SecurityWeek

Cybercriminals Spoof US Government Organizations in BEC, Phishing Attacks

Security Week - Thu, 03/07/2024 - 8:22am

Threat actor tracked as TA4903 spoofing US government entities in phishing and fraud campaigns.

The post Cybercriminals Spoof US Government Organizations in BEC, Phishing Attacks appeared first on SecurityWeek.

Categories: SecurityWeek

Apple is Making Big App Store Changes in Europe Over New Rules. Could it Mean More iPhone Hacking?

Security Week - Thu, 03/07/2024 - 8:15am

Apple is opening small cracks in the iPhone’s digital fortress as part of a regulatory clampdown in Europe— at the risk of creating new avenues for hackers to steal personal and financial information stored on the devices.

The post Apple is Making Big App Store Changes in Europe Over New Rules. Could it Mean More iPhone Hacking? appeared first on SecurityWeek.

Categories: SecurityWeek

Cyber Insights 2024: A Dire Year for CISOs?

Security Week - Thu, 03/07/2024 - 7:10am

The role of the CISO continuously evolves in tandem with the growing reliance on cybersecurity as a business enabler. But it is possible that the SEC has pitched a curveball with its increasing assertiveness?

The post Cyber Insights 2024: A Dire Year for CISOs? appeared first on SecurityWeek.

Categories: SecurityWeek

Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure

Security Week - Thu, 03/07/2024 - 5:50am

Critical TeamCity authentication bypass vulnerability CVE-2024-27198 exploited in the wild after details were disclosed.

The post Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure appeared first on SecurityWeek.

Categories: SecurityWeek

Fidelity Investments Notifying 28,000 People of Data Breach

Security Week - Thu, 03/07/2024 - 5:42am

Fidelity says 28,000 individuals were impacted by data breach at third-party services provider Infosys McCamish System.

The post Fidelity Investments Notifying 28,000 People of Data Breach appeared first on SecurityWeek.

Categories: SecurityWeek

Linux Malware Campaign Targets Misconfigured Cloud Servers

Security Week - Wed, 03/06/2024 - 10:50am

A new malware campaign has been observed targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances.

The post Linux Malware Campaign Targets Misconfigured Cloud Servers appeared first on SecurityWeek.

Categories: SecurityWeek

Fresh $100 Million Claroty Funding Brings Total to $735 Million 

Security Week - Wed, 03/06/2024 - 10:40am

XIoT cybersecurity company Claroty has raised another $100 million at a reported valuation of $2.5 billion.

The post Fresh $100 Million Claroty Funding Brings Total to $735 Million  appeared first on SecurityWeek.

Categories: SecurityWeek

Anatomy of a BlackCat Attack Through the Eyes of Incident Response

Security Week - Wed, 03/06/2024 - 10:21am

Incident response experts at Sygnia provide a detailed blow-by-blow of a BlackCat ransomware attack and share tips for survival.

The post Anatomy of a BlackCat Attack Through the Eyes of Incident Response appeared first on SecurityWeek.

Categories: SecurityWeek

Cloud Security Firm Sweet Security Raises $33 Million, 6 Months After Emerging From Stealth

Security Week - Wed, 03/06/2024 - 10:04am

Sweet Security announces a $33 million Series A funding round just six months after emerging from stealth with an initial $12 million seed funding.

The post Cloud Security Firm Sweet Security Raises $33 Million, 6 Months After Emerging From Stealth appeared first on SecurityWeek.

Categories: SecurityWeek

Cisco Releases Open Source Backplane Traffic Visibility Tool for OT 

Security Week - Wed, 03/06/2024 - 9:47am

Cisco has released an open source PoC tool named Badgerboard designed for improved backplane network visibility for OT. 

The post Cisco Releases Open Source Backplane Traffic Visibility Tool for OT  appeared first on SecurityWeek.

Categories: SecurityWeek

HHS Aiding Organizations Hit by Change Healthcare Cyberattack

Security Week - Wed, 03/06/2024 - 8:31am

US government lays out actions to assist healthcare providers following the highly disruptive Change Healthcare cyberattack.

The post HHS Aiding Organizations Hit by Change Healthcare Cyberattack appeared first on SecurityWeek.

Categories: SecurityWeek

SecurityWeek to Host AI Risk Summit June 25-26 at the Ritz-Carlton, Half Moon Bay CA

Security Week - Wed, 03/06/2024 - 8:19am

Conference brings together business and government stakeholders to provide meaningful guidance on risk management and cybersecurity in the age of artificial intelligence.

The post SecurityWeek to Host AI Risk Summit June 25-26 at the Ritz-Carlton, Half Moon Bay CA appeared first on SecurityWeek.

Categories: SecurityWeek

Android’s March 2024 Update Patches Critical Vulnerabilities

Security Week - Wed, 03/06/2024 - 7:34am

Android’s March 2024 security update resolves 38 vulnerabilities, including two critical flaws in the System component.

The post Android’s March 2024 Update Patches Critical Vulnerabilities appeared first on SecurityWeek.

Categories: SecurityWeek

Cyber Insights 2024: OT, ICS and IIoT

Security Week - Wed, 03/06/2024 - 7:16am

In an age of increasing geopolitical tensions caused by actual wars, and the threat of Chinese action against Taiwan, OT is a target that cannot be ignored by nation states.

The post Cyber Insights 2024: OT, ICS and IIoT appeared first on SecurityWeek.

Categories: SecurityWeek

BlackCat Ransomware Gang Suspected of Pulling Exit Scam

Security Week - Wed, 03/06/2024 - 6:25am

The BlackCat ransomware gang announces shutdown as an affiliate accuses theft of $22 million ransom payment.

The post BlackCat Ransomware Gang Suspected of Pulling Exit Scam appeared first on SecurityWeek.

Categories: SecurityWeek

CISA Warns of Pixel Phone Vulnerability Exploitation

Security Week - Wed, 03/06/2024 - 6:00am

CISA adds Pixel Android phone (CVE-2023-21237) and Sunhillo SureLine (CVE-2021-36380) flaws to its known exploited vulnerabilities catalog. 

The post CISA Warns of Pixel Phone Vulnerability Exploitation appeared first on SecurityWeek.

Categories: SecurityWeek

CrowdStrike to Acquire Flow Security

Security Week - Tue, 03/05/2024 - 9:29pm

CrowdStrike says the acquisition of Flow Security will expand its cloud security capabilities with Data Security Posture Management.

The post CrowdStrike to Acquire Flow Security appeared first on SecurityWeek.

Categories: SecurityWeek

Apple Blunts Zero-Day Attacks With iOS 17.4 Update

Security Week - Tue, 03/05/2024 - 3:55pm

Apple rolls out urgent patches to fix multiple security flaws in its flagship iOS platform and warned about zero-day exploits in the wild.

The post Apple Blunts Zero-Day Attacks With iOS 17.4 Update appeared first on SecurityWeek.

Categories: SecurityWeek

US Sanctions Spyware Company and Executives Who Targeted American Journalists, Government Officials

Security Week - Tue, 03/05/2024 - 2:41pm

The Treasury Department sanctioned individuals associated with Intellexa Consortium, maker of the powerful Predator Spyware.

The post US Sanctions Spyware Company and Executives Who Targeted American Journalists, Government Officials appeared first on SecurityWeek.

Categories: SecurityWeek

VMware Patches Critical ESXi Sandbox Escape Flaws

Security Week - Tue, 03/05/2024 - 1:36pm

The most serious flaws allow hackers with local admin rights to execute code as the virtual machine's VMX process running on the host.

The post VMware Patches Critical ESXi Sandbox Escape Flaws appeared first on SecurityWeek.

Categories: SecurityWeek

Pages