Featured

iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones

apple, Featured, Mobile & Wireless, side-channel attack, Vulnerabilities /

iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones 26/10/2023 at 19:32 By Eduard Kovacs New iLeakage side-channel speculative execution attack exploits Safari to steal sensitive information from Macs and iPhones. The post iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones appeared first on SecurityWeek. This article is an excerpt […]

React to this headline:

Loading spinner

iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones Read More »

Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infrastructure

critical infrastructure, Featured, ICS/OT, Nation-State, Volt Typhoon /

Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infrastructure 25/10/2023 at 19:17 By Ryan Naraine Mandiant’s Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in a series of eyebrow-raising attacks against targets in Guam and the

React to this headline:

Loading spinner

Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infrastructure Read More »

New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding

Featured, ICS, ICS/OT, open source, PLC /

New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding 25/10/2023 at 18:17 By Eduard Kovacs A new project aims to make it easier for PLC programmers to implement secure coding practices by cataloging useful files and functions from each vendor. The post New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding

React to this headline:

Loading spinner

New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding Read More »

Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2023 ICS Cybersecurity Conference

Featured, ICS, ICS/OT /

Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2023 ICS Cybersecurity Conference 25/10/2023 at 16:31 By SecurityWeek News SecurityWeek’s 2023 ICS Cybersecurity Conference continues in Atlanta, as hundreds of industrial cybersecurity stakeholders gather for Day 2 of the annual industrial cybersecurity conference. The post Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2023

React to this headline:

Loading spinner

Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2023 ICS Cybersecurity Conference Read More »

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops

Cisco, Featured, Malware & Threats, Vulnerabilities, Zero-Day /

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops 23/10/2023 at 21:49 By Eduard Kovacs Cisco has found a second zero-day vulnerability that has been exploited in recent attacks as the number of hacked devices has started dropping. The post Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops appeared first

React to this headline:

Loading spinner

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops Read More »

Iranian Hackers Lurked for 8 Months in Government Network

Featured, Iran, Nation-State /

Iranian Hackers Lurked for 8 Months in Government Network 20/10/2023 at 16:31 By Ionut Arghire Iran-linked hacking group Crambus spent eight months inside a compromised network of a Middle Eastern government, Broadcom’s Symantec cybersecurity unit reports. The post Iranian Hackers Lurked for 8 Months in Government Network appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Iranian Hackers Lurked for 8 Months in Government Network Read More »

Recent NetScaler Vulnerability Exploited as Zero-Day Since August

Citrix, exploited, Featured, Vulnerabilities, Zero-Day /

Recent NetScaler Vulnerability Exploited as Zero-Day Since August 18/10/2023 at 14:01 By Ionut Arghire Mandiant says the recently patched Citrix NetScaler vulnerability CVE-2023-4966 had been exploited as zero-day since August. The post Recent NetScaler Vulnerability Exploited as Zero-Day Since August appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Recent NetScaler Vulnerability Exploited as Zero-Day Since August Read More »

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability

Cisco, Featured, Malware & Threats, Zero-Day /

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability 18/10/2023 at 14:01 By Eduard Kovacs Tens of thousands of Cisco devices have reportedly been hacked via the exploitation of the zero-day vulnerability CVE-2023-20198. The post Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability Read More »

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability

Cisco, exploited, Featured, Vulnerabilities, Zero-Day /

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability 17/10/2023 at 14:16 By Eduard Kovacs Cisco is warning customers that a new IOS XE zero-day vulnerability tracked as CVE-2023-20198 is being exploited to hack devices.  The post Cisco Devices Hacked via IOS XE Zero-Day Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Cisco Devices Hacked via IOS XE Zero-Day Vulnerability Read More »

Milesight Industrial Router Vulnerability Possibly Exploited in Attacks

Featured, ICS, ICS/OT /

Milesight Industrial Router Vulnerability Possibly Exploited in Attacks 16/10/2023 at 15:33 By Eduard Kovacs A vulnerability affecting Milesight industrial routers, tracked as CVE-2023-4326, may have been exploited in attacks.  The post Milesight Industrial Router Vulnerability Possibly Exploited in Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Milesight Industrial Router Vulnerability Possibly Exploited in Attacks Read More »

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History

DDoS, Featured, Network Security, Rapid Reset, Zero-Day /

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History 10/10/2023 at 17:02 By Eduard Kovacs A zero-day vulnerability named HTTP/2 Rapid Reset has been exploited to launch some of the largest DDoS attacks in history. The post ‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History appeared first on

React to this headline:

Loading spinner

‘HTTP/2 Rapid Reset’ Zero-Day Exploited to Launch Largest DDoS Attacks in History Read More »

Researcher Conversations: Natalie Silvanovich From Google’s Project Zero

Featured, Google, Hacker Conversations, Vulnerabilities, vulnerability reserach /

Researcher Conversations: Natalie Silvanovich From Google’s Project Zero 10/10/2023 at 15:37 By Kevin Townsend SecurityWeek continues its Hacker Conversations series in a discussion with Natalie Silvanovich, a member of of Google’s Project Zero. The post Researcher Conversations: Natalie Silvanovich From Google’s Project Zero appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Researcher Conversations: Natalie Silvanovich From Google’s Project Zero Read More »

Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks 

Cyberwarfare, DDoS, Featured, Hacktivism, Hamas, Israel /

Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks  09/10/2023 at 13:16 By Eduard Kovacs Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack. The post Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks  appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks  Read More »

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws

Bluetooth, CISA, CISA KEV, Featured, Vulnerabilities /

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws 06/10/2023 at 13:46 By Eduard Kovacs CISA has removed from its KEV catalog five Owl Labs video conferencing flaws that require the attacker to be in Bluetooth range. The post CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws appeared first on

React to this headline:

Loading spinner

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws Read More »

Sony Confirms Data Stolen in Two Recent Hacker Attacks

data breach, Data Breaches, Featured, Ransomware, Sony /

Sony Confirms Data Stolen in Two Recent Hacker Attacks 05/10/2023 at 14:01 By Eduard Kovacs Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups.  The post Sony Confirms Data Stolen in Two Recent Hacker Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Sony Confirms Data Stolen in Two Recent Hacker Attacks Read More »

Qualcomm Patches 3 Zero-Days Reported by Google

Featured, Mobile & Wireless, Qualcomm, Vulnerabilities /

Qualcomm Patches 3 Zero-Days Reported by Google 04/10/2023 at 13:31 By Eduard Kovacs Qualcomm has patched more than two dozen vulnerabilities, including three zero-days that may have been exploited by spyware vendors. The post Qualcomm Patches 3 Zero-Days Reported by Google appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Qualcomm Patches 3 Zero-Days Reported by Google Read More »

Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies

AI, Artificial Intelligence, Featured, Vulnerabilities /

Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies 03/10/2023 at 19:18 By Eduard Kovacs ShellTorch attack chains critical TorchServe vulnerabilities and could completely compromise the AI infrastructure of major companies. The post Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies Read More »

Android’s October 2023 Security Updates Patch Two Exploited Vulnerabilities

Android, exploited, Featured, Mobile & Wireless, spyware, Zero-Day /

Android’s October 2023 Security Updates Patch Two Exploited Vulnerabilities 03/10/2023 at 12:46 By Ionut Arghire The October 2023 security update for Android patches two vulnerabilities exploited in attacks, both likely linked to spyware vendors. The post Android’s October 2023 Security Updates Patch Two Exploited Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Android’s October 2023 Security Updates Patch Two Exploited Vulnerabilities Read More »

Recently Patched TeamCity Vulnerability Exploited to Hack Servers

exploited, Featured, Vulnerabilities /

Recently Patched TeamCity Vulnerability Exploited to Hack Servers 02/10/2023 at 13:01 By Eduard Kovacs In-the-wild exploitation of a critical vulnerability in the TeamCity CI/CD server started shortly after a patch was released by developers. The post Recently Patched TeamCity Vulnerability Exploited to Hack Servers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Recently Patched TeamCity Vulnerability Exploited to Hack Servers Read More »

National Security Agency is Starting an Artificial Intelligence Security Center

AI, artificial inteligence, Artificial Intelligence, Featured, NSA /

National Security Agency is Starting an Artificial Intelligence Security Center 29/09/2023 at 18:02 By Associated Press The NSA is starting an artificial intelligence security center — a crucial mission as AI capabilities are increasingly acquired, developed and integrated into U.S. defense and intelligence systems. The post National Security Agency is Starting an Artificial Intelligence Security

React to this headline:

Loading spinner

National Security Agency is Starting an Artificial Intelligence Security Center Read More »

Scroll to Top