SecurityWeek

Latest IT Security News and Expert Insights Via RSS Feed
  1. Southampton County in Virginia last week started informing individuals that their personal information might have been compromised in a ransomware attack.

    The incident was identified in September, when a threat actor accessed a server at Southampton and encrypted the data that was stored on it.

    read more

  2. Vulnerability researchers at Google Project Zero are calling attention to the ongoing “patch-gap” problem in the Android ecosystem, warning that downstream vendors continue to be tardy at delivering security fixes to Android-powered devices.

    read more

  3. Ireland's data regulator on Monday slapped Facebook owner Meta with a 265-million-euro ($275-million) fine after details of more than half a billion users were leaked on a hacking website.

    read more

  4. A hack-for-hire group known as Bahamut has been targeting Android users with trojanized versions of legitimate VPN applications, ESET reports.

    read more

  5. Interpol on Friday announced the arrest of ten individuals suspected of participation in $800,000 scam and fraud operations with global impact.

    read more

  6. A massive Twitter data breach disclosed a few months ago appears to be bigger than initially reported.

    read more

  7. Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow remote attackers to inject arbitrary commands, bypass existing security protections, or perform cross-site scripting (XSS) attacks.

    read more

  8. An emergency Chrome update that Google announced on Thanksgiving Day addresses an actively exploited zero-day in the popular browser.

    read more

  9. Huawei, ZTE Banned by FCC

    US authorities announced a ban Friday on the import or sale of communications equipment deemed "an unacceptable risk to national security" -- including gear from Chinese giants Huawei Technologies and ZTE.

    read more

  10. The European Parliament website was hit by a cyberattack claimed by pro-Russian hackers Wednesday shortly after lawmakers approved a resolution calling Moscow a "state sponsor of terrorism".

    read more

  11. Security researchers at Proofpoint are calling attention to the discovery of a commercial red-teaming tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors.

    read more

  12. A cross-tenant vulnerability in Amazon Web Services (AWS) could have allowed attackers to abuse AWS AppSync to gain access to resources in an organization’s account.

    read more

  13. Facebook parent Meta has tied a recent influence operation powered by tens of accounts, pages and groups to the United States military.

    read more

  14. Microsoft is warning organizations about the risks associated with the discontinued Boa web server after vulnerabilities affecting the software were apparently exploited by threat actors in an operation aimed at the energy sector.

    read more

  15. The US Cybersecurity and Infrastructure Security Agency (CISA) this week announced the addition of new tools and guidance to the Infrastructure Resilience Planning Framework (IRPF).

    read more

  16. Aurora, a multi-purpose botnet being advertised on underground forums since April, has been adopted by multiple cybercriminals over the past few months, cybersecurity firm Sekoia.io reports.

    read more

  17. Threat detection firm CloudSEK has identified thousands of applications leaking Algolia API keys, and tens of applications with hardcoded admin secrets, which could allow attackers to steal the data of millions of users.

    read more

  18. Researchers at industrial cybersecurity firm Nozomi Networks have discovered more than a dozen vulnerabilities in baseboard management controller (BMC) firmware.

    read more

  19. The Ducktail information stealer has been updated with new capabilities and the threat actors that use it have been expanding their operation, according to WithSecure, formerly known as F-Secure Business.

    read more

  20. Last month, CISA released cross-sector cybersecurity performance goals (CPGs) in response to President Biden’s 2021 National Security Memorandum on improving cybersecurity for critical infrastructure control systems.

    read more

Website Copyright 1998-2022 by PCBest. All Rights Reserved.
we accept credit cards