Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

The Trump administration has disbanded the Cyber Safety Review Board (CSRB), ending one of the few bright spots at CISA.

DryRun Security has raised $8.7 million in a seed funding round for its AI-powered application security solutions. 

Doti’s platform uses AI to improve, automate, and streamline standard office and business processes across distributed and hybrid environments. 

Join Us in Shaping the Future of Supply Chain Security – Don’t miss this chance to be part of the conversation addressing one of the most pressing cybersecurity challenges .

APIs are easy to develop, simple to implement, and frequently attacked. They are  prime and lucrative targets for cybercriminals. 

$380,000 paid out on the first day of Pwn2Own Automotive 2025 for exploits targeting car infotainment units, operating systems, and chargers. 

The Mirai-based Murdoc botnet has been actively targeting Avtech and Huawei devices for roughly half a year.

Oracle has released 318 new security patches to address roughly 200 unique CVEs as part of its January 2025 Critical Patch Update.

Cloudflare saw a 53% increase in DDoS attack frequency last year, when it blocked a record-breaking 5.6 Tbps attack.

ABB has patched building control product vulnerabilities that can expose many facilities to remote attacks.

Part entrepreneurial adventure, part security history, Bernardo Quintero’s ‘Infected’ documents how the VirusTotal side project became a threat-intel cornerstone.

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

Anand Ramanathan has been appointed as Chief Product Officer at Deepwatch.

Managed security platform provider Deepwatch has appointed Sammie Walker as CMO.

More People On The Move
DDoS attack DDoS attack

Cloudflare saw a 53% increase in DDoS attack frequency last year, when it blocked a record-breaking 5.6 Tbps attack.

PowerSchool data breach PowerSchool data breach

PowerSchool says the personal information of students and educators was stolen in a December 2024 data breach.

HPE hacked HPE hacked

HPE is investigating claims by the hacker IntelBroker, who is offering to sell source code and other data allegedly stolen from the tech giant.

Top Cybersecurity Headlines

The Treasury Department announced sanctions in connection with a massive Chinese hack of American telecommunications companies and a breach of its own computer network.

In 2024 organizations informed the US government about 720 healthcare data breaches affecting a total of 186 million user records.

Jen Easterly hopes CISA is allowed to continue its election-related work under new leadership despite “contentiousness” around that part of its mission.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Explore trends and technologies that will shape the future of cybersecurity. Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 2025, Stay Tuned]

Learn More

SecurityWeek’s CISO Forum Summer Summit & Golf Classic will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.(February 26, 2025)

Learn More

Supply Chain Security Summit
Join us as we explore the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. (March 19, 2025)

Learn More

Vulnerabilities

Cybercrime

Malware prevention provider FireEye and network forensics company Solera have announced a technology partnership to deliver an integrated security solution that will not only block an attack, but also help IT security professionals figure out exactly what happened after the fact.

The anti-malware industry sometimes sees more complicated problems than you might imagine, and they can’t all be fixed by tweaking detection algorithms or giving the marketing team a productivity bonus.

Virtualization Security Risks - Government Agencies Worrying LessWorries about the security risks of virtualization – the number two barrier to adoption for Federal IT organizations last year – have fallen to seventh place, far behind more mundane concerns such as lack of staff and budget. According to a survey conducted by CDW Government LLC, state and local IT groups ranked even lower, in eighth place.

After hiring a computer forensics team to conduct an investigation, Buena Vista University (BVU) said today that a data breach has occurred on its campus, potentially exposing the personal information of 93,000 people. The compromised database contains records that date back to 1987 and includes names, Social Security numbers and some driver's license numbers for BVU students (applicants, former and current), parents, faculty/staff (current and former), alumni and even donor records.

Zeus Trojan - Targeting Verified by Visa and MasterCard SecureCode Security Programs during Online Banking SessionsSecure browsing services provider Trusteer, warned today that the Zeus (Zbot) continues to attack and is targeting online banking customers of 15 leading US financial institutions by exploiting two trusted credit card security programs.

Multi-Stage Cyber Attacks GrowingCybercriminals are increasingly turning to multi-stage or “blended” attacks consisting of messaging combined with Web elements, according to a new report from Commtouch. Blended attacks use e-mail or search engine results to lure victims to bogus web sites, where the victims then encounter spam advertising, malware, or phishing scams.

Smarsh, a provider of managed email archiving and compliance solutions, introduced text message archiving to its platform today. With the new feature, companies can capture, index, monitor, preserve and produce SMS text messages, BlackBerry PIN-to-PIN and BlackBerry Messenger content for regulatory audits, e-discovery requests and other corporate governance uses.

GFI Software, a provider of software infrastructure products for small and medium-sized businesses, announced today that it has acquired security software provider Sunbelt Software. GFI was specifically interested in Sunbelt’s VIPRE product line. The assets of Sunbelt’s software distribution business, which are separate from the technology side of the company, will be divested into a separate entity, which the company plans to sell off or explore other strategic partnerships.

Social Networking in the Workplace - Workplace Social Networking creating security issues for corporate networksThe use of social networks by workers on the job has increased again, with usage patterns that may create new security issues for corporate networks.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

DryRun Security has raised $8.7 million in a seed funding round for its AI-powered application security solutions. 

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.