SecurityWeek

Latest IT Security News and Expert Insights Via RSS Feed
  1. A cyberespionage group active since at least 2019 started exploiting ProxyLogon one day after the Microsoft Exchange vulnerability was publicly disclosed, ESET security researchers say.

    read more

  2. Financially motivated threat actors have started using new code signing tricks to increase the chances of their software evading detection on Windows systems, Google’s Threat Analysis Group reported on Thursday.

    read more

  3. SonicWall has published a security advisory and a security notice to inform customers about a critical vulnerability affecting some of its Secure Mobile Access (SMA) appliances.

    read more

  4. South Korean electronics giant LG Electronics on Thursday announced plans to acquire Israel-based automotive cybersecurity company Cybellum for roughly $240 million.

    read more

  5. The United States Cybersecurity and Infrastructure Security Agency (CISA) on Thursday announced that it’s asking for public feedback on new IPv6 guidance for federal agencies.

    read more

  6. A major U.S. port was the target last month of suspected nation-state hackers, according to officials.

    The Port of Houston, a critical piece of infrastructure along the Gulf Coast, issued a statement Thursday saying it had successfully defended against an attempted hack in August and “no operational data or systems were impacted.”

    read more

  7. Cloud application and security solutions provider F5 this week announced that it has agreed to acquire threat detection firm Threat Stack for $68 million in cash. 

    Threat Stack provides a platform that monitors cloud, hybrid cloud, multi-cloud, and containerized environments, and can automatically correlate events to identify suspicious activity.

    read more

  8. Over the past year, two things have become clear. First, the network infrastructure organizations need to operate in today’s increasingly digital world will continue to evolve. And second, rather than “returning to normal,” the future will be even more fragmented than ever. Users will need faster access to a growing number of applications and resources deployed across an increasingly distributed infrastructure. Those applications will continue to deliver richer and more complex data.

    read more

  9. Apple on Thursday confirmed a new zero-day exploit hitting older iPhones and warned that the security vulnerability also affects the macOS Catalina platform.

    read more

  10. Cyber insurance is a new branch of an old industry. That industry has centuries of experience in insuring shipping and a hundred or more years of insuring motor cars -- but only a few decades of cyber knowledge. It has comparatively little knowledge of either cyber risk or the financial insurance risk – and nobody yet knows where this new journey will take it.

    read more

  11. Client-side web security provider Jscrambler on Thursday announced that a $15 million Series A financing round led by Ace Capital Partners. Existing investors Sonae IM and Portugal Ventures also participated.

    read more

  12. A U.S.-based private cybersecurity company said Wednesday it has uncovered evidence that an Indian media conglomerate, a police department and the agency responsible for the country’s national identification database have been hacked, likely by a state-sponsored Chinese group.

    read more

  13. Apple this week announced that it has deprecated the Transport Layer Security (TLS) 1.0 and 1.1 legacy encryption protocols from the latest iterations of its mobile and desktop platforms.

    Critical for the security of web traffic, TLS ensures the confidentiality and integrity of data being transmitted between servers and clients.

    read more

  14. Third-party risk management solutions provider Panorays on Thursday announced raising $42 million in a Series B funding round.

    read more

  15. Cisco this week announced the availability of patches for a series of critical vulnerabilities in IOS XE software that could be exploited to execute arbitrary code remotely, cause denial of service, or manipulate device configuration.

    read more

  16. The internet is already being scanned for VMware vCenter servers affected by CVE-2021-22005, a critical vulnerability for which the virtualization giant announced patches just a couple of days ago.

    read more

  17. Threat actors have targeted Russian government organizations with malicious documents designed to exploit the recently patched MSHTML zero-day flaw in Microsoft Office, security researchers with Malwarebytes reveal.

    read more

  18. Facebook said Wednesday that Apple's iPhone privacy changes, which allow users to block tracking, significantly affected its advertising revenues because less data could be collected.

    read more

  19. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA have issued a joint alert to warn organizations about an increase in cyberattacks involving the Conti ransomware. The alert comes just as another major farming cooperative confirmed being hit by ransomware.

    read more

  20. Lithuanian cybersecurity experts are urging the country’s government agencies to abandon the use of Chinese smartphone brands after an investigation identified security vulnerabilities and censorship concerns with certain devices.

    read more

Website Copyright 1998-2021 by PCBest. All Rights Reserved.
we accept credit cards