SecurityWeek

Many automated teller machines (ATMs) lack adequate security mechanisms and can be compromised in minutes using various methods, according to a new report from vulnerability assessment firm Positive Technologies. 

read more

Google this week announced new features to G Suite designed to help administrators enforce rigorous password requirements and increase security.

read more

BlackBerry on Friday announced that it has agreed to acquire next-generation endpoint security firm Cylance for US $1.4 billion in cash.

read more

Cybersecurity firm Trend Micro and industrial networking solutions provider Moxa on Thursday announced plans to form a joint venture corporation focusing on securing industrial internet of things (IIoT) environments.

read more

The threat actor(s) behind many Dridex and Locky campaigns have been using a new Remote Access Trojan (RAT), Proofpoint security researchers warn. 

read more

Cognigo, a Tel Aviv, Israel-based startup focused on data protection and compliance, this week announced that it has completed an $8.5 million Series A round of funding. 

read more

Mozilla has added a new feature to Firefox to alert users when they visit a website that has been part of a data breach in the past. 

read more

Adversaries are Increasingly Masterful at Taking Advantage of Seams Between Technologies and Teams to Infiltrate Organizations

read more

Keeping Your Organization Safe From Mobile Threats During the Holidays

read more

Leesburg, VA-based anti-phishing firm Cofense (formerly PhishMe) has discovered an uptick in the use of .com file extensions in phishing emails. 

read more

Waltham, MA-based GreatHorn has expanded its machine-learning phishing protection system into a complete email security platform. "This major new expansion of the Company's flagship solution," it announced on November 14, "addresses every potential stage of a phishing attack with integrated threat detection, protection, defense, and incident response."

read more

The U.S. Office of Personnel Management (OPM) has improved its security posture since the data breaches disclosed in 2015, but many issues are still unresolved, according to a report published this week by the Government Accountability Office (GAO).

read more

Organizations Need the Right Technologies and Talent in Place to Ensure a Secure Transition to the Cloud

read more

The U.S. House of Representatives this week passed a bill that creates a new cybersecurity agency at the Department of Homeland Security (DHS).

read more

Industrial cybersecurity firm Dragos on Wednesday announced that it has raised $37 million in a Series B funding round, which brings the total raised by the company to date to over $48 million.

read more

A team of researchers has described seven new variants of the notorious Meltdown and Spectre attacks, and they claim some of these methods are not mitigated by existing patches, but Intel disagrees.

read more

Recent attacks on an engineering company in the United Kingdom were attributed to a China-related cyber-espionage group despite the use of techniques usually associated with Russian threat actors.

read more

The Zero Day Initiative’s Pwn2Own Tokyo hacking competition has come to an end, with participants earning over $300,000 for disclosing vulnerabilities affecting iPhone X, Xiaomi Mi 6 and Samsung Galaxy S9 smartphones.

read more

The top two executives at Hong Kong carrier Cathay Pacific on Wednesday apologized for the firm's handling of the world's biggest airline hack that saw millions of customers' data breached but denied trying to cover it up.

read more

A congressional advisory panel says the purchase of internet-linked devices manufactured in China leaves the United States vulnerable to security breaches that could put critical infrastructure at risk.

read more