Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Marriott agreed to pay $52 million and make changes to bolster its data security to resolve claims related to major data breaches that affected more than 300 million customers.

Palo Alto warns that attackers can access usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

A cyberattack continues to affect the largest regulated water and wastewater utility company in the US, renewing a focus on the importance of protecting critical infrastructure sites.

Google launches Global Signal Exchange (GSE), an initiative aimed at fostering the sharing of online fraud and scam intelligence.

CISA and the FBI have issued a warning on Iranian phishing attacks targeting national political organizations and campaigns.

New York anti-bot firm says new investment will drive adoption of AI techniques and expand into digital account protection and media security.

How simplifying complexity, enhancing visibility, and empowering analysis can address key challenges in modern cybersecurity operations and investigations.

Casio says a recent cyberattack has caused some system disruptions and it’s investigating whether a data breach has occurred. 

Online summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

CreditRiskMonitor says hackers may have accessed personal information of employees and independent contractors. 

The EU has set up a system for imposing sanctions against people accused of cyberattacks, information manipulation or acts of sabotage on behalf of Russia.

People on the Move

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn’s first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

More People On The Move
Palo Alto Networks Palo Alto Networks

Palo Alto warns that attackers can access usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

Microsoft AI Microsoft AI

Patch Tuesday: Redmond warns that attackers are rigging Microsoft Saved Console (MSC) files to execute remote code on targeted Windows systems. 

Qualcomm zero-day Qualcomm zero-day

Google and Amnesty have seen evidence that a Qualcomm chipset vulnerability tracked as CVE-2024-43047 may be exploited in the wild.

Top Cybersecurity Headlines

The largest U.S. water utility disconnects customer portal and suspends billing services following a cyberattack.

The perfctl malware has been targeting vulnerabilities and misconfigurations in millions of Linux systems, likely infecting thousands.

The China-linked group Salt Typhoon hacked AT&T and Verizon, possibly compromising wiretap systems, according to WSJ.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

Microsoft is prepping nine security bulletins to patch 21 vulnerabilities next week as part of Patch Tuesday.This month’s update features fixes for Microsoft Windows, Office, Internet Explorer and .NET/Silverlight. Four of the bulletins are rated ‘Critical.’ In particular, these bulletins affect Windows, the .NET Framework, Silverlight and Internet Explorer. The remaining bulletins are all rated ‘Important.’

Trustwave captured the public’s attention over the weekend, when its policy regarding subordinate root certificates led to the discovery that one of its customers used them to monitor their employee’s SSL communications. Reacting to the public’s ire, Trustwave explained the incident on its company blog, and promised to end the practice moving forward.

The Cloud is Very Different, but the Approach to Adoption Needs to go Back to Basics. Buyer Beware? No, buyer be Smart and Educated.

It is not surprising that customer records would be the main target for attackers. But a database of financial records from a major bank is not their most common target – instead it’s the food and beverage industry that has proved most appetizing.In its 2012 Global Security Report, Trustwave revealed that for the second year in a row, the food and beverage industry comprised nearly 44 percent of the data breach investigations in 2011. Retail businesses were the second largest...

Symantec confirmed with SecurityWeek today, that following claims from Anonymous that additional Symantec product source code would be released, the claims are true, and the said files are in fact the legitimate source code from its pcAnywhere product.

Clickjacking, a term coined by Jeremiah Grossman in 2008, is quickly becoming an extremely dangerous threat. Recent news coverage of enormous clickjacking schemes are bringing this type of threat to the forefront. The term clickjacking, for those not familiar, refers to a type of attack that’s designed to get individuals to unknowingly click on nefarious links or buttons. From there, hackers are able to garner confidential information, get users to take an action online they normally wouldn’t, or compromise their...

Symantec has updated its portfolio of backup products with new releases emphasizing speed and simplicity.In Symantec NetBackup 7.5, the company has added NetBackup Accelerator to speed backups. Other new features include NetBackup Replication Director, which integrates NetApp Snapshots with backup, and NetBackup Search, which allows the search and recovery of backup data.

On Monday, details emerged of what appeared to be an email exchange between a Symantec employee and a hacker using the alias “YamaTough” who claimed he was in possession of Symantec source code back in January, showing that the hacker may have attempted to extort the company, and that Symantec had been negotiating a deal to pay the hacker in exchange for the code not to be released. The exchange, however, was not between Symantec and the hacker, but between...

Visa today announced that U.S. banks have issued an estimated one million Visa-branded, EMV chip-enabled cards as the end of 2011. The milestone shows progress the industry is making toward implementing the more secure card technology, but the U.S. is far behind Europe in terms of adoption.

Hacker Sentenced to 30 Months in Prison for Hacking into Marriott Systems to Extort Employment from the CompanyA hacker who tried to land an IT job at Marriott by hacking into the company’s computer systems and then unwisely extorting the company into hiring him, has been sentenced to 30 months in prison.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.