Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Bankrupt and out of financing options, IronNet has terminated all employees and plan to file for Chapter 7 protection.

AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm.

Nexusflow scores funding to build an open-source LLM that can deliver high accuracy when retrieving data from multiple security sources.

Noteworthy stories that might have slipped under the radar: new RSA encryption attack, Meta’s AI privacy safeguards, and ShinyHunters hackers’ guilty plea. 

A group of academic researchers devised a technique to extract sounds from still images captured using smartphone cameras with rolling shutter and movable lens structures.

The NSA is starting an artificial intelligence security center — a crucial mission as AI capabilities are increasingly acquired, developed and integrated into U.S. defense and intelligence systems.

CISA has added CVE-2018-14667, an old critical JBoss RichFaces flaw to its known exploited vulnerabilities catalog.

Hackers have set their sights on CVE-2023-34468, an RCE vulnerability in Apache NiFi that impacts thousands of organizations. 

Gaps in Cloudflare’s security controls allow users to bypass protections and target others from the platform itself.

A sharply divided privacy oversight board is recommending that the FBI and other agencies be required to get court approval before reviewing the communications of U.S. citizens collected through a secretive foreign surveillance program.

NIST has published the final version of the SP 800-82 Revision 3 guide to operational technology (OT) security.

The FBI warns organizations of cyberattacks that employ multiple ransomware families or deploy dormant data wipers.

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company.

NSA Artificial Intelligence Center NSA Artificial Intelligence Center

The NSA is starting an artificial intelligence security center — a crucial mission as AI capabilities are increasingly acquired, developed and integrated into U.S. defense and intelligence systems.

Johnson Controls ransomware Johnson Controls ransomware

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company.

China Hacks China Hacks

The US State Department said that hackers took around 60,000 emails in an attack which Microsoft has blamed on China.

Top Cybersecurity Headlines

Bankrupt and out of financing options, IronNet has terminated all employees and plan to file for Chapter 7 protection.

AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm.

Nexusflow scores funding to build an open-source LLM that can deliver high accuracy when retrieving data from multiple security sources.

Noteworthy stories that might have slipped under the radar: new RSA encryption attack, Meta’s AI privacy safeguards, and ShinyHunters hackers’ guilty plea. 

SecurityWeek Industry Experts

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.

Register

Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.

Register

Upcoming Virtual Events

Zero Trust Strategies Summit

Zero Trust is more than a marketing buzzword. In this event, security experts will decipher the confusing world of Zero Trust, and share war stories on securing organizations by eliminating implicit trust and continuously validating every stage of digital interaction.

Learn More
Threat Detection and Incident Response Summit

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence. (May 24, 2023)

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place in 2023 as a virtual event. (June 13-14, 2023)

Learn More

As CISOs and corporate defenders grapple with the intricacies of securing sensitive data passing through multi-cloud deployments and APIs, the importance of frameworks, tools, controls and design models have surfaced to the front burner. (July 19, 2023)

Learn More

Vulnerabilities

Cybercrime

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Threat actors have been using stolen GitHub personal access tokens to push malicious code posing as Dependabot contributions.

Cloud Security

Cloud Security

AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm.