Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

ThreatMate has raised $3.2 million in seed funding for its AI-powered attack surface management solution for MSPs.

Noteworthy stories that might have slipped under the radar: NanoLock Security ceases operations, NSO publishes transparency report, cybersecurity salaries data.  

Hospital Sisters Health System says the personal information of 883,000 individuals was compromised in a 2023 crippling cyberattack.

UK engineering firm IMI says it suffered a cyberattack that resulted in unauthorized access to some of its systems.

University Diagnostic Medical Imaging and Allegheny Health Network have disclosed data breaches impacting approximately 430,000 patients.

An analysis by Chainalysis shows that ransomware payments dropped to $813 million in 2024, from $1.25 billion in 2023. 

Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware.

A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.

Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.

Astra Security and Invary have received new funding to fuel development of their vulnerability scanning and runtime security solutions.

Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army.

People on the Move

Gigamon has promoted Tony Jarjoura to CFO and Ram Bhide has been hired as Senior VP of engineering.

Cloud security firm Mitiga has appointed Charlie Thomas as Chief Executive Officer.

Cynet announced the appointment of Jason Magee as Chief Executive Officer.

Ajay Garg has joined Saviynt as Chief Development Officer.

Penetration testing and offensive security firm Cobalt has named Gunter Ollmann as Chief Technology Officer.

More People On The Move
Healthcare data breach Healthcare data breach

Hospital Sisters Health System says the personal information of 883,000 individuals was compromised in a 2023 crippling cyberattack.

DeepSeek Ban DeepSeek Ban

A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices.

Natohub hacker arrested Natohub hacker arrested

Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army.

Top Cybersecurity Headlines

David Kennedy is a hacker. There is no doubt about that. He has qualities common among hackers, but also many differences.

Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched.

AMD has released patches for a microprocessor vulnerability found by Google that could allow an attacker to load malicious microcode.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Examine the state of cybersecurity in the context of quantum computing and artificial intelligence. Discuss the implications of the new White House administration’s cybersecurity policies and how they will influence the industry’s direction in 2025 and beyond.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Watch Now

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.(February 26, 2025)

Learn More

Supply Chain Security Summit
Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. (March 19, 2025)

Learn More

Vulnerabilities

Cybercrime

Attack Traffic Originating from The United States Jumped Nearly 37% in Q4 2011, Says Akamai Report.Internet infrastructure giant Akamai Technologies, released its Fourth Quarter, 2011 State of the Internet report on Monday which provides insights into global statistics including Internet penetration, mobile traffic and data consumption, connection speeds, and Internet attack traffic.

Business leaders need to take note quickly, and learn to recognize that information security risks are real risks to their success.

Stealthy Attacks Use Trusted Enterprise Systems and Trusted Networks, Making Detection DifficultSkilled attackers are burrowing their command and control (C&C) servers inside the networks of compromised businesses in order to circumvent security measures, according to a security expert familiar with the innovative new attack method.

Symantec Threat Report Reveals 81 Percent Increase in Malicious Attacks, Drop In Number of VulnerabilitiesIn its latest threat report released on Monday, Symantec revealed that while the number of vulnerabilities fell by 20% in 2011, it saw a significant increase in the number of malicious attacks. In addition, the report notes the fact that targeted attacks are spreading to organizations of all types and sizes.

Appliance Helps Accelerate Custom BYOD Policy EnforcementEnterasys Networks, a provider of network infrastructure and security solutions, today announced a new bring-your-own device (BYOD) solution designed to help address the increasingly complex and pressing concerns with the BYOD trend, including security, user experience, simplicity and flexibility.

The Cyber Intelligence Sharing and Protection Act (CISPA) passed on Thursday with a 248-168 vote in the U.S. House of Representatives. The vote was a day early, and was held just after a number of amendments were approved. As the bill heads to the U.S. Senate, its lost notable form a high profile company and faces a veto from the Obama Administration.

Oracle recently patched a flaw in the TNS Listener service as part of their update release in April. As it turns out, the TNS Poisoning patch didn’t apply to current versions of Oracle, leaving existing customers on their own. The TNS Poison bug has quite the history, researcher Joxean Koret reported the issue in 2008, but the flaw itself has likely existed since Oracle 8i.

Microsoft has patched a recently disclosed password reset vulnerability in Hotmail, which exposed a user base of some 360 million people to having their accounts compromised. Unfortunately, says Vulnerability Laboratory, the firm that discovered the flaw initially, the patch might not have arrived soon enough.

PRAGUE, CZECH REPUBLIC – Counter eCrime Operations Summit - The results of a recent study released by the Anti-Phishing Working Group (APWG) at its Counter-eCrime Operations Summit (CeCOS VI) taking place this week in Prague, showed that PayPal has lost its spot as the most phished brand globally.

CORE Security Technologies, a Boston, Massachusetts-based provider of security testing solutions, this week announced a significant update to its CORE Insight Enterprise security intelligence solution.According to the company, its latest offering helps security professionals identify critical exposures to their infrastructure and link them real-world business risks.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Cloud Security

Application Security

APIs are easy to develop, simple to implement, and frequently attacked. They are  prime and lucrative targets for cybercriminals. 

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.