Featured

Cybersecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISO

CISO Strategy, Featured /

Cybersecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISO 31/10/2023 at 23:16 By Mike Lennon The SEC’s lawsuit against the CISO of SolarWinds is leaving CISOs across the industry spooked and reevaluating their roles. The post Cybersecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISO appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Cybersecurity Leaders Spooked by SEC Lawsuit Against SolarWinds CISO Read More »

SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures

CISO, CISO Strategy, Featured, Incident Response, SolarWinds, SUNBURST, Tracking & Law Enforcement /

SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures 31/10/2023 at 05:01 By Mike Lennon The SEC filed charges against SolarWinds and its CISO over misleading investors about its cybersecurity practices and known risks. The post SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures Read More »

Biden Wants to Move Fast on AI Safeguards and Will Sign an Executive Order to Address His Concerns

AI, artificial inteligence, Artificial Intelligence, Featured, Government, Regulations /

Biden Wants to Move Fast on AI Safeguards and Will Sign an Executive Order to Address His Concerns 30/10/2023 at 14:46 By Associated Press President Joe Biden on Monday will sign a sweeping executive order to guide the development of artificial intelligence — requiring industry to develop safety and security standards, and introducing new consumer

React to this headline:

Loading spinner

Biden Wants to Move Fast on AI Safeguards and Will Sign an Executive Order to Address His Concerns Read More »

Advanced ‘StripedFly’ Malware With 1 Million Infections Shows Similarities to NSA-Linked Tools

Featured, Malware, Malware & Threats, NSA /

Advanced ‘StripedFly’ Malware With 1 Million Infections Shows Similarities to NSA-Linked Tools 27/10/2023 at 17:47 By Ionut Arghire The StripedFly malware has APT-like capabilities, but remained unnoticed for five years, posing as a cryptocurrency miner. The post Advanced ‘StripedFly’ Malware With 1 Million Infections Shows Similarities to NSA-Linked Tools appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Advanced ‘StripedFly’ Malware With 1 Million Infections Shows Similarities to NSA-Linked Tools Read More »

iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones

apple, Featured, Mobile & Wireless, side-channel attack, Vulnerabilities /

iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones 26/10/2023 at 19:32 By Eduard Kovacs New iLeakage side-channel speculative execution attack exploits Safari to steal sensitive information from Macs and iPhones. The post iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones Read More »

Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infrastructure

critical infrastructure, Featured, ICS/OT, Nation-State, Volt Typhoon /

Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infrastructure 25/10/2023 at 19:17 By Ryan Naraine Mandiant’s Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in a series of eyebrow-raising attacks against targets in Guam and the

React to this headline:

Loading spinner

Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infrastructure Read More »

New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding

Featured, ICS, ICS/OT, open source, PLC /

New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding 25/10/2023 at 18:17 By Eduard Kovacs A new project aims to make it easier for PLC programmers to implement secure coding practices by cataloging useful files and functions from each vendor. The post New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding

React to this headline:

Loading spinner

New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding Read More »

Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2023 ICS Cybersecurity Conference

Featured, ICS, ICS/OT /

Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2023 ICS Cybersecurity Conference 25/10/2023 at 16:31 By SecurityWeek News SecurityWeek’s 2023 ICS Cybersecurity Conference continues in Atlanta, as hundreds of industrial cybersecurity stakeholders gather for Day 2 of the annual industrial cybersecurity conference. The post Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2023

React to this headline:

Loading spinner

Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2023 ICS Cybersecurity Conference Read More »

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops

Cisco, Featured, Malware & Threats, Vulnerabilities, Zero-Day /

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops 23/10/2023 at 21:49 By Eduard Kovacs Cisco has found a second zero-day vulnerability that has been exploited in recent attacks as the number of hacked devices has started dropping. The post Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops appeared first

React to this headline:

Loading spinner

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops Read More »

Iranian Hackers Lurked for 8 Months in Government Network

Featured, Iran, Nation-State /

Iranian Hackers Lurked for 8 Months in Government Network 20/10/2023 at 16:31 By Ionut Arghire Iran-linked hacking group Crambus spent eight months inside a compromised network of a Middle Eastern government, Broadcom’s Symantec cybersecurity unit reports. The post Iranian Hackers Lurked for 8 Months in Government Network appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Iranian Hackers Lurked for 8 Months in Government Network Read More »

Recent NetScaler Vulnerability Exploited as Zero-Day Since August

Citrix, exploited, Featured, Vulnerabilities, Zero-Day /

Recent NetScaler Vulnerability Exploited as Zero-Day Since August 18/10/2023 at 14:01 By Ionut Arghire Mandiant says the recently patched Citrix NetScaler vulnerability CVE-2023-4966 had been exploited as zero-day since August. The post Recent NetScaler Vulnerability Exploited as Zero-Day Since August appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Recent NetScaler Vulnerability Exploited as Zero-Day Since August Read More »

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability

Cisco, Featured, Malware & Threats, Zero-Day /

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability 18/10/2023 at 14:01 By Eduard Kovacs Tens of thousands of Cisco devices have reportedly been hacked via the exploitation of the zero-day vulnerability CVE-2023-20198. The post Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability Read More »

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

Cisco, exploited, Featured, Vulnerabilities, Zero-Day /

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability 17/10/2023 at 14:16 By Eduard Kovacs Cisco is warning customers that a new IOS XE zero-day vulnerability tracked as CVE-2023-20198 is being exploited to hack devices.  The post Cisco Devices Hacked via IOS XE Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability Read More »

Milesight Industrial Router Vulnerability Possibly Exploited in Attacks

Featured, ICS, ICS/OT /

Milesight Industrial Router Vulnerability Possibly Exploited in Attacks 16/10/2023 at 15:33 By Eduard Kovacs A vulnerability affecting Milesight industrial routers, tracked as CVE-2023-4326, may have been exploited in attacks.  The post Milesight Industrial Router Vulnerability Possibly Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Milesight Industrial Router Vulnerability Possibly Exploited in Attacks Read More »

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History

DDoS, Featured, Network Security, Rapid Reset, Zero-Day /

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History 10/10/2023 at 17:02 By Eduard Kovacs A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history. The post ‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History appeared first on

React to this headline:

Loading spinner

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History Read More »

Researcher Conversations: Natalie Silvanovich From Google’s Project Zero

Featured, Google, Hacker Conversations, Vulnerabilities, vulnerability reserach /

Researcher Conversations: Natalie Silvanovich From Google’s Project Zero 10/10/2023 at 15:37 By Kevin Townsend SecurityWeek continues its Hacker Conversations series in a discussion with Natalie Silvanovich, a member of of Google’s Project Zero. The post Researcher Conversations: Natalie Silvanovich From Google’s Project Zero appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Researcher Conversations: Natalie Silvanovich From Google’s Project Zero Read More »

Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks 

Cyberwarfare, DDoS, Featured, Hacktivism, Hamas, Israel /

Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks  09/10/2023 at 13:16 By Eduard Kovacs Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack. The post Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks  appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks  Read More »

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws

Bluetooth, CISA, CISA KEV, Featured, Vulnerabilities /

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws 06/10/2023 at 13:46 By Eduard Kovacs CISA has removed from its KEV catalog five Owl Labs video conferencing flaws that require the attacker to be in Bluetooth range. The post CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws appeared first on

React to this headline:

Loading spinner

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws Read More »

Sony Confirms Data Stolen in Two Recent Hacker Attacks

data breach, Data Breaches, Featured, Ransomware, Sony /

Sony Confirms Data Stolen in Two Recent Hacker Attacks 05/10/2023 at 14:01 By Eduard Kovacs Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups.  The post Sony Confirms Data Stolen in Two Recent Hacker Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Sony Confirms Data Stolen in Two Recent Hacker Attacks Read More »

Qualcomm Patches 3 Zero-Days Reported by Google

Featured, Mobile & Wireless, Qualcomm, Vulnerabilities /

Qualcomm Patches 3 Zero-Days Reported by Google 04/10/2023 at 13:31 By Eduard Kovacs Qualcomm has patched more than two dozen vulnerabilities, including three zero-days that may have been exploited by spyware vendors. The post Qualcomm Patches 3 Zero-Days Reported by Google appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Qualcomm Patches 3 Zero-Days Reported by Google Read More »

Scroll to Top