Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Microsoft says roughly 8.5 million Windows devices were impacted by the faulty software update from CrowdStrike, and published a tool to help admins through the recovery process.

CrowdStrike on Saturday provided technical information and remediation guidance to help organizations impacted by the faulty software update that trigged massive IT outages across the globe on Friday.  

CrowdStrike says a routine sensor configuration update pushed to Windows OS triggered a logic error that blue-screened computers worldwide.

Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise.

SonicWall warns that a simple GET request is enough to exploit a recent Splunk Enterprise vulnerability.

Over a dozen tech and cloud companies have created a new coalition for advancing security measures for AI.

Noteworthy stories that might have slipped under the radar: threats and risks to 2024 Summer Olympics, cybersecurity funding soars, Cellebrite hacked Trump shooter’s phone. 

The personal and health information of 12.9 million was stolen in a ransomware attack at Australian digital prescription services provider MediSecure.

SolarWinds has released patches for 13 vulnerabilities in Access Rights Manager, including eight critical bugs.

Organizations worldwide are reporting major outages due to Windows system crashes caused by a bad CrowdStrike update.

The Pwn2Own hacking competition is moving to Ireland and $300,000 is being offered for a zero-click exploit against WhatsApp. 

People on the Move

SaaS security company AppOmni has hired Joel Wallenstrom as its General Manager.

FTI Consulting has appointed Brett Callow as Managing Director in its Cybersecurity & Data Privacy Communications practice.

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

CISA has appointed Jeff Greene as Executive Assistant Director for Cybersecurity and Trent Frazier as Assistant Director for Stakeholder Engagement.

David Chétrit has been appointed the CEO of Kudelski Security.

More People On The Move
CrowdStrike IT Recovery Tool CrowdStrike IT Recovery Tool

Microsoft says roughly 8.5 million Windows devices were impacted by the faulty software update from CrowdStrike, and published a tool to help admins through the recovery process.

CrowdStrike Remediation Information CrowdStrike Remediation Information

CrowdStrike on Saturday provided technical information and remediation guidance to help organizations impacted by the faulty software update that trigged massive IT outages across the globe on Friday.  

CrowdStrike Remediation Information CrowdStrike Remediation Information

CrowdStrike says a routine sensor configuration update pushed to Windows OS triggered a logic error that blue-screened computers worldwide.

Top Cybersecurity Headlines

Organizations worldwide are reporting major outages due to Windows system crashes caused by a bad CrowdStrike update.

Teixeira, who was part of the 102nd Intelligence Wing at Otis Air National Guard Base in Massachusetts, worked as a cyber transport systems specialist.

Researchers show how the Port Shadow technique against VPNs can allow MitM attacks, enabling threat actors to intercept and redirect traffic. 

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s annual cloud security virtual summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure and APIs.

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

Learn More

Vulnerabilities

Cybercrime

Undersecretary of Defense William J. Lynn has published an essay in Foreign Affairs magazine redefining the United States’ stance towards cyberwarfare, and he’s already getting shot at – primarily by IT pundits who find it hard to believe that the incident which led to the Pentagon’s recognizing cyberspace as a new “domain of warfare” could have really happened as described.

The Wall Street Journal reported this morning that security and compliance solutions firm ArcSight Inc., is putting itself up for sale.Bidders reportedly include Oracle Corp., Hewlett-Packard Co., EMC Co., IBM Corp., and CA Inc. ArcSight could fetch $1.5 billion, according to the WSJ.

Workers denied access to certain websites at work are not afraid to voice their frustrations, a new survey shows.According to a recent survey, forty percent of chief information officers (CIOs) interviewed said that it's at least somewhat common for employees to complain about security measures that limit which websites or networks they can visit at the office.

3PAR Accepts Dell’s Increased Price of $27 Per Share, with Total Value of $1.8 Billion Update: 9/2/2010 3Par Accepts HP's $2.4 Billion Bid, Dell Walks Away with $73 MillionUpdate: 10:27AM - HP raised its offer to $30 per share or $1.88 Billion

DNSSEC - The root is signed with DNSSEC. So what does this mean? Can we all relax? Is the Internet secure now?In July, ICANN, VeriSign and the NTIA generated and published the cryptographic keys used to sign the domain name system's root zone. This so-called "trust anchor" will eventually be relied upon by the entire DNS and used to protect billions of Internet users against several types of online attack, bringing a new foundation of security to the Internet's fundamental...

In 2010, 25 percent of new worms have been specifically designed to spread through USB storage devices when connected to computers.These types of threats can copy themselves to any device capable of storing information such as cell phones, external hard drives, DVDs, flash memories and MP3/4 players.

Mobile Application Development - Security Concerns Slowing Development and AdoptionConcerns about security issues are preventing companies from implementing features on mobile applications that are commonly available for the desktop, according to a new Ziff Davis study commissioned by Entrust, Inc. For mobile applications that feature transaction-based capabilities, these concerns are particularly acute.

SonicWALL, Inc. today announced the addition of two new secure wireless access points to its SonicPoint™ Series. These new devices are designed to provide clean wireless connections through integration with a collection of existing SonicWALL products: Gateway Anti-Virus, Intrusion Prevention, Anti-Spyware and Content Filtering.

A survey conducted at the recent DEF CON Hacker conference in Las Vegas revealed that hackers see the cloud as an attractive hacking target.The survey, carried out amongst 100 of the IT professionals attending DEF CON, revealed that 96 percent think the cloud will open up more hacking opportunities for them.

Afilias, a global provider of Internet infrastructure services, today announced that it will deploy Domain Name System Security Extensions (DNSSECs) across its registry platforms, signing 13 more top-level domains (TLDs) and increasing the total number of DNSSEC deployments among domain registries to 39.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.

Cloud Security

Cloud Security

Join us as we explore the latest trends in the world of SaaS security, cyberattacks against cloud infrastructure, data security posture management (DSPM), and...