Category: securityweek

Pharma Giant Johnson & Johnson Discloses Data Breach

Johnson & Johnson has disclosed a data breach impacting the personal information of thousands of people. The post Pharma Giant Johnson & Johnson Discloses Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Apple Offering Hackable iPhones to Universities

Apple expands its Security Research Device Program to put hackable iPhones in the hands of select educators at the university level. The post Apple Offering Hackable iPhones to Universities appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Sophos to Acquire SecureWorks in $859 Million All-Cash Deal

Sophos plans to integrate Secureworks Taegis XDR platform into its MDR services across small, mid-sized, and enterprise segments.  The post Sophos to Acquire SecureWorks in $859 Million All-Cash Deal appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

ESET Distributor’s Systems Abused to Deliver Wiper Malware

ESET has launched an investigation after a product distributor in Israel sent out emails delivering wiper malware. The post ESET Distributor’s Systems Abused to Deliver Wiper Malware  appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Atlassian Patches Vulnerabilities in Bitbucket, Confluence, Jira

Atlassian has released patches for high-severity vulnerabilities in Bitbucket, Confluence, and Jira Service Management. The post Atlassian Patches Vulnerabilities in Bitbucket, Confluence, Jira appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Atlassian Patches…

AI and Hardware Hacking on the Rise

Bugcrowd’s Inside the Mind of a Hacker report surveys the thoughts of one of the world’s largest hacker communities. The post AI and Hardware Hacking on the Rise appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Roundcube Webmail Vulnerability Exploited in Government Attack

An XSS vulnerability in Roundcube Webmail has been targeted for code execution against a governmental organization in a CIS country. The post Roundcube Webmail Vulnerability Exploited in Government Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Omni Family Health Data Breach Impacts 470,000 Individuals

Omni Family Health has disclosed a data breach impacting nearly 470,000 current and former patients and employees. The post Omni Family Health Data Breach Impacts 470,000 Individuals appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Be Aware of These Eight Underrated Phishing Techniques

There are a number of lesser-known phishing techniques that are often overlooked or underestimated yet increasingly being employed by attackers. The post Be Aware of These Eight Underrated Phishing Techniques appeared first on SecurityWeek. This article has been indexed from…

Brazilian Police Arrest Notorious Hacker USDoD

Brazil’s Federal Police announced the arrest of a hacker whose description matches that of the notorious leaker USDoD. The post Brazilian Police Arrest Notorious Hacker USDoD appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

VMware Patches High-Severity SQL Injection Flaw in HCX Platform

VMware patches CVE-2024-38814 and warns that attackers with non-administrator privileges can execute remote code on the HCX manager. The post VMware Patches High-Severity SQL Injection Flaw in HCX Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

OT Risk Management Firm DeNexus Raises $17.5 Million

DeRisk is an AI and ML-driven data analytics platform that focuses on managing the cyber risk to the underserved operational technology of critical industries. The post OT Risk Management Firm DeNexus Raises $17.5 Million appeared first on SecurityWeek. This article…

Microsoft Patches Vulnerabilities in Power Platform, Imagine Cup Site

Microsoft has patched ‘critical’ privilege escalation and information disclosure vulnerabilities in Power Platform, Dataverse and the Imagine Cup website.  The post Microsoft Patches Vulnerabilities in Power Platform, Imagine Cup Site appeared first on SecurityWeek. This article has been indexed from…

Google Pays Out $36,000 for Severe Chrome Vulnerability

Google has released Chrome 130 in the stable channel to resolve 17 vulnerabilities, including 13 reported by external researchers. The post Google Pays Out $36,000 for Severe Chrome Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

AI Models in Cybersecurity: From Misuse to Abuse

Exploring differences in AI models on security measures and unveiling threat actor tactics. The post AI Models in Cybersecurity: From Misuse to Abuse appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: AI Models…

GitHub Patches Critical Vulnerability in Enterprise Server

A critical-severity flaw in GitHub Enterprise Server could lead to unauthorized access to the vulnerable instances. The post GitHub Patches Critical Vulnerability in Enterprise Server appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Juniper Networks Patches Dozens of Vulnerabilities

Juniper Networks has announced patches for dozens of vulnerabilities in Junos OS, Junos OS Evolved, and third-party components. The post Juniper Networks Patches Dozens of Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Chinese Hackers Adopting Open Source ‘SparkRAT’ Tool

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations. The post Chinese Hackers Adopting Open Source ‘SparkRAT’ Tool appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Malicious Prompt Engineering With ChatGPT

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad. The post Malicious Prompt Engineering With ChatGPT appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Security Update for Chrome 109 Patches 6 Vulnerabilities

Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update. The post Security Update for Chrome 109 Patches 6 Vulnerabilities appeared first on SecurityWeek. This article has been…

North Korean APT Expands Its Attack Repertoire

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by other hackers. The post North Korean APT Expands Its Attack Repertoire appeared first on SecurityWeek. This…

CISA Provides Resources for Securing K-12 Education System

CISA has published a report detailing the cybersecurity risks to the K-12 education system and recommendations on how to secure it. The post CISA Provides Resources for Securing K-12 Education System appeared first on SecurityWeek. This article has been indexed…

Forward Networks Raises $50 Million in Series D Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors. The post Forward Networks Raises $50 Million in Series D Funding appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

South Dakota’s Noem Says Cell Phone Number Hacked

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6 committee. The post South Dakota’s Noem Says Cell Phone Number Hacked appeared first on SecurityWeek. This…

Riot Games Says Source Code Stolen in Ransomware Attack

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack The post Riot Games Says Source Code Stolen in Ransomware Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Password Dependency: How to Break the Cycle

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the password dependency cycle. But how can this be done? The post Password Dependency: How to Break…

Learning to Lie: AI Tools Adept at Creating Disinformation

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation. The post Learning to Lie: AI Tools Adept at Creating Disinformation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

VMware Plugs Critical Code Execution Flaws

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system. The post VMware Plugs Critical Code Execution Flaws appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Apple Patches Exploited iOS Vulnerability in Old iPhones

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads. The post Apple Patches Exploited iOS Vulnerability in Old iPhones appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Attacks Targeting Realtek SDK Vulnerability Ramping Up

Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK. The post Attacks Targeting Realtek SDK Vulnerability Ramping Up appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Zendesk Hacked After Employees Fall for Phishing Attack

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees. The post Zendesk Hacked After Employees Fall for Phishing Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Microsoft Office to Block XLL Add-ins From Internet

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet. The post Microsoft Office to Block XLL Add-ins From Internet appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Thoma Bravo to Buy Magnet Forensics in $1.3B Transaction

Thoma Bravo will spend $1.3 billion to acquire Canadian software firm Magnet Forensics, expanding a push into the lucrative cybersecurity business. The post Thoma Bravo to Buy Magnet Forensics in $1.3B Transaction appeared first on SecurityWeek. This article has been…

Apple Patches WebKit Code Execution in iPhones, MacBooks

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities. The post Apple Patches WebKit Code Execution in iPhones, MacBooks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Apple…