Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Google launches Global Signal Exchange (GSE), an initiative aimed at fostering the sharing of online fraud and scam intelligence.

CISA and the FBI have issued a warning on Iranian phishing attacks targeting national political organizations and campaigns.

New York anti-bot firm says new investment will drive adoption of AI techniques and expand into digital account protection and media security.

How simplifying complexity, enhancing visibility, and empowering analysis can address key challenges in modern cybersecurity operations and investigations.

Casio says a recent cyberattack has caused some system disruptions and it’s investigating whether a data breach has occurred. 

Online summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies.

CreditRiskMonitor says hackers may have accessed personal information of employees and independent contractors. 

The EU has set up a system for imposing sanctions against people accused of cyberattacks, information manipulation or acts of sabotage on behalf of Russia.

The iPhone Mirroring feature in macOS Sequoia and iOS 18 may expose employees’ private applications to corporate IT environments.

Cyberespionage APT GoldenJackal has been targeting air-gapped systems at government organizations and embassies.

Ivanti says a few more CSA zero-day vulnerabilities have been found to be exploited in attacks where they are chained with CVE-2024-8963.

People on the Move

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn’s first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

More People On The Move
Microsoft AI Microsoft AI

Patch Tuesday: Redmond warns that attackers are rigging Microsoft Saved Console (MSC) files to execute remote code on targeted Windows systems. 

Qualcomm zero-day Qualcomm zero-day

Google and Amnesty have seen evidence that a Qualcomm chipset vulnerability tracked as CVE-2024-43047 may be exploited in the wild.

American Water Hacked American Water Hacked

The largest U.S. water utility disconnects customer portal and suspends billing services following a cyberattack.

Top Cybersecurity Headlines

The perfctl malware has been targeting vulnerabilities and misconfigurations in millions of Linux systems, likely infecting thousands.

The China-linked group Salt Typhoon hacked AT&T and Verizon, possibly compromising wiretap systems, according to WSJ.

Inside the collapse of IronNet: Some say the firm collapsed, in part, because it engaged in questionable business practices, produced subpar offerings, and could have been vulnerable to meddling by the Kremlin.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization’s data security and resilience.

Register

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

The Attack Surface Management Summit will dig into the transformative trends driving data security and provide insights and strategies to take full advantage of attack surface management technologies. (September 18, 2024)

Learn More

SecurityWeek’s Identity & Zero Trust Strategies Summit is laser focused on helping organizations to level up their Identity and Zero Trust security strategies. (Oct. 9, 2024)

Learn More

Vulnerabilities

Cybercrime

Microsoft today announced the availability of Forefront Endpoint Protection 2010 (FEP) public beta which now available to customers.The successor of Forefront Client Security, FEP 2010 is built on System Center Configuration Manager (SCCM) 2007 R2, allowing customers to use their existing client management infrastructure to deploy and manage endpoint protection.

Malware prevention provider FireEye and network forensics company Solera have announced a technology partnership to deliver an integrated security solution that will not only block an attack, but also help IT security professionals figure out exactly what happened after the fact.

The anti-malware industry sometimes sees more complicated problems than you might imagine, and they can’t all be fixed by tweaking detection algorithms or giving the marketing team a productivity bonus.

Virtualization Security Risks - Government Agencies Worrying LessWorries about the security risks of virtualization – the number two barrier to adoption for Federal IT organizations last year – have fallen to seventh place, far behind more mundane concerns such as lack of staff and budget. According to a survey conducted by CDW Government LLC, state and local IT groups ranked even lower, in eighth place.

After hiring a computer forensics team to conduct an investigation, Buena Vista University (BVU) said today that a data breach has occurred on its campus, potentially exposing the personal information of 93,000 people. The compromised database contains records that date back to 1987 and includes names, Social Security numbers and some driver's license numbers for BVU students (applicants, former and current), parents, faculty/staff (current and former), alumni and even donor records.

Zeus Trojan - Targeting Verified by Visa and MasterCard SecureCode Security Programs during Online Banking SessionsSecure browsing services provider Trusteer, warned today that the Zeus (Zbot) continues to attack and is targeting online banking customers of 15 leading US financial institutions by exploiting two trusted credit card security programs.

Multi-Stage Cyber Attacks GrowingCybercriminals are increasingly turning to multi-stage or “blended” attacks consisting of messaging combined with Web elements, according to a new report from Commtouch. Blended attacks use e-mail or search engine results to lure victims to bogus web sites, where the victims then encounter spam advertising, malware, or phishing scams.

Smarsh, a provider of managed email archiving and compliance solutions, introduced text message archiving to its platform today. With the new feature, companies can capture, index, monitor, preserve and produce SMS text messages, BlackBerry PIN-to-PIN and BlackBerry Messenger content for regulatory audits, e-discovery requests and other corporate governance uses.

GFI Software, a provider of software infrastructure products for small and medium-sized businesses, announced today that it has acquired security software provider Sunbelt Software. GFI was specifically interested in Sunbelt’s VIPRE product line. The assets of Sunbelt’s software distribution business, which are separate from the technology side of the company, will be divested into a separate entity, which the company plans to sell off or explore other strategic partnerships.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.