Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

The prospect of criminal charges comes as the Justice Department has raised alarms about aggressive efforts by countries including Russia and Iran to meddle in the presidential election.

Google is rolling out new features in Chrome to better protect users online and to improve their control over personal data.

Operant AI, a startup specializing in runtime protection for cloud applications, APIs, and AI systems, secures new $10 million investment.

Realm.Security has emerged from stealth with $5 million in funding and a solution that helps organizations manage security data. 

Relentless in their methods, attackers will continue employing evasion tactics to circumvent traditional security measures.

Palo Alto Networks has fixed medium- and high-severity vulnerabilities in PAN-OS, Cortex XDR, ActiveMQ Content Pack, and Prisma Access Browser.

Aembit has raised $25 million in Series A funding to protect non-human identities and minimize attack surface.

Financial services giant Mastercard is acquiring Recorded Future from private equity firm Insight Partners for $2.6 billion.

Cisco has announced security updates that patch eight vulnerabilities in IOS XR software, including six high-severity bugs.

Hackers believed to be operating on behalf of the Iranian government have deployed malware to Iraqi government networks. 

Lehigh Valley Health Network has agreed to pay a $65 million settlement in a class-action suit filed over a 2023 data breach.

People on the Move

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

Exabeam has appointed Kish Dill as Chief Customer Success Officer.

Cloud networking firm Aviatrix has named John Qian as CISO.

CrowdStrike has appointed Kartik Shahani as vice president of India and SAARC.

More People On The Move
Mastercard acquires Recorded Future Mastercard acquires Recorded Future

Financial services giant Mastercard is acquiring Recorded Future from private equity firm Insight Partners for $2.6 billion.

Iran Iraq hacking Iran Iraq hacking

Hackers believed to be operating on behalf of the Iranian government have deployed malware to Iraqi government networks. 

Intel CPU attack Intel CPU attack

Intel on Tuesday published advisories covering more than 20 vulnerabilities affecting processors and other products.

Top Cybersecurity Headlines

Patch Tuesday: Microsoft raises an alarm for in-the-wild exploitation of a critical flaw in Windows Update.

Signed on September 5, 2024, the AI Convention is a laudable intent but suffers from the usual exclusions and exemptions necessary to satisfy multiple nations.

An academic researcher has devised a new method of exfiltrating data from air-gapped systems using radio signals from memory buses.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from cybersecurity experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

Constant demand for advanced malware, paired with a co-opetition model, this ecosystem directly impacts how quickly and efficiently new threats can spread.As malware gets progressively more complex, it’s important to understand how the major players in the malware industry fit together and how these relationships affect the ways that malware is developed, distributed and ultimately used in attacks.

Around this time last year you may have read my SecurityWeek article, The Optimist's Cybercrime Predictions for 2011. Now that the year is drawing to an end, I thought it would be an interesting opportunity to look back to my 2011 predictions and see how each of them panned out.

While the move is far from a total change of stance, it looks as if the Pentagon has started to open its heart and mind to something other than BlackBerry. According to the latest Security Technical Implementation Guide (STIG) overview, the Defense Department is open to the idea of devices running Android 2.2, but so far only one device has made the cut.

McAfee has come forward with its list of 2012 threat predictions, part of a longstanding tradition in the InfoSec community, which outline what it sees as the largest obstacles to personal and organizational security in the coming year.

The National Cyber Security Alliance (NCSA) and McAfee have produced a report examining the growing false sense of security displayed by mobile users, and how it could impact the nation overall.The research found that 70-percent of smartphone owners say they feel their device is safe from various types of cybercrime. Further, the same percentage said that they have never installed any form of security protection on their mobile device, and that they feel their device is safe from data theft...

Siemens has announced plans to patch a number of critical vulnerabilities in its SCADA software after a researcher accused the company of trying to brush the issue under the rug.In response to claims by security researcher Billy Rios that the company was dismissing reports of vulnerabilities, Siemens issued a statement noting that the company planned to patch a number of issues found by Rios and fellow researcher Terry McCorke next month.

In late November, news surfaced that researchers from Columbia University had discovered vulnerabilities in upgradeable firmware in HP laser printers that could be compromised and modified by an attacker, enabling them to do anything from overheating the printer, to compromising a network, with some saying that the devices could even be set up in flames.

Strategic Forecasting Inc. (Stratfor), a Texas-based intelligence firm that delivers paid briefings on a wide range of topics, suffered a pre-Christmas breach at the hands of those supporting the current incarnation of the AntiSec movement. The fallout has been devastating thus far, but according to comments from those familiar with the breach, this is only the beginning.

Instead of passively waiting for an intruder to trigger a trap you set, consider adding a truly proactive component to your SIEM strategy.Aren't IDS and Log Collectors great? Not so long ago, the problem that most security professionals had was a lack of information. Not any more! Now, many of us have more information than you can throw SQL queries at.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

SaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to,...