SecurityWeek
Cybercriminals Spoof US Government Organizations in BEC, Phishing Attacks
Threat actor tracked as TA4903 spoofing US government entities in phishing and fraud campaigns.
The post Cybercriminals Spoof US Government Organizations in BEC, Phishing Attacks appeared first on SecurityWeek.
Apple is Making Big App Store Changes in Europe Over New Rules. Could it Mean More iPhone Hacking?
Apple is opening small cracks in the iPhone’s digital fortress as part of a regulatory clampdown in Europe— at the risk of creating new avenues for hackers to steal personal and financial information stored on the devices.
The post Apple is Making Big App Store Changes in Europe Over New Rules. Could it Mean More iPhone Hacking? appeared first on SecurityWeek.
Cyber Insights 2024: A Dire Year for CISOs?
The role of the CISO continuously evolves in tandem with the growing reliance on cybersecurity as a business enabler. But it is possible that the SEC has pitched a curveball with its increasing assertiveness?
The post Cyber Insights 2024: A Dire Year for CISOs? appeared first on SecurityWeek.
Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure
Critical TeamCity authentication bypass vulnerability CVE-2024-27198 exploited in the wild after details were disclosed.
The post Critical TeamCity Vulnerability Exploitation Started Immediately After Disclosure appeared first on SecurityWeek.
Fidelity Investments Notifying 28,000 People of Data Breach
Fidelity says 28,000 individuals were impacted by data breach at third-party services provider Infosys McCamish System.
The post Fidelity Investments Notifying 28,000 People of Data Breach appeared first on SecurityWeek.
Linux Malware Campaign Targets Misconfigured Cloud Servers
A new malware campaign has been observed targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances.
The post Linux Malware Campaign Targets Misconfigured Cloud Servers appeared first on SecurityWeek.
Fresh $100 Million Claroty Funding Brings Total to $735 Million
XIoT cybersecurity company Claroty has raised another $100 million at a reported valuation of $2.5 billion.
The post Fresh $100 Million Claroty Funding Brings Total to $735 Million appeared first on SecurityWeek.
Anatomy of a BlackCat Attack Through the Eyes of Incident Response
Incident response experts at Sygnia provide a detailed blow-by-blow of a BlackCat ransomware attack and share tips for survival.
The post Anatomy of a BlackCat Attack Through the Eyes of Incident Response appeared first on SecurityWeek.
Cloud Security Firm Sweet Security Raises $33 Million, 6 Months After Emerging From Stealth
Sweet Security announces a $33 million Series A funding round just six months after emerging from stealth with an initial $12 million seed funding.
The post Cloud Security Firm Sweet Security Raises $33 Million, 6 Months After Emerging From Stealth appeared first on SecurityWeek.
Cisco Releases Open Source Backplane Traffic Visibility Tool for OT
Cisco has released an open source PoC tool named Badgerboard designed for improved backplane network visibility for OT.
The post Cisco Releases Open Source Backplane Traffic Visibility Tool for OT appeared first on SecurityWeek.
HHS Aiding Organizations Hit by Change Healthcare Cyberattack
US government lays out actions to assist healthcare providers following the highly disruptive Change Healthcare cyberattack.
The post HHS Aiding Organizations Hit by Change Healthcare Cyberattack appeared first on SecurityWeek.
SecurityWeek to Host AI Risk Summit June 25-26 at the Ritz-Carlton, Half Moon Bay CA
Conference brings together business and government stakeholders to provide meaningful guidance on risk management and cybersecurity in the age of artificial intelligence.
The post SecurityWeek to Host AI Risk Summit June 25-26 at the Ritz-Carlton, Half Moon Bay CA appeared first on SecurityWeek.
Android’s March 2024 Update Patches Critical Vulnerabilities
Android’s March 2024 security update resolves 38 vulnerabilities, including two critical flaws in the System component.
The post Android’s March 2024 Update Patches Critical Vulnerabilities appeared first on SecurityWeek.
Cyber Insights 2024: OT, ICS and IIoT
In an age of increasing geopolitical tensions caused by actual wars, and the threat of Chinese action against Taiwan, OT is a target that cannot be ignored by nation states.
The post Cyber Insights 2024: OT, ICS and IIoT appeared first on SecurityWeek.
BlackCat Ransomware Gang Suspected of Pulling Exit Scam
The BlackCat ransomware gang announces shutdown as an affiliate accuses theft of $22 million ransom payment.
The post BlackCat Ransomware Gang Suspected of Pulling Exit Scam appeared first on SecurityWeek.
CISA Warns of Pixel Phone Vulnerability Exploitation
CISA adds Pixel Android phone (CVE-2023-21237) and Sunhillo SureLine (CVE-2021-36380) flaws to its known exploited vulnerabilities catalog.
The post CISA Warns of Pixel Phone Vulnerability Exploitation appeared first on SecurityWeek.
CrowdStrike to Acquire Flow Security
CrowdStrike says the acquisition of Flow Security will expand its cloud security capabilities with Data Security Posture Management.
The post CrowdStrike to Acquire Flow Security appeared first on SecurityWeek.
Apple Blunts Zero-Day Attacks With iOS 17.4 Update
Apple rolls out urgent patches to fix multiple security flaws in its flagship iOS platform and warned about zero-day exploits in the wild.
The post Apple Blunts Zero-Day Attacks With iOS 17.4 Update appeared first on SecurityWeek.
US Sanctions Spyware Company and Executives Who Targeted American Journalists, Government Officials
The Treasury Department sanctioned individuals associated with Intellexa Consortium, maker of the powerful Predator Spyware.
The post US Sanctions Spyware Company and Executives Who Targeted American Journalists, Government Officials appeared first on SecurityWeek.
VMware Patches Critical ESXi Sandbox Escape Flaws
The most serious flaws allow hackers with local admin rights to execute code as the virtual machine's VMX process running on the host.
The post VMware Patches Critical ESXi Sandbox Escape Flaws appeared first on SecurityWeek.