Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

CrowdStrike on Saturday provided technical information and remediation guidance to help organizations impacted by the faulty software update that trigged massive IT outages across the globe on Friday.  

CrowdStrike says a routine sensor configuration update pushed to Windows OS triggered a logic error that blue-screened computers worldwide.

Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise.

SonicWall warns that a simple GET request is enough to exploit a recent Splunk Enterprise vulnerability.

Over a dozen tech and cloud companies have created a new coalition for advancing security measures for AI.

Noteworthy stories that might have slipped under the radar: threats and risks to 2024 Summer Olympics, cybersecurity funding soars, Cellebrite hacked Trump shooter’s phone. 

The personal and health information of 12.9 million was stolen in a ransomware attack at Australian digital prescription services provider MediSecure.

SolarWinds has released patches for 13 vulnerabilities in Access Rights Manager, including eight critical bugs.

Organizations worldwide are reporting major outages due to Windows system crashes caused by a bad CrowdStrike update.

The Pwn2Own hacking competition is moving to Ireland and $300,000 is being offered for a zero-click exploit against WhatsApp. 

The risk of suffering a ransomware attack is high and organizations must take proactive steps to protect themselves and minimize the impact of a potential breach.

People on the Move

SaaS security company AppOmni has hired Joel Wallenstrom as its General Manager.

FTI Consulting has appointed Brett Callow as Managing Director in its Cybersecurity & Data Privacy Communications practice.

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

CISA has appointed Jeff Greene as Executive Assistant Director for Cybersecurity and Trent Frazier as Assistant Director for Stakeholder Engagement.

David Chétrit has been appointed the CEO of Kudelski Security.

More People On The Move
CrowdStrike Remediation Information CrowdStrike Remediation Information

CrowdStrike on Saturday provided technical information and remediation guidance to help organizations impacted by the faulty software update that trigged massive IT outages across the globe on Friday.  

CrowdStrike Remediation Information CrowdStrike Remediation Information

CrowdStrike says a routine sensor configuration update pushed to Windows OS triggered a logic error that blue-screened computers worldwide.

CrowdStrike BSOD outage CrowdStrike BSOD outage

Organizations worldwide are reporting major outages due to Windows system crashes caused by a bad CrowdStrike update.

Top Cybersecurity Headlines

Teixeira, who was part of the 102nd Intelligence Wing at Otis Air National Guard Base in Massachusetts, worked as a cyber transport systems specialist.

Researchers show how the Port Shadow technique against VPNs can allow MitM attacks, enabling threat actors to intercept and redirect traffic. 

Pharmacy chain Rite Aid says 2.2 million people are impacted by a recent data breach for which the RansomHub group has taken credit.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s annual cloud security virtual summit returns with a deliberate focus on exposed attack surfaces and weaknesses in public cloud infrastructure and APIs.

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

Learn More

Vulnerabilities

Cybercrime

In a trend that mirrors the invasion of the corporate world in the 1980’s by personal computers, today’s employees are beginning to use consumer-oriented technology like the iPhone and Facebook to do business – and this means stress and trouble for IT security professionals.

IT security firm Sophos this week issued new guidance on a Windows Zero Day vulnerability that is already being used to target critical infrastructure systems, including power grids. Exploit code for what Sophos terms the "CPLINK" vulnerability is widely available. In response to the situation, the SANS Institute has taken the uncommon step of raising its industry Infocon vulnerability alert level.

Microsoft today announced the availability of Forefront Endpoint Protection 2010 (FEP) public beta which now available to customers.The successor of Forefront Client Security, FEP 2010 is built on System Center Configuration Manager (SCCM) 2007 R2, allowing customers to use their existing client management infrastructure to deploy and manage endpoint protection.

Malware prevention provider FireEye and network forensics company Solera have announced a technology partnership to deliver an integrated security solution that will not only block an attack, but also help IT security professionals figure out exactly what happened after the fact.

The anti-malware industry sometimes sees more complicated problems than you might imagine, and they can’t all be fixed by tweaking detection algorithms or giving the marketing team a productivity bonus.

Virtualization Security Risks - Government Agencies Worrying LessWorries about the security risks of virtualization – the number two barrier to adoption for Federal IT organizations last year – have fallen to seventh place, far behind more mundane concerns such as lack of staff and budget. According to a survey conducted by CDW Government LLC, state and local IT groups ranked even lower, in eighth place.

After hiring a computer forensics team to conduct an investigation, Buena Vista University (BVU) said today that a data breach has occurred on its campus, potentially exposing the personal information of 93,000 people. The compromised database contains records that date back to 1987 and includes names, Social Security numbers and some driver's license numbers for BVU students (applicants, former and current), parents, faculty/staff (current and former), alumni and even donor records.

Zeus Trojan - Targeting Verified by Visa and MasterCard SecureCode Security Programs during Online Banking SessionsSecure browsing services provider Trusteer, warned today that the Zeus (Zbot) continues to attack and is targeting online banking customers of 15 leading US financial institutions by exploiting two trusted credit card security programs.

Multi-Stage Cyber Attacks GrowingCybercriminals are increasingly turning to multi-stage or “blended” attacks consisting of messaging combined with Web elements, according to a new report from Commtouch. Blended attacks use e-mail or search engine results to lure victims to bogus web sites, where the victims then encounter spam advertising, malware, or phishing scams.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

CISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization.

Cloud Security

Cloud Security

Join us as we explore the latest trends in the world of SaaS security, cyberattacks against cloud infrastructure, data security posture management (DSPM), and...