SecurityWeek18h
CISA, FBI Urge Organizations to Eliminate Path Traversal Vulnerabilities
CISA and the FBI warn of threat actors abusing path traversal software vulnerabilities in attacks targeting critical infrastructure.
SecurityWeek15h
US Says North Korean Hackers Exploiting Weak DMARC Settings
The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.
SecurityWeek1d
1,400 GitLab Servers Impacted by Exploited Vulnerability
CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched ...
SecurityWeek1d
Russian Hackers Target Industrial Systems in North America, Europe
Government agencies are sharing recommendations following attacks claimed by pro-Russian hacktivists on ICS/OT systems.
SecurityWeek2d
CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen
SecurityWeek discusses cybersecurity leadership with Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent ...
SecurityWeek1d
Ransomware Defense Startup Mimic Raises Hefty $27M Seed Round
A new Silicon Valley startup called Mimic comes out of the shadows with a hefty $27 million seed round led by Ballistic ...
SecurityWeek2d
Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server
Chinese cybersecurity firm QAX XLab uncovered an Android trojan that hides its command-and-control server behind compromised ...
SecurityWeek1d
Deepfake of Principal’s Voice Is the Latest Case of AI Being Used for Harm
Police say a principal from a Maryland high school was framed as racist by a fake recording of his voice using AI-based ...
SecurityWeek1d
White House Issues National Security Memorandum for Critical Infrastructure
The White House has published a national security memorandum focusing on critical infrastructure security and resilience. The ...
SecurityWeek2d
Adobe Adds Content Credentials and Firefly to Bug Bounty Program
Adobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials ...
SecurityWeek4d
Should Cybersecurity Leadership Finally be Professionalized?
Professionalization could be a solution to the increased cybersecurity risk for corporate and national security; and the ...
SecurityWeek3d
UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike
UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee ...