out spam by the billions, global spam volumes fell...

Looking to move beyond traditional Network Intrusion Prevention Systems (IPS), McAfee today announced enhancements to its Network Security Platform, including enhanced botnet control through reputation intelligence, virtual network inspection and a traffic analysis port for network monitoring, forensics and other analysis engines.

While Fraudsters have the Capabilities of Stealing Millions of Credentials, Eventually They Can Cash Out Only as Many Mules as They Have Access to

Adobe announced today that a critical vulnerability (CVE-2011-0611) exists in its Flash Player that could cause a crash and potentially allow an attacker to take control of the affected system.Adobe said there have been reports that the vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment, targeting the Windows platform. Adobe says it isn't aware of any attacks via PDF targeting Adobe...

HP today announced the availability of its HP ePrint service App for iPhone, enabling iPhone users to unlock the power of the HP ePrint Enterprise solution which lets users print within their enterprise network via HP Managed Print Services. With the launch of the HP ePrint service App, iPhone users can now print emails, presentations, reports, travel documents and more to any networked enterprise printer.

Rapid7 and Sourcefire today announced a product integration which enables Sourcefire’s 3D System to integrate active vulnerability data from Rapid7’s active scanning solution, NeXpose Enterprise. The integration enables efficient prioritization of alerts and assessment of malicious intent, giving customers a more effective threat impact analysis, covering a wider range of vulnerabilities across more applications.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Cloud Security

Cloud Security

Financial terms of the translation were not disclosed but reports out of Tel Aviv valued the deal in the range of $350 million.