Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

CrowdStrike on Saturday provided technical information and remediation guidance to help organizations impacted by the faulty software update that trigged massive IT outages across the globe on Friday.  

CrowdStrike says a routine sensor configuration update pushed to Windows OS triggered a logic error that blue-screened computers worldwide.

Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise.

SonicWall warns that a simple GET request is enough to exploit a recent Splunk Enterprise vulnerability.

Over a dozen tech and cloud companies have created a new coalition for advancing security measures for AI.

Noteworthy stories that might have slipped under the radar: threats and risks to 2024 Summer Olympics, cybersecurity funding soars, Cellebrite hacked Trump shooter’s phone. 

The personal and health information of 12.9 million was stolen in a ransomware attack at Australian digital prescription services provider MediSecure.

SolarWinds has released patches for 13 vulnerabilities in Access Rights Manager, including eight critical bugs.

Organizations worldwide are reporting major outages due to Windows system crashes caused by a bad CrowdStrike update.

The Pwn2Own hacking competition is moving to Ireland and $300,000 is being offered for a zero-click exploit against WhatsApp. 

The risk of suffering a ransomware attack is high and organizations must take proactive steps to protect themselves and minimize the impact of a potential breach.

People on the Move

SaaS security company AppOmni has hired Joel Wallenstrom as its General Manager.

FTI Consulting has appointed Brett Callow as Managing Director in its Cybersecurity & Data Privacy Communications practice.

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

CISA has appointed Jeff Greene as Executive Assistant Director for Cybersecurity and Trent Frazier as Assistant Director for Stakeholder Engagement.

David Chétrit has been appointed the CEO of Kudelski Security.

More People On The Move
CrowdStrike Remediation Information CrowdStrike Remediation Information

CrowdStrike on Saturday provided technical information and remediation guidance to help organizations impacted by the faulty software update that trigged massive IT outages across the globe on Friday.  

CrowdStrike Remediation Information CrowdStrike Remediation Information

CrowdStrike says a routine sensor configuration update pushed to Windows OS triggered a logic error that blue-screened computers worldwide.

CrowdStrike BSOD outage CrowdStrike BSOD outage

Organizations worldwide are reporting major outages due to Windows system crashes caused by a bad CrowdStrike update.

Top Cybersecurity Headlines

Teixeira, who was part of the 102nd Intelligence Wing at Otis Air National Guard Base in Massachusetts, worked as a cyber transport systems specialist.

Researchers show how the Port Shadow technique against VPNs can allow MitM attacks, enabling threat actors to intercept and redirect traffic. 

Pharmacy chain Rite Aid says 2.2 million people are impacted by a recent data breach for which the RansomHub group has taken credit.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s annual cloud security virtual summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure and APIs.

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

Learn More

Vulnerabilities

Cybercrime

A few days ago I got back from an AMTSO workshop in Munich. AMTSO is the Anti-Malware Testing Standards Organization, and I also wrote about it back in June. It’s essentially a coalition of organizations with an interest in improving anti-malware testing, and as you might expect, its current membership largely consists of security vendors and testers. Why would you expect that?

Science Applications International Corporation (SAIC) announced today that it has teamed with the University of Maryland (UMD) to support initiatives that promote education, research, and technology development in cybersecurity.

Webroot today announced it has acquired Prevx, a UK based provider of cloud-based anti-malware solutions.Prevx provides cloud-based antivirus protection and behavior-based malware detection, helping to block threats before they can reach a PC or corporate network.

The PCI Security Standards Council (PCI SSC), the industry standards body that oversees the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) requirements and the Payment Application Data Security Standard (PA-DSS), this week released version 2.0 of the PCI DSS and PA-DSS.

F-Secure this week announced that that the newest version of its Messaging Security Gateway product now also offers 256 bit AES encryption for email, helping to protect sensitive data being shared between users and helping to comply with corporate security policies.

Symantec today released its October 2010 MessageLabs Intelligence Report, which showed that cybercriminals are increasingly launched targeted attacks.According to the report, targeted attacks have increased from one to two attacks per week in 2005 to 77 attacks per day in October 2010.

Privacy Breach Solution Targets Large and Complex Health Care ProvidersFairWarning, Inc., a company that provides solutions to monitor and protect Electronic Health Records, this week announced the availability of HP based high availability privacy breach solutions designed for very large and sophisticated care providers.Due to the escalating visibility and damages resulting from patient privacy breaches, breach detection is transitioning into a necessity for every care provider.

Juniper's Global Threat Center Will Focus Exclusively on Mobile ThreatsJuniper Networks this week announced the opening of the Juniper Global Threat Center in Columbus, Ohio to provide around-the-clock, global monitoring of mobile security threats to consumers and enterprises.

Study Shows Americans Support "Internet Kill Switch" - National Security Remains Top Concern for AmericansSixty-one percent of Americans said the President should have the ability to shut down portions of the Internet in the event of a coordinated malicious cyber attack, according to a recent study conducted by information technology giant, Unisys.

Report Reveals the Riskiest Web Domains to VisitWeb risk climbed to a record 6.2% of more than 27 million live domains evaluated for the 2010 Mapping the Mal Web report released today by McAfee. According to the report, the world’s most heavily trafficked web domain, .COM, is now the riskiest, with fifty-six percent of all risky sites discovered ending in .COM.

Smaller botnets are cheaper and easier to build out and operate, and criminals have already realized that large-scale botnets attract unwanted attention

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.

Cloud Security

Cloud Security

Join us as we explore the latest trends in the world of SaaS security, cyberattacks against cloud infrastructure, data security posture management (DSPM), and...