Now on Demand: CISO Forum Virtual Summit - All Sessions Available to Watch Instantly
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Iran-linked Charming Kitten hackers have been running a ‘dream job’ campaign targeting the aerospace industry with the SnailResin malware.

Cyber risk management solutions provider Bitsight is acquiring threat intelligence firm Cybersixgill for $115 million.

Security researcher investigated Microsoft Power Pages installations and found several with misconfigurations allowing unintentional access to confidential data.

Two Nigerian nationals, one in Mexico and one in North Dakota, have been charged for hacking into the systems of US tax preparation companies.

CISA and the FBI have confirmed that Chinese hackers compromised the networks of telecommunications companies to spy on specific targets.

Robert Purbeck was sentenced to 10 years in prison for stealing the personal information of over 132,000 people.

The exploit for a new zero-day vulnerability in Windows is executed by deleting files, drag-and-dropping them, or right clicking on them.

NIST says all known exploited CVEs in the backlog have been addressed, but admitted that clearing the entire backlog by October was optimistic.

Cybereason Chairman & CEO Eric Gan believes the merger could help its existing success in some international markets.

Exploitation attempts targeting CVE-2024-10914, a recently disclosed ‘won’t fix’ vulnerability affecting outdated D-Link NAS devices. 

Google Cloud will be assigning CVE identifiers to serious cloud vulnerabilities, even ones that don’t require patching.

People on the Move

Secure enterprise browser provider Menlo Security has appointed Bill Robbins as President.

Erik Rolf has joined Booz Allen Hamilton as the Business Information Security Officer (BISO) of Commercial Sector.

Gant Redmon has joined Trustle as its new Chief Executive Officer and Board Director.

Application security firm Black Duck has appointed Sean Forkan as Chief Revenue Officer.

Jared Bartel has been named CISO at Idaho State University.

More People On The Move
Windows zero-day Windows zero-day

The exploit for a new zero-day vulnerability in Windows is executed by deleting files, drag-and-dropping them, or right clicking on them.

Microsoft Power Platform vulnerability Microsoft Power Platform vulnerability

Patch Tuesday: Microsoft patches 90 security flaws across the Windows ecosystem and warns of zero-day exploitation and code execution risks.

Ahold Delhaize USA cybersecurity Ahold Delhaize USA cybersecurity

Cybersecurity incident impacts Giant Food, Hannaford, and other Ahold Delhaize USA brands, including pharmacies and e-commerce services.

Top Cybersecurity Headlines

In its latest financial report, Halliburton said the recent cybersecurity incident has so far cost the company $35 million.

CISA has added a Palo Alto Networks Expedition flaw tracked as CVE-2024-5910 to its Known Exploited Vulnerabilities Catalog.

North Korean cryptocurrency thieves caught targeting macOS with fake PDF applications, backdoors and new persistence tactics.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

Independent audit verifies that AWS meets detailed standards for security best practices and controls Amazon Web Services today announced it has achieved ISO 27001 certification for its AWS infrastructure, data centers and services, including Amazon Elastic Compute Cloud (Amazon EC2), Amazon Simple Storage Service (Amazon S3) and Amazon Virtual Private Cloud (Amazon VPC).

AT&T Offers Mobile Device Management Solution from MobileIron to Help Manage and Secure Mobile Devices in the WorkplaceAT&T today announced a new service to help businesses and organizations provide over-the-air protection and control for smartphones being used within an organization.

A report released today by Imperva, a provider of data security solutions, shares predictions on what we could expect to see in 2011 and is designed to inform and help IT security professionals defend their organization against the next onslaught of cyber security threats.Imperva's research team predicts IT security professionals will see the following in 2011:

A study released today shows that the financial services, technology and healthcare industries are seeing the greatest adoption of the iPad for business use.The report came from Good Technology, a provider of enterprise mobility solutions, which analyzed its customer base, which includes over 4,000 enterprise customers, whose iPad deployments range from one to over 1,000 iPads. "We took a close look at our customers who have deployed iPad devices so far," said John Herrema, senior vice president of corporate strategy at Good...

Community Information-Sharing Website to Advance Knowledge of Security Incidents via Anonymous ReportingVerizon has launched a Web site designed to collect and share information about security incidents that can be voluntarily and anonymously reported by participating organizations around the globe.

Will Oracle Acquire CSC?Will Larry Ellison pull out his wallet yet again to make another large acquisition? Does Oracle have CSC in its sights? Tips suggest that this may be the case and that Oracle is possibly looking to acquire services giant CSC.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Security researcher investigated Microsoft Power Pages installations and found several with misconfigurations allowing unintentional access to confidential data.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.