SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Bankrupt IronNet Shuts Down Operations

Bankrupt and out of financing options, IronNet has terminated all employees and plan to file for Chapter 7 protection.

AWS Using MadPot Decoy System to Disrupt APTs, Botnets

AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm.

Generative AI Startup Nexusflow Raises $10.6 Million

Nexusflow scores funding to build an open-source LLM that can deliver high accuracy when retrieving data from multiple security sources.

In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea

Noteworthy stories that might have slipped under the radar: new RSA encryption attack, Meta’s AI privacy safeguards, and ShinyHunters hackers’ guilty plea. 

Researchers Extract Sounds From Still Images on Smartphone Cameras

A group of academic researchers devised a technique to extract sounds from still images captured using smartphone cameras with rolling shutter and movable lens structures.

National Security Agency is Starting an Artificial Intelligence Security Center

The NSA is starting an artificial intelligence security center — a crucial mission as AI capabilities are increasingly acquired, developed and integrated into U.S. defense and intelligence systems.

CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks

CISA has added CVE-2018-14667, an old critical JBoss RichFaces flaw to its known exploited vulnerabilities catalog.

Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks

Hackers have set their sights on CVE-2023-34468, an RCE vulnerability in Apache NiFi that impacts thousands of organizations. 

Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers

Gaps in Cloudflare’s security controls allow users to bypass protections and target others from the platform itself.

A Key US Government Surveillance Tool Should Face New Limits, a Divided Privacy Oversight Board Says

A sharply divided privacy oversight board is recommending that the FBI and other agencies be required to get court approval before reviewing the communications of U.S. citizens collected through a secretive foreign surveillance program.

NIST Publishes Final Version of 800-82r3 OT Security Guide

NIST has published the final version of the SP 800-82 Revision 3 guide to operational technology (OT) security.

FBI Warns Organizations of Dual Ransomware, Wiper Attacks

The FBI warns organizations of cyberattacks that employ multiple ransomware families or deploy dormant data wipers.

Johnson Controls Hit by Ransomware

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company.

NSA Artificial Intelligence Center NSA Artificial Intelligence Center

National Security Agency is Starting an Artificial Intelligence Security Center

The NSA is starting an artificial intelligence security center — a crucial mission as AI capabilities are increasingly acquired, developed and integrated into U.S. defense and intelligence systems.

Johnson Controls ransomware Johnson Controls ransomware

Johnson Controls Hit by Ransomware

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company.

China Hacks China Hacks

US State Department Says 60,000 Emails Taken in Alleged Chinese Hack

The US State Department said that hackers took around 60,000 emails in an attack which Microsoft has blamed on China.

Top Cybersecurity Headlines

Bankrupt IronNet Shuts Down Operations

Bankrupt and out of financing options, IronNet has terminated all employees and plan to file for Chapter 7 protection.

AWS Using MadPot Decoy System to Disrupt APTs, Botnets

AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm.

Generative AI Startup Nexusflow Raises $10.6 Million

Nexusflow scores funding to build an open-source LLM that can deliver high accuracy when retrieving data from multiple security sources.

In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea

Noteworthy stories that might have slipped under the radar: new RSA encryption attack, Meta’s AI privacy safeguards, and ShinyHunters hackers’ guilty plea. 

SecurityWeek Industry Experts

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Webinar: Beyond VPN Replacement: Other ZTNA superpowers CISOs Should Know

Tuesday, August 22, 2023

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.

Register

Webinar: Scaling Software Supply Chain Security: Driving Actionable SBOM Management with the OpenSSF S2C2F OSS Specification

Thursday, September 7, 2023

Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.

Register
Mergers And Acquisitions
Topics for 2023 Cybersecurity Insights Series
Interview Casey Ellis
CISO Conversations: Cloud Security Firms

Upcoming Virtual Events

Zero Trust Strategies Summit

Zero Trust is more than a marketing buzzword. In this event, security experts will decipher the confusing world of Zero Trust, and share war stories on securing organizations by eliminating implicit trust and continuously validating every stage of digital interaction.

Learn More
Threat Detection and Incident Response Summit

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence. (May 24, 2023)

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place in 2023 as a virtual event. (June 13-14, 2023)

Learn More

As CISOs and corporate defenders grapple with the intricacies of securing sensitive data passing through multi-cloud deployments and APIs, the importance of frameworks, tools, controls and design models have surfaced to the front burner. (July 19, 2023)

Learn More

Vulnerabilities

Cybercrime

More Articles
Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Stolen GitHub Credentials Used to Push Fake Dependabot Commits

Threat actors have been using stolen GitHub personal access tokens to push malicious code posing as Dependabot contributions.

4 days ago
Google Open Sources Binary File Comparison Tool BinDiff

Application Security

Google Open Sources Binary File Comparison Tool BinDiff
CrowdStrike to Acquire Application Intelligence Startup Bionic

Application Security

CrowdStrike to Acquire Application Intelligence Startup Bionic
CISA Releases Open Source Software Security Roadmap

Application Security

CISA Releases Open Source Software Security Roadmap

Cloud Security

AWS MadPot honeypot AWS MadPot honeypot

Cloud Security

AWS Using MadPot Decoy System to Disrupt APTs, Botnets

AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm.

2 days ago
Sysdig Launches Realtime Attack Graph for Cloud Environments

Cloud Security

Sysdig Launches Realtime Attack Graph for Cloud Environments
Gem Security Lands $23 Million Series A Funding

Cloud Security

Gem Security Lands $23 Million Series A Funding
Intel Trust Authority attestation

Cloud Security

Intel Launches New Attestation Service as Part of Trust Authority Portfolio