SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

Meta Takes Action Against Multiple Foreign Influence Campaigns

Meta removed three foreign influence operations from the Facebook platform during Q3, 2023. Two were Chinese in origin, and one was Russian, the company says. 

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks

Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks. 

Black Basta Ransomware Group Received Over $100 Million From 90 Victims

The Black Basta ransomware group has infected over 300 victims and received more than $100 million in ransom payments.

US Sanctions Cryptocurrency Mixer Sinbad for Aiding North Korean Hackers

US Treasury sanctions Sinbad, saying the cryptocurrency mixer is laundering funds for North Korean hacking group Lazarus.

Palo Alto Networks Unveils New Rugged Firewall for Industrial Environments 

Palo Alto Networks has launched a new rugged firewall for industrial environments and announced several OT security improvements.

Dollar Tree Impacted by ZeroedIn Data Breach Affecting 2 Million Individuals

ZeroedIn says personal information of 2 million individuals was compromised in an August 2023 data breach that impacts customers such as Dollar Tree.

Google’s RETVec Open Source Text Vectorizer Bolsters Malicious Email Detection

Google shows how RETVec, a new and open source text vectorizer, can improve the detection of phishing attacks, spam and other harmful content.

CISA Debuts ‘Secure by Design’ Alert Series

New CISA alerts shed light on the harm occurring when software vendors fail to implement secure by design principles.

Hundreds of Malicious Android Apps Target Iranian Mobile Banking Users

Zimperium has identified over 200 information-stealing Android applications targeting mobile banking users in Iran.

SecurityWeek to Host Cyber AI & Automation Summit on December 6th

Virtual conference will explore cybersecurity use-cases for AI technology and the race to protect LLM algorithms from adversarial use.

Keyless Goes Independent, Raises $6M for Biometric Authentication

British startup building biometric authentication technology has snagged $6 million in a new round of funding led by Rialto Ventures.

Okta Broadens Scope of Data Breach: All Customer Support Users Affected

Okta expands scope of October breach, saying hackers stole names and email addresses of all its customer support system users.

New BLUFFS Bluetooth Attack Methods Can Have Large-Scale Impact: Researcher

An academic researcher demonstrates BLUFFS, six novel attacks targeting Bluetooth sessions’ forward and future secrecy.

CISA Warns of Unitronics PLC Exploitation Following Water Utility Hack

After hackers compromised ICS at a US water utility, CISA issued a warning over the exploitation of the targeted Unitronics PLC.

Google Patches Seventh Chrome Zero-Day of 2023

The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023.

Qlik Sense exploited by ransomware Qlik Sense exploited by ransomware

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks

Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks. 

Okta Broadens Scope of Data Breach: All Customer Support Users Affected

Okta expands scope of October breach, saying hackers stole names and email addresses of all its customer support system users.

Chrome zero-day exploited Chrome zero-day exploited

Google Patches Seventh Chrome Zero-Day of 2023

The latest Chrome security update addresses the seventh exploited zero-day vulnerability documented in the browser in 2023.

Top Cybersecurity Headlines

Meta Takes Action Against Multiple Foreign Influence Campaigns

Meta removed three foreign influence operations from the Facebook platform during Q3, 2023. Two were Chinese in origin, and one was Russian, the company…

Qlik Sense Vulnerabilities Exploited in Ransomware Attacks

Qlik Sense vulnerabilities CVE-2023-41266, CVE-2023-41265 and CVE-2023-48365 exploited for initial access in Cactus ransomware attacks. 

Black Basta Ransomware Group Received Over $100 Million From 90 Victims

The Black Basta ransomware group has infected over 300 victims and received more than $100 million in ransom payments.

US Sanctions Cryptocurrency Mixer Sinbad for Aiding North Korean Hackers

US Treasury sanctions Sinbad, saying the cryptocurrency mixer is laundering funds for North Korean hacking group Lazarus.

SecurityWeek Industry Experts

More Expert Insights

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Virtual Event: Cyber AI & Automation Summit

Wednesday, December 6, 2023

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.

Register

Webinar: Scaling Software Supply Chain Security: Driving Actionable SBOM Management with the OpenSSF S2C2F OSS Specification

On Demand

Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.

Watch Now
Mergers And Acquisitions
Topics for 2023 Cybersecurity Insights Series
Hacker Conversations: Interview with Chris Wysopal, AKA Weld Pond
CISO Conversations: Cloud Security Firms

Upcoming Virtual Events

CISOs and risk management leaders must understand clearly the role of cyber insurance in a robust security program, ongoing changes to premiums and policy pricing, the errors that could deny coverage and how it all fits into global incident response planning.

Learn More
Cyber AI & Automation Summit

SecurityWeek’s inaugural Cyber AI & Automation Summit pushes the boundaries of security discussions by exploring the implications and applications of predictive AI, machine learning, and automation in modern cybersecurity programs.

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place in 2023 as a virtual event. (June 13-14, 2023)

Learn More

As CISOs and corporate defenders grapple with the intricacies of securing sensitive data passing through multi-cloud deployments and APIs, the importance of frameworks, tools, controls and design models have surfaced to the front burner. (July 19, 2023)

Learn More

Vulnerabilities

Cybercrime

Biden Campaign Looking for CISO

The Biden for President campaign is looking for a cybersecurity chief to “define the organization's risk appetite” and manage its cybersecurity and IT initiatives.

More Articles
Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

Application Security Startup Aikido Security Raises €5 Million

Aikido Security has raised €5 million (~$5.4 million) in seed funding for an all-in-one application security platform.

November 15, 2023
Adobe Acrobat vulnerability exploited

Application Security

Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion
API Security Threats: 2023

Application Security

Top 10 API Security Threats for Q3 2023
PyPI Packages Found to Expose Thousands of Secrets

Application Security

PyPI Packages Found to Expose Thousands of Secrets

Cloud Security

Amazon One Enterprise Amazon One Enterprise

Cloud Security

Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets

AWS announces Amazon One Enterprise, a palm-based identity service that enables users to easily access physical locations and digital assets.

2 days ago
Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets

Cloud Security

Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets
Data Security Firm ALTR Banks $25M Series C 

Cloud Security

Data Security Firm ALTR Banks $25M Series C 
VMware zero-day CVE-2023-20867 exploited

Cloud Security

Critical Authentication Bypass Flaw in VMware Cloud Director Appliance