Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

How simplifying complexity, enhancing visibility, and empowering analysis can address key challenges in modern cybersecurity operations and investigations.

Casio says a recent cyberattack has caused some system disruptions and it’s investigating whether a data breach has occurred. 

Online summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

CreditRiskMonitor says hackers may have accessed personal information of employees and independent contractors. 

The EU has set up a system for imposing sanctions against people accused of cyberattacks, information manipulation or acts of sabotage on behalf of Russia.

The iPhone Mirroring feature in macOS Sequoia and iOS 18 may expose employees’ private applications to corporate IT environments.

Cyberespionage APT GoldenJackal has been targeting air-gapped systems at government organizations and embassies.

Ivanti says a few more CSA zero-day vulnerabilities have been found to be exploited in attacks where they are chained with CVE-2024-8963.

ICS security advisories were published on Tuesday by Siemens, Schneider Electric, Phoenix Contact and CERT@VDE.

Patch Tuesday: Redmond warns that attackers are rigging Microsoft Saved Console (MSC) files to execute remote code on targeted Windows systems. 

Adobe documents 25 vulnerabilities in Adobe Commerce and warns of code execution and privilege escalation exposure.

People on the Move

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn’s first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

More People On The Move
Microsoft AI Microsoft AI

Patch Tuesday: Redmond warns that attackers are rigging Microsoft Saved Console (MSC) files to execute remote code on targeted Windows systems. 

Qualcomm zero-day Qualcomm zero-day

Google and Amnesty have seen evidence that a Qualcomm chipset vulnerability tracked as CVE-2024-43047 may be exploited in the wild.

American Water Hacked American Water Hacked

The largest U.S. water utility disconnects customer portal and suspends billing services following a cyberattack.

Top Cybersecurity Headlines

The perfctl malware has been targeting vulnerabilities and misconfigurations in millions of Linux systems, likely infecting thousands.

The China-linked group Salt Typhoon hacked AT&T and Verizon, possibly compromising wiretap systems, according to WSJ.

Inside the collapse of IronNet: Some say the firm collapsed, in part, because it engaged in questionable business practices, produced subpar offerings, and could have been vulnerable to meddling by the Kremlin.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

Privacy Breach Solution Targets Large and Complex Health Care ProvidersFairWarning, Inc., a company that provides solutions to monitor and protect Electronic Health Records, this week announced the availability of HP based high availability privacy breach solutions designed for very large and sophisticated care providers.Due to the escalating visibility and damages resulting from patient privacy breaches, breach detection is transitioning into a necessity for every care provider.

Juniper's Global Threat Center Will Focus Exclusively on Mobile ThreatsJuniper Networks this week announced the opening of the Juniper Global Threat Center in Columbus, Ohio to provide around-the-clock, global monitoring of mobile security threats to consumers and enterprises.

Study Shows Americans Support "Internet Kill Switch" - National Security Remains Top Concern for AmericansSixty-one percent of Americans said the President should have the ability to shut down portions of the Internet in the event of a coordinated malicious cyber attack, according to a recent study conducted by information technology giant, Unisys.

Report Reveals the Riskiest Web Domains to VisitWeb risk climbed to a record 6.2% of more than 27 million live domains evaluated for the 2010 Mapping the Mal Web report released today by McAfee. According to the report, the world’s most heavily trafficked web domain, .COM, is now the riskiest, with fifty-six percent of all risky sites discovered ending in .COM.

Smaller botnets are cheaper and easier to build out and operate, and criminals have already realized that large-scale botnets attract unwanted attention

Cloud Service SLA Survival Tips - What should you be asking your cloud provider?So you’ve decided to test the waters of cloud computing, but you have some concerns. You don’t know what you don’t know. Let’s start with a few tips you may want to consider when defining your SLA with the Cloud Provider.

Danish private equity firm Dansk Kapitalanlæg has acquired a 31 percent stake in Copenhagen based IT security company, Secunia.Secunia provides on vulnerability intelligence and vulnerability management tools to help companies secure applications and networks.

Worldwide revenue for mobile security client software grew 16% between the first and second quarter of 2010, according to Infonetics Research, a market research firm.Infonetics' Security Client Software report provides regional and worldwide market size, select market share, forecasts through 2014, and analysis for security client software for consumer and enterprise desktops/laptops, and for mobile security clients, including data protection clients for smartphones.Some excerpts from its updated 2010 report:

WhiteHat Security, a provider of website risk management solutions, unveiled its Threat Research Center (TRC) this week. The company has assembled a team of website security gurus to operate as an extension of an organization's information security team.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.