CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

More than 100 Cisco products are affected by an NX-OS vulnerability that allows attackers to bypass image signature verification.

Development firm Chemonics International has disclosed a year-old data breach impacting over 260,000 people.

System Two Security has emerged from stealth mode with a threat detection engineering solution and $7 million in seed funding.

A top White House official said at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign.

UK telecoms company BT has launched an investigation after the Black Basta ransomware group claimed the theft of 500 Gb of data.

Veeam releases patches for two vulnerabilities in Service Provider Console, including a critical-severity remote code execution bug.

Russia’s Turla hackers hijacked 33 command servers operated by Pakistani hackers who had themselves breached Afghanistan and Indian targets.

Crimenetwork, the largest German-speaking online crime marketplace, has been shut down and one of its admins has been arrested.

Tuskira is working on an AI-powered security mesh promising to integrate fragmented security tools and mitigate risk exposure in real time.

A second vulnerability in Zyxel firewalls has been exploited in Helldown ransomware attacks over the past weeks.

Government agencies issue guidance on Chinese telecoms hacking as US officials say threat actors may have yet to be expelled. 

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

Video platform Vimeo has appointed Ryan Weeks as Chief Information Security Officer.

LPL Financial has welcomed Renana Friedlich as Chief Information Security Officer.

More People On The Move
China Telecom Hack China Telecom Hack

A top White House official said at least eight U.S. telecom firms and dozens of nations have been impacted by a Chinese hacking campaign.

Russian APT zero-day Russian APT zero-day

Russia’s Turla hackers hijacked 33 command servers operated by Pakistani hackers who had themselves breached Afghanistan and Indian targets.

Solana Web3 supply chain attack Solana Web3 supply chain attack

Supply chain attack leads to decentralized application developers downloading backdoored versions of the Solana Web3.js library.

Top Cybersecurity Headlines

McInerney’s path to becoming a hacker is subtly different to many other hackers. He started as a 22-year old psychology graduate rather than a computer-obsessed 9-year old kid.

The ‘Bootkitty’ prototype UEFI bootkit contains an exploit for LogoFAIL and was created in a South Korea university program.

Russian authorities have reportedly arrested Mikhail Matveev, who is wanted by the US for ransomware attacks against critical infrastructure.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack Demonstration to learn how hackers operate and gain knowledge to strengthen your defenses against deepfake and BEC fraud.

Register

Learn how to develop a holistic solution that provides you and your team the power to mitigate cyber threats effectively within your OT environment.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

Huddle with your peers to measure the costs, benefits, and risks of deploying machine learning and predictive AI tools in the enterprise, the threat from adversarial AI and deepfakes, and preparation for the inevitable compliance and regulations. (December 4, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

Netherlands-based DigiNotar, a subsidiary of VASCO Data Security, disclosed that an intrusion into its Certificate Authority (CA) infrastructure resulted in the fraudulent issuance of SSL certificates for several domains, including Google.com and CIA.gov.The fraudulent SSL certificate could be used by an attacker to masquerade as any subdomain of google.com, and could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against Web browsers.

Today at VMworld Dell announced its first public and hybrid cloud offering, with the availability of the Dell Cloud based on VMware vCloud Datacenter Services. Designed to provide a multi-tenant environment for running virtual systems, the new cloud services from Dell offer enterprise-class, secure, public, private and hybrid clouds.

Hurricane Irene Scams: Be Cautious as Cybercriminals Look to CapitalizeAs hurricane Irene makes landfall, we once again find ourselves on the brink of a natural disaster triggering millions of people to search the Web and social media channels for news and additional information, both out of necessity, and curiosity. Such events are prime opportunities for scammers and other cybercriminals to line their pockets.

Anonymous & San Francisco’s BART ProtestsI was in the middle of my high school years when the song “San Francisco (Be Sure to Wear Some Flowers in Your Hair)” by The Mamas & the Papas became an instant hit in the United States, England and most of Europe. It even became a rallying song for Czechoslovakia’s 1968 Prague Spring uprising. The world changed.

Managing Risks of Social Media in the EnterpriseBetween the launch of Google + and recent announcements from Twitter and Facebook, social network security has been front and center in the press during the past several days. While the changes are unlikely to diminish attackers’ interest in social networks, the talk about privacy once again underscores the importance of developing sound acceptable use policies for your organization.

Verizon today said that it has acquired CloudSwitch, a provider of cloud software technology that helps enterprises move applications or workloads between company data centers and the cloud more easily and securely.

Mobile Network in a Carrying Case Brings Warfighters Transportable Communications CapabilitiesWarfighters around the world may soon be carrying around a case that contains a powerful and sophisticated suite of communications gear that can outfit military vehicles to make them more versatile and provide access to various networks without having to fill trucks with racks of equipment.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

GitHub has launched a $1.25 million fund to be invested in improving the security of 125 open source projects.

Cloud Security

Cloud Security

Veeam releases patches for two vulnerabilities in Service Provider Console, including a critical-severity remote code execution bug.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.