Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.

Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe. 

Noteworthy stories that might have slipped under the radar: a possible Adobe Reader zero-day, researchers mistakenly hijack .mobi TLD, and an exploited WhatsApp View Once bypass.

Apple has released a patch for Vision Pro after researchers showed how an attacker can obtain passwords typed by looking at keys.

The recently observed Hadooken malware targeting Oracle WebLogic applications is linked to multiple ransomware families.

A joint report from the Committees on China and Homeland Security warns of the security risks posed by Chinese cranes in US ports.

The designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate.

A 17-year-old from England has been arrested by the NCA over the recent cyberattack on Transport for London.

Doctor Web warns of the new Vo1d Android malware infecting roughly 1.3 million TV boxes running older OS versions.

GitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw.

Fortinet has confirmed suffering a data breach impacting customers after a hacker leaked files allegedly stolen from the company.

People on the Move

Janet Rathod has been named VP and CISO at Johns Hopkins University.

Barbara Larson has joined SentinelOne as Chief Financial Officer.

Amy Howland has been named Partner and CISO at Guidehouse.

Exabeam has appointed Kish Dill as Chief Customer Success Officer.

Cloud networking firm Aviatrix has named John Qian as CISO.

More People On The Move
iPhone security iPhone security

Apple said there’s “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.

CrowdStrike Microsoft CrowdStrike Microsoft

Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe. 

UK data centers UK data centers

The designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate.

Top Cybersecurity Headlines

Fortinet has confirmed suffering a data breach impacting customers after a hacker leaked files allegedly stolen from the company.

Financial services giant Mastercard is acquiring Recorded Future from private equity firm Insight Partners for $2.6 billion.

Hackers believed to be operating on behalf of the Iranian government have deployed malware to Iraqi government networks. 

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Hear from cybersecurity experts as they explore the latest trends, challenges and innovations in Attack Surface Management.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

Tacoma, Washington based IID (Internet Identity), a provider of technology and services that help organizations secure Internet presence, today announced the availability of a new border gateway protocol (BGP) security solution for the extended enterprise designed to detect, diagnose and mitigate BGP security threats.

Led by the team behind ModSecurity, Qualys today announced an open source web application firewall project dubbed “IronBee,” with the goal of producing a web application firewall sensor that is secure, high-performing, portable, and freely available – even for commercial use.

SonicWALL, a provider of network security and data protection solutions, today announced its SuperMassive™ E10000 Series of Next-Generation Firewalls (NGFW) featuring a multi-core architecture that utilizes up to 96 cores of processing power and delivering more than 40 Gbps of firewall throughput and over 30 Gbps of application control and Intrusion Prevention Service (IPS).

Rapid7, a Boston-based provider of vulnerability management and penetration testing solutions, today announced that its NeXpose product now provides full Adobe® Flash decompilation and analysis support. With the new feature, Rapid7’s Web application scanning goes beyond basic Flash support with the ability to discover more vulnerabilities and improve intelligence in Flash analysis.

Zscaler, a provider of cloud based security solutions, today unveiled Zscaler Mobile, a service designed to protect mobile devices from the ever-increasing number of threats to mobile devices. Combined with Zscaler's existing Web and email cloud security services, Zscaler Mobile enforces the same policy for users wherever they go, across all their devices. The platform supports leading smartphones and tablets including iPhone, iPad and Android devices.

Dell announced new Enterprise Mobility Services today, a line of services and solutions to help address strategic pain points that enterprises and CIOs are experiencing as critical challenges to their business as the work force becomes increasingly mobile. The new services and solutions announced today include:

EMC today announced that it has named Thomas P. Heiser as president of RSA, the Security Division of EMC. Heiser, a 26 year veteran of EMC and most recently serving as RSA's Chief Operating Officer, will continue day-to-day leadership of the division.

Many are familiar with the popular T.V. series’ fictional account of the NCIS (Naval Criminal Investigative Service). Real-life NCIS Acting Special Agent Kirk Greffin has been cracking down on white-collar crime, government corruption and contractor fraud. Greffen states, “A $10 million heist is a major crime, whether the money is taken with a gun or with a keyboard. Fraud victimizes every taxpayer. It wastes billions of tax dollars and erodes public confidence.

With an estimated one trillion devices that will be connected to the Internet by 2015, security vulnerabilities are emerging that companies need to address. Recognizing this trend, IBM today announced initiatives to extend security to the growing number of mobile and instrumented devices beyond an organization’s own walls, such as smartphones, ATMs, retail kiosks, traffic systems, meters, buildings and sensors.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

SaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to,...