Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Security researchers at Cisco Talos and Volexity flag two Pakistani espionage campaigns targeting Indian government entities.

Retired U.S. Army General Paul M. Nakasone brings cybersecurity experience to OpenAI’s Board of Directors and Safety and Security Committee.

The increase in mass exploitation involving edge services and devices is likely to worsen.

Ascension says patient information was stolen in an early-May ransomware attack that involved an employee downloading malware.

Noteworthy stories that might have slipped under the radar: Overview of the ICS malware Fuxnet, Google accused of tracking users, scammers impersonate CISA staff.

Rockwell Automation has patched three high-severity vulnerabilities in its FactoryTalk View SE HMI software.

CISA urges federal agencies to apply mitigations for an exploited Progress Telerik vulnerability as soon as possible.

Microsoft is not rolling out Recall with Copilot+ PCs as it’s seeking additional feedback and working on improving security.

YesWeHack has raised more than $52 million to date to build and market a crowdsourced vulnerability reporting platform.

Pyte has raised $5 million for its secure computation platform, bringing the total investment in the company to $12 million. 

Protect AI warns of a dozen critical vulnerabilities in open source AI/ML tools reported via its bug bounty program.

People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider Horizon3.ai.

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

Megan Samford named Chief Security Officer of Schneider Electric’s US National Security Agreements & US Federal Business.

Timothy Yost has been named Chief Financial Officer at BlueVoyant.

More People On The Move
Windows Recall security Windows Recall security

Microsoft is not rolling out Recall with Copilot+ PCs as it’s seeking additional feedback and working on improving security.

ICS vulnerabilities ICS vulnerabilities

Analysis and insights on the prevalence and impact of password exposure vulnerabilities in ICS and other OT products.

Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited

Microsoft’s June 2024 Patch Tuesday updates resolve a zero-click Outlook vulnerability leading to remote code execution.

Top Cybersecurity Headlines

The TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure.

Apple has released a visionOS update that patches CVE-2024-27812, which may be the first flaw specific to the VR headset.

Arm warns that CVE-2024-4610, a Mali GPU kernel driver vulnerability addressed two years ago, is exploited in attacks.

Mandiant says a financially motivated threat actor has compromised hundreds of Snowflake instances using customer credentials stolen via infostealer malware that infected non-Snowflake owned systems.

Fortinet announces plans to acquire Lacework, a late-stage cloud security startup that was once listed as a “unicorn” company valued north of $1 billion.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn how you can transform your security strategy to build your organization’s resilience in the face of evolving threats.

Register

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit dives into Threat hunting tools and frameworks, and explores the value of threat intelligence data in the defender’s security stack.

Learn More

Vulnerabilities

Cybercrime

Cellcrypt, a provider of secure mobile voice calling technologies, today launched Cellcrypt Enterprise Gateway, enabling business users secure calls to office landlines from mobile phones. The enterprise solution is targeted to executives traveling to hostile countries where phone interception is prevalent.

PGP Corporation today announced that Stuart Hopper has joined the company as its new Director of EMEA Channels. Hopper will be responsible for leading PGP Corporation's channel program and team in EMEA as the company looks to expand its footprint across the region.

Botnets, Trojans and Phishing…Oh my! The dedicated researchers at Symantec are at it again, scaring the living daylights out of companies and consumers with overwhelming evidence that the web is indeed a dark and foreboding place.

NETGEAR, Inc. (NASDAQ:NTGR), a networking solutions provider, today announced the first business class firewall that provides in excess of 1 Gigabit per second (Gbps) performance for under $500. NETGEAR claims the new ProSafe Quad WAN Gigabit SSL VPN Firewall (SRX5308) delivers up to 1 Gbps of firewall throughput -- faster than competing solutions in its price class.

Swiss information security and identity management solutions provider, WISeKey, announced today that it has secured $20 million in pre-IPO financing. The investment values the company at $200 million and was led by a group of USA, European and Swiss institutional and private investors.

As the number of cyber attacks against businesses increases, the majority of small and medium-sized businesses (SMBs) are not familiar with many of the online threats they face. A recent study of executives and finance professionals from SMBs across 38 industry sectors in the United States showed that 63 percent worry about cyber theft, yet lack knowledge on how to protect their businesses.

Palo Alto Networks today announced that Michael E. Lehman has been appointed chief financial officer of the rapidly growing network security company. Lehman brings more than 35 years of senior-level financial management experience with technology companies, including CFO roles at Sun Microsystems.

Visa (NYSE:V) has announce that it will acquire online electronic payment and risk management provider, CyberSource Corporation, (NASDAQ:CYBS) in an approximately $2.0 billion cash transaction valuing CyberSource shares at $26.00 per share.

Symantec (Nasdaq: SYMC) today unveiled beta versions of the Norton 2011 AntiVirus and Norton 2011 Internet Security, available now as free download. With performance being a key objective in the latest releases, both products will include “System Insight 2.0” which alerts users when applications are significantly impacting their system resources.

Affinion Security Center, announced enhancements to its BreachShield service, aimed at preventing, detecting and resolving Identity Theft resulting from data breaches. The updates are focused on helping customers at risk for medical identity theft but available for all types of organizations that could experience a data breach.

Cyber warfare is a hot topic in the security industry, but what does this term actually mean? At what point does a cyber conflict become a cyber war? Are cyber threats, cyber attacks and cyber espionage acts of cyber war? Many of these questions need to be discussed – and that discussion is about to take place.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

A critical vulnerability tracked as CVE-2024-34359 and dubbed Llama Drama can allow hackers to target AI product developers.

Cloud Security