SecurityWeek
Now Live: SecurityWeek Threat Intelligence Summit Virtual Event
SecurityWeek will host its 2022 Threat Intelligence Summit as a fully immersive virtual event on May 18, 2022.
SecurityWeek
SecurityWeek to Host 2022 Attack Surface Management Summit Today
SecurityWeek will host its 2022 Attack Surface Management Summit as a fully immersive virtual event on February 23, 2022.
SecurityWeek
SecurityWeek to Host Threat Intelligence Summit Virtual Event on May 18th
SecurityWeek will host its 2022 Threat Intelligence Summit as a fully immersive virtual event on May 18, 2022.
SecurityWeek
SecurityWeek Analysis: Cybersecurity M&A Dropping, Over 400 Deals Announced in 2023
An analysis conducted by SecurityWeek shows that 413 cybersecurity-related mergers and acquisitions were announced in 2023.
SecurityWeek
SecurityWeek to Host CISO Forum Virtually September 13-14, 2022: Registration is Open
SecurityWeek will host its 9th annual CISO Forum on September 13-14, 2022 as a fully immersive virtual conference.
SecurityWeek
SecurityWeek to Host 2022 ICS Cybersecurity Conference October 24-27 in Atlanta
SecurityWeek will host its 2022 Industrial Control Systems (ICS) Cybersecurity Conference from October 24 – 27, 2022 at the InterContinental Atlanta Buckhead.
SecurityWeek
Now LIVE: SecurityWeek Cloud Security Summit, Presented by Palo Alto Networks
SecurityWeek will host its 2022 Cloud Security Summit, Presented by Palo Alto Networks, as a virtual event on June 15, 2022.
SecurityWeek
SecurityWeek to Host Cyber AI & Automation Summit
Cyber AI Summit will explore cybersecurity use-cases for artificial intelligence (AI) technology and the race to protect LLM algorithms from adversarial use.
SecurityWeek
SecurityWeek Cyber Insights 2024 Series
Cyber Insights 2024 Series is based on discussions with hundreds of cybersecurity experts from dozens of companies covering multiple topics.
SecurityWeek
SecurityWeek to Host 2023 ICS Cybersecurity Conference October 23-26 in Atlanta
The 2023 Industrial Control Systems (ICS) Cybersecurity Conference takes place October 23–26, 2023 at the InterContinental Atlanta.
SecurityWeek
SecurityWeek Analysis: Over 210 Cybersecurity M&A Deals Announced in First Half of 2023
An analysis shows that more than 210 cybersecurity-related mergers and acquisitions were announced in the first half of 2022.
SecurityWeek
Webinar Today: Managing IoT/OT Visibility, Protection and Monitoring in a Zero Trust Environment
Join SecurityWeek and Microsoft this webinar to learn about live zero trust enablement through monitoring and automation of IoT/OT environments.
SecurityWeek
Webinar Tomorrow: ZTNA Superpowers CISOs Should Know
Join Cloudflare and SecurityWeek for a webinar to discuss “VPN Replacement: Other ZTNA Superpowers CISOs Should Know”
SecurityWeek
2022 CISO Forum: All Sessions on Demand
SecurityWeek is happy to announce that all sessions from the 2022 CISO Forum are now available to view on demand!
SecurityWeek
Researcher Conversations: Natalie Silvanovich From Google's Project Zero
SecurityWeek interview with Natalie Silvanovich, a member of Project Zero – an elite group of researchers employed by Google.
SecurityWeek
Podcast: Palo Alto Networks Talks IT/OT Convergence
In this podcast, SecurityWeek talks to Del Rodillas from Palo Alto Networks, about the integration of IT and OT in the ICS threat landscape.
SecurityWeek
Hacker Conversations: Runa Sandvik
SecurityWeek interviews Runa Sandvik, a cybersecurity researcher and focused on protecting journalists, defenders of human rights and lawyers.
SecurityWeek
Hacker Conversations: Stephanie ‘Snow’ Carruthers, Chief People Hacker at IBM X-Force Red
SecurityWeek interviews Stephanie Carruthers, Chief People Hacker at X-Force Red, IBM Security, about social engineering.
SecurityWeek
Video: Fireside Chat With Shane Huntley, Director at Google's Threat Analysis Group
Shane Huntley, Director of Google's TAG (Threat Analysis Group), joins SecurityWeek editor-at-large Ryan Naraine for a frank discussion on threat intelligence at SecurityWeek's 2022 Threat Intelligence Summit.
SecurityWeek
Black Hat USA 2022 - Announcements Summary
SecurityWeek is publishing a digest summarizing some of the announcements made by vendors at Black Hat USA 2022.
SecurityWeek
The Psychology of Ransomware Response
SecurityWeek spoke to Rebecca McKeown of Immersive Labs to understand the human psychology involved in responding to ransomware and how companies can better prepare the workforce
SecurityWeek
Hacker Conversations: Alex Ionescu
SecurityWeek talks to Alex Ionescu, a cybersecurity expert who combined a career as a business executive with that of a security researcher.
SecurityWeek
Hacker Conversations: HD Moore and the Line Between Black and White
SecurityWeek Hacker Conversations interview with HD Moore, best known as the founder and original developer of Metasploit.
SecurityWeek
Hacker Conversations: Rob Dyke on Legal Bullying of Good Faith Researchers
Hacker Conversations Interview: SecurityWeek talks to hacker Rob Dyke to discuss corporate legal bullying of good faith researchers
SecurityWeek
Security Experts Describe AI Technologies They Want to See
SecurityWeek interviews a wide spectrum of security experts on AI-driven cybersecurity use-cases that are worth immediate attention.
SecurityWeek
CISO Conversations: Field CISOs From VMware Carbon Black and NetSPI
SecurityWeek interviews Field CISOs, Fawaz Rasheed (VMware Carbon Black) and Nabil Hannan (NetSPI), about the emerging cybersecurity role.
SecurityWeek
CISO Conversations: Three Leading CISOs in the Modern Healthcare Sector
SecurityWeek discusses the role of cybersecurity leadership with three Chief Information Security Officers (CISOs) from the healthcare sector
SecurityWeek
Old, Inconspicuous Vulnerabilities Commonly Targeted in OT Scanning Activity
IBM data shows that old and inconspicuous vulnerabilities are commonly targeted in scanning activity seen in OT. SecurityWeek has talked to several experts to find out what this data means.
SecurityWeek
Hacker Conversations: Casey Ellis, Hacker and Ringmaster at Bugcrowd
SecurityWeek interviews Casey Ellis, founder, chairman and CTO at Bugcrowd, best known for operating bug bounty programs for organizations.
SecurityWeek
Ethical AI, Possibility or Pipe Dream?
SecurityWeek spoke with IBM's chief privacy officer (CPO) Christina Montgomery to seek a better understanding of the issues surrounding ethical artificial intelligence
SecurityWeek
CISO Conversations: Nick McKenzie (Bugcrowd) and Chris Evans (HackerOne)
SecurityWeek discusses the CISO role with CISOs from crowdsourced hacking firms: Nick McKenzie at Bugcrowd and Chris Evans at HackerOne.
SecurityWeek
CISO Conversations: Jason Rebholz and Jason Ozin From the Insurance Sector
SecurityWeek interviews two CISOs from the insurance sector: Jason Rebholz at Corvus Insurance and Jason Ozin at UK-based PIB Group.
SecurityWeek
CISO Conversations: The Legal Sector With Alyssa Miller at Epiq and Mark Walmsley at Freshfields
In this CISO Conversation, SecurityWeek talks to legal sector CISOs Alyssa Miller at Epiq and Mark Walmsley at Freshfields Bruckhaus Deringer
SecurityWeek
CISO Conversations: CISOs of Identity Giants IDEMIA and Ping
SecurityWeek talks to Dennis Kallelis (CSO at Idemia) and Jason Kees (CISO at Ping) to discuss the role of the modern CISO.
SecurityWeek
Hacker Conversations: Kevin O’Connor, From Childhood Hacker to NSA Operative
SecurityWeek interviews Kevin O’Connor, a high school hacker who went on to work for NSA. He is now director of threat research at Adlumin.
SecurityWeek
CISO Conversations: Talking Cybersecurity With LinkedIn's Geoff Belknap and Meta's Guy Rosen
SecurityWeek discusses cybersecurity leadership with Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta.
SecurityWeek
Black Hat 2022: Ten Presentations Worth Your Time and Attention
SecurityWeek editors have combed the Black Hat USA 2022 agenda carefully and identified the top 10 sessions that will be making news headlines all week.
SecurityWeek
Microsoft's Security Chickens Have Come Home to Roost
SecurityWeek editor-at-large Ryan Naraine says findings of CSRB report on China's hack of Microsoft’s Exchange Online are no surprise.
SecurityWeek
The Potential and Pitfalls of a Federal Privacy Law
SecurityWeek talked to Mitzi Hill (partner at law firm Taylor English Duma) and Christina Montgomery (Chief Privacy Officer at IBM) to examine the merits and likelihood of a US federal privacy law.
SecurityWeek
Russia, Ukraine and the Danger of a Global Cyberwar
The big difference between the Russia of the USSR and the Russia of today has been the emergence of cyber as an accepted theater of war. It is this role of cyber that SecurityWeek discussed with Marcus Willett.
SecurityWeek
Predictions 2023: Big Tech’s Coming Security Shopping Spree
The SecurityWeek editorial team looks into the 2023 crystal ball and sees a surge in security acquisitions led by big-tech, a major ICS malware attack and a VC-backed startup ecosystem in a state of turmoil.
SecurityWeek
Predictions 2023: Big Tech's Coming Security Shopping Spree
The SecurityWeek editorial team looks into the 2023 crystal ball and sees a surge in security acquisitions led by big-tech, a major ICS malware attack and a VC-backed startup ecosystem in a state of turmoil.
SecurityWeek
The Art Exhibition That Fools Facial Recognition Systems
SecurityWeek has compiled a list of tools and other resources that can be useful for defenders concerned about the impact of the Log4Shell vulnerability on their organization.
SecurityWeek
Russia, Ukraine and the Danger of a Global Cyberwar
SecurityWeek has compiled a list of tools and other resources that can be useful for defenders concerned about the impact of the Log4Shell vulnerability on their organization.
SecurityWeek
Can Tech Visionary Elon Musk Spur Cybersecurity Innovation at Twitter?
SecurityWeek has compiled a list of tools and other resources that can be useful for defenders concerned about the impact of the Log4Shell vulnerability on their organization.
DataBreaches
Slovak, Polish Parliaments Hit by Cyberattacks
DataBreaches recently noted a news report that the Slovak parliament had to suspend voting due to a cyberattack. It wasn’t just the Slovak parliament,...
SecurityWeek
Today: 2022 CISO Forum Virtual Event
SecurityWeek's 2022 CISO Forum opens September 13th as a fully immersive virtual conference
SecurityWeek
MOVEit Hack: Number of Impacted Organizations Exceeds 340
The number of entities impacted by the MOVEit hack — either directly or indirectly — exceeds 340 organizations and 18 million individuals.
SecurityWeek
Beyond Identity Becomes Unicorn With $100 Million Series C Funding Round
Beyond Identity has achieved unicorn status after raising $100 million in a Series C funding round led by Evolution Equity Partners.
SecurityWeek
2021 Record Year for Cybersecurity M&A, Financing: Report
2021 was a record year for cybersecurity M&A and financing activity, according to financial advisory firm Momentum Cyber.
SecurityWeek
University of Minnesota Confirms Data Breach, Says Ransomware Not Involved
University of Minnesota confirms data was stolen from its systems, says no malware infection or file encryption has been identified.
SecurityWeek
Insurance Giant Lloyd's of London Investigating Cybersecurity Incident
Insurance giant Lloyd’s of London is investigating a cybersecurity incident that has forced it to disconnect some systems.
SecurityWeek
CISA Says Recent Cisco Router Vulnerabilities Exploited in Attacks
CISA has added 95 security holes to its Known Exploited Vulnerabilities Catalog, including more than 60 flaws affecting Cisco and Microsoft products.
SecurityWeek
OT Security Firm Warns of Safety Risks Posed by Alerton Building System Vulnerabilities
Potentially serious vulnerabilities have been found in a building management system made by Alerton, a brand of industrial giant Honeywell.
SecurityWeek
Ransomware Attack on DNV Ship Management Software Impacts 1,000 Vessels
Norway-based industrial risk management and assurance firm DNV said a recent ransomware attack on its ship management software impacted 1,000 vessels.
SecurityWeek
Ransomware Group Threatens to Leak Data Stolen From Security Firm Entrust
Hackers using the LockBit ransomware have taken credit for the attack on cybersecurity firm Entrust and they are threatening to leak stolen data.
SecurityWeek
FEMA Urges Patching of Emergency Alert Systems, But Some Flaws Remain Unfixed
FEMA has urged organizations to update their emergency alert systems to prevent hackers from issuing EAS alerts, but a researcher says there are no patches for some vulnerabilities.
SecurityWeek
Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption
Researcher shows how DLL hijacking vulnerabilities affecting most ransomware can be exploited to control and terminate the malware before it can encrypt files on compromised systems.
SecurityWeek
Over 100 Building Controllers in Russia Vulnerable to Remote Hacker Attacks
A researcher has found more than 100 building controllers located in Russia that can be hacked remotely from the internet, but he claims his goal is not to cause damage.
SecurityWeek
Cyber Security Takeover May Harm Competition: UK Regulator
NortonLifeLock's planned acquisition of Czech rival Avast for more than $8 billion risks harming competition and could face an in-depth probe, Britain's regulator warned.
SecurityWeek
Data Stolen in Breach at Security Company Entrust
Entrust suffered a data breach last month and the security company has confirmed that the attackers have stolen some files.
SecurityWeek
CISA Informs Organizations of Flaws in Unsupported Industrial Telecontrol Devices
CISA has informed organizations about several potentially serious vulnerabilities affecting IPCOMM ipDIO industrial telecontrol devices that are no longer supported.
SecurityWeek
Microsoft Dismisses False Reports About End of Patch Tuesday
Microsoft has dismissed reports about June 14 being the last Patch Tuesday, clarifying that the rollout of the Windows Autopatch service seems to be causing some confusion.
SecurityWeek
Cyberattack Causes Disruptions at Car Rental Giant Sixt
Sixt, a major car rental company that operates in more than 110 countries, has been targeted in a cyberattack that caused some temporary disruptions.
SecurityWeek
Beyond the Front Lines: How the Israel-Hamas War Impacts the Cybersecurity Industry
Israel's war with Hamas terrorists will inevitably absorb manpower and focus from the cybersecurity sector.
SecurityWeek
CISA Says 'HiveNightmare' Windows Vulnerability Exploited in Attacks
CISA has added 16 new CVEs to its list of known exploited vulnerabilities, including the Windows vulnerability tracked as HiveNightmare, SeriousSam and CVE-2021–36934.
SecurityWeek
University Project Cataloged 1,100 Ransomware Attacks on Critical Infrastructure
The Temple University project that tracks ransomware attacks on critical infrastructure has documented more than 1,100 incidents to date.
DataBreaches
‘JekyllBot:5’ Vulnerabilities Allow Remote Hacking of Hospital Robots
Eduard Kovacs reports: Cybersecurity researchers specializing in healthcare IoT systems have discovered five serious vulnerabilities that can be exploited to...
SecurityWeek
Water Tank Management System Used Worldwide Has Unpatched Security Hole
A Kingspan water tank management system used by organizations worldwide is affected by a critical vulnerability and the vendor does not appear to be willing to patch it.
SecurityWeek
VMware to Absorb Broadcom Security Solutions Following $61 Billion Deal
Broadcom announces acquisition of VMware for $61 billion in cash and stock, and VMware will absorb Broadcom’s security software solutions as part of the deal.
SecurityWeek
Swissport Investigating Ransomware Group's Data Leak Claims
Swissport is investigating claims by the BlackCat/ALPHV ransomware group that it has stolen over one terabyte of data from the company.
DataBreaches
Over 300,000 Internet-Exposed Databases Identified in 2021
Ionut Arghire reports: Cybersecurity firm Group-IB identified more than 91,000 publicly-exposed databases in the first quarter of 2022, significantly more than...
SecurityWeek
Backup Plays Key Role in Ransomware Response, But Not a Complete Solution
The ransomware model continues to evolve, and shows no sign of becoming less profitable for the criminals
SecurityWeek
CISA: Vulnerability in Delta Electronics ICS Software Exploited in Attacks
CISA has added 10 new flaws to its Known Exploited Vulnerabilities Catalog, including one affecting a discontinued Delta Electronics HMI software.
SecurityWeek
CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws
CISA has removed from its KEV catalog five Owl Labs video conferencing flaws that require the attacker to be in Bluetooth range.
SecurityWeek
Cyber Madness Bracket Challenge - Register to Play
SecurityWeek’s Cyber Madness Bracket Challenge brings the community together in a fun, competitive way through the NCAA basketball tournament
SecurityWeek
Many Critical Flaws Patched in Delta Electronics Energy Management System
At least 30 vulnerabilities have been found in the past year in the DIAEnergie industrial energy management system made by Delta Electronics.
SecurityWeek
Microsoft, Okta Investigating Data Theft Claims
The Lapsus$ hacker group claims to have stolen information, including source code and customer data, from Microsoft, LGE and Okta.
SecurityWeek
Hacker Selling Data Allegedly Stolen From Volvo Cars Following Ransomware Attack
A hacker is offering to sell data allegedly stolen from Volvo Cars following an Endurance ransomware attack.
SecurityWeek
45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation
Shadowserver Foundation has seen 45,000 Jenkins instances affected by CVE-2024-23897, which may already be exploited in attacks.
SecurityWeek
Over 30 Countries Take Part in NATO's 'Locked Shields 2022' Cyber Exercise
NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) on Tuesday kicked off the thirteen installment of Locked Shields, its annual live-fire cyber defense exercise.
SecurityWeek
Webinar Tomorrow: Exposing Common Myths of OT Cybersecurity
Webinar: By unveiling the realities of OT cybersecurity, we can cut through the noise and understand challenges associated with protecting critical infrastructure.
SecurityWeek
Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data
Shell confirms that employee personal information has been stolen after the Cl0p ransomware group leaked data
SecurityWeek
Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services
Microsoft PlayReady vulnerabilities that could allow rogue subscribers to illegally download movies from popular streaming services.
SecurityWeek
Webinar Tomorrow: Unpacking the Secure Supply Chain Consumption Framework (S2C2F)
Webinar: Learn how S2C2F can integrate with the SBOM to improve OSS hygiene and fulfill regulatory requirements and customer demands,
SecurityWeek
SecurityWeek's 2023 ICS Cybersecurity Conference Kicks Off in Atlanta
SecurityWeek’s 2023 ICS Cybersecurity Conference kicks off in Atlanta with presentations on a wide range of topics.
SecurityWeek
Weintek Weincloud Vulnerabilities Allowed Manipulation, Damaging of ICS Devices
Several vulnerabilities found in Weintek Weincloud could have allowed hackers to manipulate and damage ICS, including PLCs and field devices.
SecurityWeek
Microsoft Issues Out-of-Band Patch for Flaw Allowing Lateral Movement, Ransomware Attacks
Microsoft has released an out-of-band security update for Endpoint Configuration Manager to patch a vulnerability that could be useful to malicious actors for moving around in a network.
DataBreaches
Albanian IT Staff Charged With Negligence Over Cyberattack
AP reports: Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack...
SecurityWeek
Webinar Today: Applying a Zero Trust Framework to Employee Login Controls
Zero Trust webinar to address challenges and trends organizations face when adopting a zero-trust approach
SecurityWeek
Webinar Tomorrow: The Active Threat Landscape in the Cloud
Webinar provides an overview of active threats targeting common cloud deployments and what security teams can do to mitigate them.
SecurityWeek
Google Completes $5.4 Billion Acquisition of Mandiant
Google has completed its $5.4 billion all-cash acquisition of Mandiant (NASDAQ: MNDT). The deal was originally announced in March 2022.
SecurityWeek
Webinar Today: How to Reduce Cloud Identity Risk
Webinar will address the challenges and best practices for cybersecurity leaders managing cloud identities.
SecurityWeek
AtlasVPN to Patch IP Leak Vulnerability After Public Disclosure
AtlasVPN developers are working on a patch for an IP leak vulnerability after a researcher publicly disclosed the flaw due to being ignored.
SecurityWeek
Cybersecurity M&A Roundup for First Half of September 2023
A dozen cybersecurity-related merger and acquisition M&A deals were announced in the first half of September 2023.
SecurityWeek
Cisco Secure Email Gateway Filters Bypassed Due to Malware Scanner Issue
Some Cisco Secure Email Gateway filters can be bypassed using specially crafted emails, which Cisco says is caused by an issue with McAfee and Sophos malware scanners.
SecurityWeek
Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis
Omron has patched PLC and engineering software vulnerabilities discovered by Dragos during the analysis of ICS malware.
SecurityWeek
Google Patches Chromecast Vulnerabilities Exploited at Hacking Contest
Google has patched several high and moderate-severity Chromecast vulnerabilities demonstrated earlier this year at a hacking competition.
SecurityWeek
Webinar Today: Protect the Software Supply Chain, Eliminate Risks in Code
Webinar will help developers and security teams discover how to detect secrets in code and rectify other critical code related risks
SecurityWeek
ThreatLocker Raises $100 Million for Zero Trust Endpoint Security Solution
Zero Trust endpoint security provider ThreatLocker this week announced that it has raised $100 million in Series C funding, which brings the total investment in the company to $124.4 million.
Loading more articles....