SecurityWeek

SD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE. 

The post SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking appeared first on SecurityWeek.

Hive Systems conducts another study on cracking passwords via brute-force attacks, but it’s no longer targeting MD5.

The post New Password Cracking Analysis Targets Bcrypt appeared first on SecurityWeek.

Bain Capital Ventures and angel investors invest $11 million in automated alerts analysis startup Prophet Security.

The post Prophet Security Emerges From Stealth Mode With $11 Million in Funding appeared first on SecurityWeek.

Four Iranians are accused of hacking into critical systems at the Departments of Treasury and State and dozens of private US companies.

The post $10 Million Bounty on Iranian Hackers for Cyber Attacks on US Gov, Defense Contractors appeared first on SecurityWeek.

The judge with Spain’s National Court said there is reason to believe that the new information provided by France can “allow the investigations to advance.”

The post Spain Reopens a Probe Into a Pegasus Spyware Case After a French Request to Work Together appeared first on SecurityWeek.

Mandiant's M-Trends 2024 report shows that defenses are improving – and that may be true. But the reality remains that these same statistics demonstrate that if anything, the attackers still retain the upper hand.

The post The Battle Continues: Mandiant Report Shows Improved Detection But Persistent Adversarial Success appeared first on SecurityWeek.

Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations.

The post Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations  appeared first on SecurityWeek.

UnitedHealth confirms that personal and health information was stolen in a ransomware attack that could cost the company up to $1.6 billion.

The post UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack appeared first on SecurityWeek.

Palo Alto Networks firewall vulnerability CVE-2024-3400, exploited as a zero-day, impacts a Siemens industrial product.

The post Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability appeared first on SecurityWeek.

The LockBit ransomware gang leaks data allegedly stolen from government contractor Tyler Technologies.

The post Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor appeared first on SecurityWeek.

Microsoft PlayReady vulnerabilities that could allow rogue subscribers to illegally download movies from popular streaming services.

The post Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services appeared first on SecurityWeek.

Vulnerabilities in Palo Alto Networks Cortex XDR allowed a security researcher to turn it into a malicious offensive tool.

The post Research Shows How Attackers Can Abuse EDR Security Products appeared first on SecurityWeek.

A hack that caused a small Texas town’s water system to overflow in January has been linked to a shadowy Russian hacktivist group, the latest case of a U.S. public utility becoming a target of foreign cyberattacks.

The post Rural Texas Towns Report Cyberattacks That Caused One Water System to Overflow appeared first on SecurityWeek.

CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.

The post CrushFTP Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek.

Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.

The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability  appeared first on SecurityWeek.

MITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability.

The post MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days appeared first on SecurityWeek.

Cannes Hospital Centre – Simone Veil cancels medical procedures after shutting down systems in response to a cyberattack.

The post Cannes Hospital Cancels Medical Procedures Following Cyberattack appeared first on SecurityWeek.

Investors make an early-stage $6.5 million bet on BreachRx, a startup promising to shield cybersecurity executives from personal liability.

The post BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems appeared first on SecurityWeek.

VulnCheck banks $8 million in early stage capital to build 'exploit intelligence' technologies and services.

The post Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing appeared first on SecurityWeek.

Noteworthy stories that might have slipped under the radar: OpenSSF and OpenJS incidents similar to XZ backdoor, Moldovan botnet operator charged, US automotive company targeted by FIN7.

The post In Other News: OSS Backdooring Attempts, Botnet Operator Charged, Automotive Firm Attack appeared first on SecurityWeek.