Security Week

Cisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities.

The post Cisco Unveils AI-Native Enterprise Security Solution Hypershield appeared first on SecurityWeek.

Kapeka is a new backdoor that may be a new addition to Russia-link Sandworm’s malware arsenal and possibly a successor to GreyEnergy.

The post Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression appeared first on SecurityWeek.

YL Ventures leads an early stage funding round for Miggo Security, a Tel Aviv startup working on application detection and response technology.

The post Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology appeared first on SecurityWeek.

Armis has acquired cyber risk prioritization and remediation company Silk Security for $150 million. 

The post Armis Acquires Silk Security for $150 Million appeared first on SecurityWeek.

Cisco has observed an increase in brute-force attacks targeting web application authentication, VPNs, and SSH services.

The post Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks appeared first on SecurityWeek.

Ivanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution.

The post Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product appeared first on SecurityWeek.

Chrome and Firefox security updates resolve over 35 vulnerabilities, including a dozen high-severity bugs.

The post Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.

Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44.

The post Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44 appeared first on SecurityWeek.

Oracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update.

The post Oracle Patches 230 Vulnerabilities With April 2024 CPU appeared first on SecurityWeek.

Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released. 

The post Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release appeared first on SecurityWeek.

Join this one-day virtual summit as we shine the spotlight on the shadowy dynamics of ransomware attacks and how you can best prepare your organization to defend against and recover from these relentless attacks.

The post Virtual Event Tomorrow: Ransomware Resilience & Recovery Summit  appeared first on SecurityWeek.

PuTTY vulnerability CVE-2024-31497 allows attackers to compromise private keys and use them to forge signatures. 

The post Critical PuTTY Vulnerability Allows Secret Key Recovery appeared first on SecurityWeek.

Charles O. Parks III was arrested and charged with defrauding two cloud-services providers of $3.5 million.

The post Cryptojacker Arrested, Charged for Defrauding Cloud Providers of $3.5 Million appeared first on SecurityWeek.

Cloud security specialists found data exposure risk associated with Azure, AWS, and Google Cloud command-line tools.

The post Cloud Users Warned of Data Exposure Risk From Command-Line Tools appeared first on SecurityWeek.

Kevin O’Connor knew he was a hacker by the time he was in Middle School. He went on to work for the NSA and is now director of threat research at Adlumin.

The post Hacker Conversations: Kevin O’Connor, From Childhood Hacker to NSA Operative appeared first on SecurityWeek.

The RansomHub group has started leaking information allegedly stolen from Change Healthcare in February 2024.

The post Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare appeared first on SecurityWeek.

Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves.

The post You Against the World: The Offenders Dilemma appeared first on SecurityWeek.

Omni Hotels says customer information was compromised in a cyberattack claimed by the Daixin Team ransomware group.

The post Omni Hotels Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.

PAM company Delinea over the weekend rushed to patch a critical authentication bypass vulnerability after it apparently ignored the researcher who found the flaw.

The post Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt appeared first on SecurityWeek.

Cisco Duo warns that breach exposed phone numbers, phone carriers, metadata and other logs that could lead to downstream social engineering attacks.

The post Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs appeared first on SecurityWeek.