Connect with us

Hi, what are you looking for?


Latest Cybersecurity News

Republican Gov. Phil Scott said the legislation would have made Vermont “a national outlier and more hostile than any other state to many businesses and non-profits.”

Security researchers at Cisco Talos and Volexity flag two Pakistani espionage campaigns targeting Indian government entities.

Retired U.S. Army General Paul M. Nakasone brings cybersecurity experience to OpenAI’s Board of Directors and Safety and Security Committee.

The increase in mass exploitation involving edge services and devices is likely to worsen.

Ascension says patient information was stolen in an early-May ransomware attack that involved an employee downloading malware.

Noteworthy stories that might have slipped under the radar: Overview of the ICS malware Fuxnet, Google accused of tracking users, scammers impersonate CISA staff.

Rockwell Automation has patched three high-severity vulnerabilities in its FactoryTalk View SE HMI software.

CISA urges federal agencies to apply mitigations for an exploited Progress Telerik vulnerability as soon as possible.

Microsoft is not rolling out Recall with Copilot+ PCs as it’s seeking additional feedback and working on improving security.

YesWeHack has raised more than $52 million to date to build and market a crowdsourced vulnerability reporting platform.

Pyte has raised $5 million for its secure computation platform, bringing the total investment in the company to $12 million. 

People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

Megan Samford named Chief Security Officer of Schneider Electric’s US National Security Agreements & US Federal Business.

Timothy Yost has been named Chief Financial Officer at BlueVoyant.

More People On The Move
Windows Recall security Windows Recall security

Microsoft is not rolling out Recall with Copilot+ PCs as it’s seeking additional feedback and working on improving security.

ICS vulnerabilities ICS vulnerabilities

Analysis and insights on the prevalence and impact of password exposure vulnerabilities in ICS and other OT products.

Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited

Microsoft’s June 2024 Patch Tuesday updates resolve a zero-click Outlook vulnerability leading to remote code execution.

Top Cybersecurity Headlines

The TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure.

Apple has released a visionOS update that patches CVE-2024-27812, which may be the first flaw specific to the VR headset.

Arm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks.

Mandiant says a financially motivated threat actor has compromised hundreds of Snowflake instances using customer credentials stolen via infostealer malware that infected non-Snowflake owned systems.

Fortinet announces plans to acquire Lacework, a late-stage cloud security startup that was once listed as a “unicorn” company valued north of $1 billion.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn how you can transform your security strategy to build your organization’s resilience in the face of evolving threats.


The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.


Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit dives into Threat hunting tools and frameworks, and explores the value of threat intelligence data in the defender’s security stack.

Learn More



Data and voice communications provider, MegaPath, has entered the growing Managed Security Services market this week, announcing a suite of Security as a Service (SaaS) offerings.MegaPath was founded in 1996 and merged with Speakeasy and Covad Communications in 2010. MegaPath Managed Security Services customers aren’t required to be MegaPath connectivity customers, as it offers on-premises security services, allowing customers to leverage the Internet connection of their choice.

Malware targeting social networks appears to be the latest growing threat to mobile security. With people being “always connected” on mobile devices, and often not a full screen to easily see URL’s and click through destinations, it’s no surprise that mobile devices are appearing as the first device users are responding to threats with.

AirTight Delivers Managed Wi-Fi Access, PCI Scanning and Network Security in a Single Device AirTight Networks, a provider of Wireless intrusion prevention systems and services, has announced the launch of AirTight Cloud Services, a new suite of managed services which adds Wi-Fi access to its portfolio of on-demand wireless security and compliance solutions.

Strategies and Considerations for Securing Private Cloud EnvironmentsOn the back end of private cloud environments you’ll find multiple flavors of virtual software loaded directly onto hardware. This virtual software is essentially the host operating system. VM Host is the base hypervisor and hardware. Think of it as the house. The guest operating systems (Guest OSs) are the virtual machines living in the house.

Security Professionals are Plagued with Lack of Resources, too Much Work, too Little Time, and Competing Priorities. As a Result, we end up with Incomplete Security. If information security were simple, I would have been out of a job years ago. But we don't need to make it more complex than it is.

SonicWALL released its 2010 end-of-year summary of cyber-security intelligence today, revealing global trends in malicious network activity and application usage across its customer base.SonicWALL’s data, collected from over 30 countries worldwide, showed spikes in vulnerabilities on Mondays and Tuesdays, points to seasonal trends in threats associated with specific types of malware, with the most active time for threat-related traffic in the United States being between the hours of 10:00 AM. and 11:00 AM PST.

Zscaler, a provider of cloud-based security services, has hired Dr. Amit Sinha who will join the company as Chief Technology Officer to lead research and development initiatives of the company's emerging technologies.

Comprehensive Full-Disk Encryption Solution Helps Organizations Deploy, Maintain and Manage Data Security Protection Transparently Across Multiple PlatformsFull-disk encryption software provider WinMagic today launched the latest release of its full-disk encryption solution that helps organizations seamlessly data protection with existing security policies on Windows 7 (32 and 64 bit)/Vista/XP, Mac OS X Tiger/Leopard/Snow Leopard and/or Linux platforms.

Sourcefire Acquires Immunet Adding Cloud-Based Anti-Malware Technology to its PortfolioSourcefire announced late today that is has acquired Immunet, a cloud-based anti-malware technology company. Under the agreement, Sourcefire will pay $21 million in cash for Immunet, including $17 million up front and $4 million over the next 18 months upon achievement of delivery milestones.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

A critical vulnerability tracked as CVE-2024-34359 and dubbed Llama Drama can allow hackers to target AI product developers.

Cloud Security