Tag: SecurityWeek RSS Feed

Bankrupt and out of financing options, IronNet has terminated all employees and plan to file for Chapter 7 protection. The post Bankrupt IronNet Shuts Down Operations appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read…

Read more →

AWS says an internal threat intel decoy system called MadPot has successfully trapped nation state-backed APTs like Volt Typhoon and Sandworm. The post AWS Using MadPot Decoy System to Disrupt APTs, Botnets appeared first on SecurityWeek. This article has been…

Read more →

A group of academic researchers devised a technique to extract sounds from still images captured using smartphone cameras with rolling shutter and movable lens structures. The post Researchers Extract Sounds From Still Images on Smartphone Cameras appeared first on SecurityWeek.…

Read more →

Noteworthy stories that might have slipped under the radar: new RSA encryption attack, Meta’s AI privacy safeguards, and ShinyHunters hackers’ guilty plea.  The post In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea appeared first on…

Read more →

Nexusflow scores funding to build an open-source LLM that can deliver high accuracy when retrieving data from multiple security sources. The post Generative AI Startup Nexusflow Raises $10.6 Million appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

The NSA is starting an artificial intelligence security center — a crucial mission as AI capabilities are increasingly acquired, developed and integrated into U.S. defense and intelligence systems. The post National Security Agency is Starting an Artificial Intelligence Security Center…

Read more →

NIST has published the final version of the SP 800-82 Revision 3 guide to operational technology (OT) security. The post NIST Publishes Final Version of 800-82r3 OT Security Guide appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

A sharply divided privacy oversight board is recommending that the FBI and other agencies be required to get court approval before reviewing the communications of U.S. citizens collected through a secretive foreign surveillance program. The post A Key US Government…

Read more →

Gaps in Cloudflare’s security controls allow users to bypass protections and target others from the platform itself. The post Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company. The post Johnson Controls Hit by Ransomware appeared first on SecurityWeek. This article has been indexed…

Read more →

The FBI warns organizations of cyberattacks that employ multiple ransomware families or deploy dormant data wipers. The post FBI Warns Organizations of Dual Ransomware, Wiper Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read…

Read more →

The US State Department said that hackers took around 60,000 emails in an attack which Microsoft has blamed on China. The post US State Department Says 60,000 Emails Taken in Alleged Chinese Hack appeared first on SecurityWeek. This article has…

Read more →

Progress Software ships patches for critical-severity flaws in its WS_FTP file transfer software and warns that a pre-authenticated attacker could wreak havoc on the underlying operating system. The post Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product  appeared…

Read more →

Migrating to a quantitative cyber risk model of analysis allows for more accurate data, which leads to more informed decision-making. The post Moving From Qualitative to Quantitative Cyber Risk Modeling appeared first on SecurityWeek. This article has been indexed from…

Read more →

Roughly 80% of CISA staff will be sent home at the end of the week in case of a government shutdown.  The post Government Shutdown Could Bench 80% of CISA Staff appeared first on SecurityWeek. This article has been indexed…

Read more →

Intrusion detection company Lumu has raised $30 million in a Series B funding round led by Forgepoint Capital. The post Lumu Raises $30 Million for Threat Detection and Response Platform appeared first on SecurityWeek. This article has been indexed from…

Read more →

Verisoul, a company that has developed a SaaS platform for detecting and blocking fake users, has raised $3.25 million in seed funding.  The post Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users appeared first on SecurityWeek. This…

Read more →

Sysdig enhanced its existing CNAPP offering with a cloud attack graph, risk prioritization, attack path analysis, a searchable inventory, and complete agentless scanning. The post Sysdig Launches Realtime Attack Graph for Cloud Environments appeared first on SecurityWeek. This article has…

Read more →

Russian zero-day acquisition firm Operation Zero is now offering $20 million for full Android and iOS exploit chains. The post Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits appeared first on SecurityWeek. This article has been indexed…

Read more →

Cisco has released patches for vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks. The post Cisco Warns of IOS Software Zero-Day Exploitation Attempts appeared first on SecurityWeek. This article has…

Read more →

Google has rushed to patch a new Chrome zero-day vulnerability, tracked as CVE-2023-5217 and exploited by a spyware vendor.  The post Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor appeared first on SecurityWeek. This article has been indexed…

Read more →

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently hop around the corporate networks of U.S. and Japanese companies. The post Chinese Gov Hackers Caught…

Read more →

CISA unveils a new Hardware Bill of Materials (HBOM) framework for buyers and sellers to communicate about components in physical products. The post CISA Unveils New HBOM Framework to Track Hardware Components appeared first on SecurityWeek. This article has been…

Read more →

Threat actors have been using stolen GitHub personal access tokens to push malicious code posing as Dependabot contributions. The post Stolen GitHub Credentials Used to Push Fake Dependabot Commits appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Firefox 118 patches six high-severity vulnerabilities, including a memory leak potentially leading to sandbox escape. The post Firefox 118 Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read the original article: Firefox…

Read more →

Attackers can find tons of information on Tesla cars and their drivers by searching for misconfigured TeslaMate instances online. The post Misconfigured TeslaMate Instances Put Tesla Car Owners at Risk appeared first on SecurityWeek. This article has been indexed from…

Read more →

Israeli security startup Gem Security has raised a total of $34 million to tackle cloud threat detection and incident response. The post Gem Security Lands $23 Million Series A Funding appeared first on SecurityWeek. This article has been indexed from…

Read more →

macOS 14 Sonoma has been officially released by Apple and the latest version of the operating system patches over 60 vulnerabilities. The post macOS 14 Sonoma Patches 60 Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Google has released the source code of BinDiff, a binary file comparison tool popular within the security research community, on GitHub. The post Google Open Sources Binary File Comparison Tool BinDiff appeared first on SecurityWeek. This article has been indexed…

Read more →

GPUs from AMD, Apple, Arm, Intel, Nvidia and Qualcomm are vulnerable to a new type of side-channel attack named GPU.zip. The post New GPU Side-Channel Attack Allows Malicious Websites to Steal Data appeared first on SecurityWeek. This article has been…

Read more →

Microsoft announced that the latest Windows 11 update (23H2) will bring more support for passkeys and several new security features.   The post Microsoft Adding New Security Features to Windows 11 appeared first on SecurityWeek. This article has been indexed from…

Read more →

Sony has launched an investigation after a ransomware group claimed to have compromised all systems and offered to sell stolen data. The post Sony Investigating After Hackers Offer to Sell Stolen Data appeared first on SecurityWeek. This article has been…

Read more →

UAE-linked APT group Stealth Falcon has used the new Deadglyph backdoor in an attack targeting a governmental entity in the Middle East. The post UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor appeared first on SecurityWeek. This article…

Read more →

Mixin Network suspends deposits and withdrawals after hackers steal $200 million in digital assets from its centralized database. The post $200 Million in Cryptocurrency Stolen in Mixin Network Hack appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

The Xenomorph Android banking trojan can now mimic financial institutions in the US and Canada and is also targeting crypto wallets. The post Xenomorph Android Banking Trojan Targeting Users in US, Canada appeared first on SecurityWeek. This article has been…

Read more →

CISO churn is a hidden cybersecurity threat. Major security initiatives or implementations can take longer than the residency of a single CISO, and constant churn can leave cracks or gaps in security. The post The CISO Carousel and its Effect…

Read more →

Kosi Goodness Simon-Ebo, a Nigerian national, pleaded guilty in a US court to his involvement in a million-dollar BEC fraud scheme. The post Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role appeared first on SecurityWeek. This article has…

Read more →

A stealthy APT known as Gelsemium has been observed targeting a government entity in Southeast Asia for persistence and intelligence collection. The post Stealthy APT Gelsemium Seen Targeting Southeast Asian Government appeared first on SecurityWeek. This article has been indexed…

Read more →

City of Dallas has approved an $8.5 million budget to restore systems following a Royal ransomware attack in May 2023. The post City of Dallas Details Ransomware Attack Impact, Costs  appeared first on SecurityWeek. This article has been indexed from…

Read more →

Nearly 900 US schools are impacted by the MOVEit hack at the educational nonprofit National Student Clearinghouse. The post 900 US Schools Impacted by MOVEit Hack at National Student Clearinghouse appeared first on SecurityWeek. This article has been indexed from…

Read more →

Predator spyware delivered to iPhones and Android devices using iOS and Chrome zero-day vulnerabilities and MitM attacks.  The post Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks appeared first on SecurityWeek. This article has been indexed from…

Read more →

A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers. The post In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover appeared first on SecurityWeek. This article has been…

Read more →

Egyptian opposition politician Ahmed Altantawy was targeted with spyware after announcing a presidential bid, security researchers reported The post Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware appeared first on SecurityWeek. This article has been indexed…

Read more →

Noteworthy stories that might have slipped under the radar: Snowden file analysis, Yubico starts trading, election hacking event. The post In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking appeared first on SecurityWeek. This article has…

Read more →

Chinese state-sponsored threat groups have targeted telecoms, financial and government organizations in Africa as part of soft power efforts. The post China’s Offensive Cyber Operations in Africa Support Soft Power Efforts appeared first on SecurityWeek. This article has been indexed…

Read more →

CISA says Known Exploited Vulnerabilities Catalog has helped federal agencies significantly accelerate their vulnerability remediation pace. The post Faster Patching Pace Validates CISA’s KEV Catalog Initiative appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read…

Read more →

The latest BIND security updates include patches for two high-severity DoS vulnerabilities that can be exploited remotely. The post BIND Updates Patch Two High-Severity DoS Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read…

Read more →

Canada’s largest airline says the personal information of some employees was accessed in a recent cyberattack. The post Air Canada Says Employee Information Accessed in Cyberattack appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read…

Read more →

Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones. The post Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones appeared first on SecurityWeek. This article has been…

Read more →

ICS/OT security budgets have decreased in 2023 compared to last year, according to a survey conducted by SANS. The post SANS Survey Shows Drop in 2023 ICS/OT Security Budgets appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

New and mysterious APT Sandman spotted targeting telcos in Europe and Asia as part of a cyberespionage campaign. The post New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware appeared first on SecurityWeek. This article has been indexed from…

Read more →

Legit Security raises $40 million in a Series B funding round led by CRV to help organizations protect the software supply chain from attacks The post Legit Security Raises $40 Million in Series B Financing appeared first on SecurityWeek. This…

Read more →

TransUnion denies suffering a breach after a hacker publishes 3GB of data allegedly stolen from the credit reporting firm. The post TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data appeared first on SecurityWeek. This article has been indexed from…

Read more →

ZTNA stands out as a solution that enables organizations to minimize their attack surface while ensuring the productivity and security of their remote workforce. The post Navigating the Digital Frontier in Cybersecurity Awareness Month 2023 appeared first on SecurityWeek. This…

Read more →

Many previously isolated OT networks, like manufacturing, processing, distribution, and inventory management, have now been woven into larger IT networks. The post Every Network Is Now an OT Network. Can Your Security Keep Up? appeared first on SecurityWeek. This article…

Read more →

The FBI and CISA are warning critical infrastructure organizations of ongoing Snatch ransomware attacks, which also involve data exfiltration. The post Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

British lawmakers approved an ambitious but controversial new internet safety law with wide-ranging powers to crack down on digital and social media companies. The post UK’s New Online Safety Law Adds to Crackdown on Big Tech Companies appeared first on…

Read more →

An automotive cybersecurity study shows that critical-risk vulnerabilities have decreased in the past decade. The post Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed…

Read more →

Omron has patched PLC and engineering software vulnerabilities discovered by Dragos during the analysis of ICS malware. The post Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis appeared first on SecurityWeek. This article has been indexed from…

Read more →

MGM Resorts brought its computer systems back online on September 20th after ransomware disrupted operations for 10 days. The post MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks appeared first on SecurityWeek. This…

Read more →

Intel announces general availability of attestation service that is part of Trust Authority, a new portfolio of security software and services. The post Intel Launches New Attestation Service as Part of Trust Authority Portfolio appeared first on SecurityWeek. This article…

Read more →

Intel announces general availability of attestation service that is part of Trust Authority, a new portfolio of security software and services. The post Intel Launches New Attestation Service as Part of Trust Authority Portfolio appeared first on SecurityWeek. This article…

Read more →

Finnish authorities have seized the drugs marketplace Piilopuoti, which has been operating on the Tor network since May 2022. The post Tor-Based Drug Marketplace Piilopuoti Shut Down by Law Enforcement appeared first on SecurityWeek. This article has been indexed from…

Read more →

DHS has published a new set of recommendations to help federal agencies better report cyber incidents and protect critical infrastructure. The post DHS Publishes New Recommendations on Cyber Incident Reporting appeared first on SecurityWeek. This article has been indexed from…

Read more →

Policy management cybersecurity startup Discern Security on Tuesday emerged from stealth mode with $3 million in funding. The post Discern Security Emerges From Stealth Mode With $3 Million in Funding appeared first on SecurityWeek. This article has been indexed from…

Read more →

Learning how to keep discussions on-topic is an important skill for security professionals to learn, and it can allow them to continue to improve their security programs. The post Staying on Topic in an Off Topic World appeared first on…

Read more →

A federal judge has halted implementation of a California data collection law intended to protect the privacy of minors The post California Law Restricting Companies’ Use of Information From Kids Online Is Halted by Federal Judge appeared first on SecurityWeek.…

Read more →