Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Latest Cybersecurity News

The 22-year-old Air National Guard member admitted illegally collecting some of the nation’s most sensitive secrets and sharing them with other users on Discord.

With over 180,000 users, Crimemarket was a trading hub for narcotics, cybercrime tools, and crimeware guides.

A high-severity vulnerability in HikCentral Professional could lead to unauthorized access to certain URLs.

Webinar will provide valuable insights from Honeywell professionals who will guide you through the intricacies of industrial cybersecurity.

Traffic data is the lifeblood of network security, representing the raw, unfiltered truth of what is happening on the network.

The open source platform Tazama provides cost-effective monitoring of digital financial transactions to prevent fraud in real time.

Advanced phishing kit employs novel tactics in attack targeting cryptocurrency platforms and FCC employees.

Researchers demonstrate that remote Stuxnet-style attacks are possible against many modern PLCs using web-based malware.

Georgia’s largest county is still repairing damage inflicted on its government offices by a cyberattack in January 2024.

The Air National Guardsman accused of leaking highly classified military documents on social media is expected to plead guilty in his federal case.

Major vulnerabilities were found in cameras manufactured by the Chinese company Eken Group Ltd., which produces video doorbells under the brand names EKEN and Tuck, among others.

FBI Director Christopher Wray says advances in generative AI make it easier for election interference and meddling easier than before.

Noteworthy stories that might have slipped under the radar: Unpatched Google vulnerability exploited, 3D printers hacked by white hats, WhatsApp will get NSO spyware. 

The US has charged an Iranian company’s employee over cyberattacks on State and Treasury Departments and defense contractors.

Restaurant chain Golden Corral says personal information was compromised in an August 2023 data breach.

Remote PLC malware attack Remote PLC malware attack

Researchers demonstrate that remote Stuxnet-style attacks are possible against many modern PLCs using web-based malware.

CISA known exploited vulnerabilites CISA known exploited vulnerabilites

CISA says a high-severity elevation of privilege vulnerability in Microsoft Streaming Service is actively exploited in the wild.

CVE-2024-21338 zero-day exploited by North Korea CVE-2024-21338 zero-day exploited by North Korea

North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit.

Top Cybersecurity Headlines

The 22-year-old Air National Guard member admitted illegally collecting some of the nation’s most sensitive secrets and sharing them with other users on Discord.

With over 180,000 users, Crimemarket was a trading hub for narcotics, cybercrime tools, and crimeware guides.

A high-severity vulnerability in HikCentral Professional could lead to unauthorized access to certain URLs.

Webinar will provide valuable insights from Honeywell professionals who will guide you through the intricacies of industrial cybersecurity.

SecurityWeek Industry Experts

More Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Upcoming Cybersecurity Events

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA]

Learn More

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects. [March 20, 2024]

Learn More

Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA

Learn More

SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit dives into Threat hunting tools and frameworks, and explores the value of threat intelligence data in the defender’s security stack.

Learn More

Vulnerabilities

Cybercrime

Supply chain security insights: A successful attack against a supplier can lead to multiple opportunities against the supplier’s downstream customers.

Event image poster

The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Learn More

Application Security

Application Security

The API attack surface is expanding and API vulnerabilities are growing. AI will help attackers find and exploit API vulnerabilities at scale.