CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Veeam releases patches for two vulnerabilities in Service Provider Console, including a critical-severity remote code execution bug.

Russia’s Turla hackers hijacked 33 command servers operated by Pakistani hackers who had themselves breached Afghanistan and Indian targets.

Crimenetwork, the largest German-speaking online crime marketplace, has been shut down and one of its admins has been arrested.

Tuskira is working on an AI-powered security mesh promising to integrate fragmented security tools and mitigate risk exposure in real time.

A second vulnerability in Zyxel firewalls has been exploited in Helldown ransomware attacks over the past weeks.

Government agencies issue guidance on Chinese telecoms hacking as US officials say threat actors may have yet to be expelled. 

SecurityWeek’s Cyber AI & Automation Summit takes place on December 4th, as a fully immersive online experience.

Even with careful and deliberate hiring, enterprise security teams will find themselves with a charlatan from time to time.

Google has released patches for 14 high-severity vulnerabilities as part of Android’s December 2024 security update.

Supply chain attack leads to decentralized application developers downloading backdoored versions of the Solana Web3.js library.

Law enforcement has taken down yet another encrypted messaging service used by criminals, but not before spying on its users.

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

Video platform Vimeo has appointed Ryan Weeks as Chief Information Security Officer.

LPL Financial has welcomed Renana Friedlich as Chief Information Security Officer.

More People On The Move
Russian APT zero-day Russian APT zero-day

Russia’s Turla hackers hijacked 33 command servers operated by Pakistani hackers who had themselves breached Afghanistan and Indian targets.

Solana Web3 supply chain attack Solana Web3 supply chain attack

Supply chain attack leads to decentralized application developers downloading backdoored versions of the Solana Web3.js library.

Dan McInerney, Protect AI Dan McInerney, Protect AI

McInerney’s path to becoming a hacker is subtly different to many other hackers. He started as a 22-year old psychology graduate rather than a computer-obsessed 9-year old kid.

Top Cybersecurity Headlines

The ‘Bootkitty’ prototype UEFI bootkit contains an exploit for LogoFAIL and was created in a South Korea university program.

Russian authorities have reportedly arrested Mikhail Matveev, who is wanted by the US for ransomware attacks against critical infrastructure.

Microsoft informed customers that vulnerabilities affecting cloud, AI and other services have been patched, including an exploited flaw.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack Demonstration to learn how hackers operate and gain knowledge to strengthen your defenses against deepfake and BEC fraud.

Register

Learn how to develop a holistic solution that provides you and your team the power to mitigate cyber threats effectively within your OT environment.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

Huddle with your peers to measure the costs, benefits, and risks of deploying machine learning and predictive AI tools in the enterprise, the threat from adversarial AI and deepfakes, and preparation for the inevitable compliance and regulations. (December 4, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

A cyber-crime operation using the SpyEye Trojan was spotted around the holidays with a new trick up its sleeve for dodging detection.According to Trusteer, fraudsters targeting online bankers were observed attempting to cover their digital tracks on infected computers by concealing their unauthorized transactions.

Less than a year after its previous release, Oracle today announced a new release of Oracle Database Firewall, the database giant’s solution to improve enterprise database security and help enterprises prevent internal and external attacks from reaching their databases.

Last week, the Lords of Dharmaraja made headlines by exposing their work to the world, after claiming to have breached systems used by India’s military intelligence. They released old source code from Symantec, and API documentation as proof. However, over the weekend it was learned that they also released a memo documenting India’s intercept program, and the role that Research in Motion, Apple, and Nokia play in it.

2011 was a landmark year to say the least, in terms of network security and the overall evolution of malware, and there are no indications that things will slow down anytime soon. With that in mind lets embark on that traditional new year exercise and predict a few of the trends we’re likely to see in 2012.The Malware Arms Race Will Continue to Accelerate

NetQin Mobile, a China-based provider of consumer-focused mobile security software, has undergone a name change. The company is now rolling with the name "NQ Mobile", the brand that it will use to conduct all of its international business. Officially, the company will change its corporate name from NetQin Mobile, Inc. to NQ Mobile, Inc.

We have been thinking about information security for thousands of years. But as the world continues to evolve, Information Security must evolve to keep up with it.

A group of hackers claim to have stolen source code for Symantec’s Norton Antivirus software.Update: 01/06/12 12:20AM EST - Symantec has confirmed with SecurityWeek that hackers have accessed source code related to Symantec Endpoint Protection 11.0 and Symantec Antivirus 10.2.

Microsoft is starting the 2012 Patch Tuesday cycle off with a bang.According to Microsoft’s advanced notification, the January security update will include seven bulletins addressing eight vulnerabilities across Windows and Microsoft developer tools and software. Just one of the bulletins is rated ‘critical.’ The other six are rated ‘important.’

Second in a Series on Evaluating New Firewalls: Why Scalability is Important to Sustain Protections through Network Growth and Scale.I realize it may sound a little odd to put firewall scalability ahead of security. After all firewalls are, at their core, access control devices – the ultimate Internet traffic police.

Once again, Veracode has crafted up an infographic, this time comparing how Android and iOS stack up against each other when it comes to mobile security.Veracode, which provides static and dynamic application security testing solutions, noted that greater adoption of smartphones has led to greater security concerns and increased awareness of related vulnerabilities.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

GitHub has launched a $1.25 million fund to be invested in improving the security of 125 open source projects.

Cloud Security

Cloud Security

Veeam releases patches for two vulnerabilities in Service Provider Console, including a critical-severity remote code execution bug.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.