Now on Demand Ransomware Resilience & Recovery Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Malicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint.

Join this one-day virtual summit as we shine the spotlight on the shadowy dynamics of ransomware attacks and how you can best prepare your organization to defend against and recover from these relentless attacks.

Silicon Valley startup Anvilogic has raised $45 million in a Series C funding round led by Evolution Equity Partners.

United Nations Development Programme (UNDP) investigating a ransomware attack in which hackers stole sensitive data.

Five Eyes cybersecurity agencies have released joint guidance on securely deploying and operating AI systems. 

Cisco patches a high-severity Integrated Management Controller vulnerability for which PoC exploit code is available.

Cherry Health says the personal information of over 180,000 individuals was stolen in a ransomware attack.

LabHost, a major phishing-as-a-service platform, has been shut down as part of a major law enforcement operation. 

Cisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities.

Kapeka is a new backdoor that may be a new addition to Russia-link Sandworm’s malware arsenal and possibly a successor to GreyEnergy.

YL Ventures leads an early stage funding round for Miggo Security, a Tel Aviv startup working on application detection and response technology.

People on the Move

MSSP Dataprise has appointed Nima Khamooshi as Vice President of Cybersecurity.

Backup and recovery firm Keepit has hired Kim Larsen as CISO.

Professional services company Slalom has appointed Christopher Burger as its first CISO.

Allied Universal announced that Deanna Steele has joined the company as CIO for North America.

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

More People On The Move
LabHost phishing shutdown LabHost phishing shutdown

LabHost, a major phishing-as-a-service platform, has been shut down as part of a major law enforcement operation. 

Sandworm APT44 Sandworm APT44

Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44.

Oracle Oracle

Oracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update.

Top Cybersecurity Headlines

Malicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint.

Join this one-day virtual summit as we shine the spotlight on the shadowy dynamics of ransomware attacks and how you can best prepare your…

Silicon Valley startup Anvilogic has raised $45 million in a Series C funding round led by Evolution Equity Partners.

United Nations Development Programme (UNDP) investigating a ransomware attack in which hackers stole sensitive data.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit dives into Threat hunting tools and frameworks, and explores the value of threat intelligence data in the defender’s security stack.

Learn More

Vulnerabilities

Cybercrime

Few would doubt that insiders – those allowed access to certain IT resources within your organization – have the potential to wreak considerable damage. That's true whether they're scheming to physically damage IT systems, destroy the data held within them, or steal customer or corporate data to sell to criminals or competitors.

EMC today announced that it has acquired Virginia-based NetWitness Corporation, a privately-held provider of network security analysis solutions.

A report released this week coming from the largest association of data center professionals has suggested that with budget constraints and a tough economy, data center operators have been focused on immediate needs and paying less attention to disaster recovery planning and protecting against cyber attacks.

Bank of America announced this week that is has hired Patrick Gorman as chief information security officer and be responsible for the bank's information security strategy, policy and program.

Go ahead and click on the Viagra emails you’ve been warned about. Hackers don’t need to appeal to your libido to break into the company computer system. They have other compelling ways. These days they’ve been hanging around inside the network, building up profiles on company employees. By the time they have enough information and let loose their malware, you won’t even know that you were an unwilling accomplice in an advanced persistent threat.

A major milestone for DNSSEC has been reached today, as this morning DNSSEC was officially signed for the .Com TLD. Following several other Top Level Domains already supporting DNSSEC, the added level of security can now be enabled for the more than 90 million .Com names which have been registered according to VeriSign, the operator of .com.

Aggressive initiatives by the makers of popular Web browsers including Google, Microsoft, and Mozilla to improve the security of their Web browsers appear to be paying off.According to the Q3-Q4 Web Application Security Trends Report released today by Web application security firm Cenzic, the big Web browser companies seem to be paying very close attention to security, with many proactively seeking vulnerabilities by offering rewards or “bounties,” and seem to be efficient at fixing vulnerabilities in a timely manner.

Trustwave today announced updates and enhancements to ModSecurity, the open source web application firewall (WAF) engine for Apache, developed and managed by Trustwave's security team.ModSecurity enforces security policies to web transactions, reducing the risk of a web-based attack. As an open source technology, users and developers have been contributing to the community to help maintain the open source project that defends web applications.

Reports Show Significant Drops in Spam Levels Since Rustock Botnet Takedown - But Will Rustock Be Back?The Rustock Botnet was sending as many as 13.82 Billion spam emails each day before being taken down early this month by an effort headed by Microsoft in cooperation with authorities and the legal system.According to Symantec’s March 2011 MessageLabs Intelligence Report, the Rustock botnet had been responsible for an average of 28.5% of global spam sent from all botnets in March.

eBay announced today that it has agreed to acquire ecommerce and marketing services provider GSI Commerce for $2.4 billion in cash. It’s not a “done deal” yet, however, as under the terms of the merger agreement, GSI Commerce may solicit acquisition proposals from third parties for a 40-day “go-shop” period continuing through May 6, 2011.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Cloud Security

Artificial Intelligence

Cisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities.