SecurityWeek7h
US Says North Korean Hackers Exploiting Weak DMARC Settings
The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.
SecurityWeek10h
CISA, FBI Urge Organizations to Eliminate Path Traversal Vulnerabilities
CISA and the FBI warn of threat actors abusing path traversal software vulnerabilities in attacks targeting critical infrastructure.
SecurityWeek1d
Russian Hackers Target Industrial Systems in North America, Europe
Government agencies are sharing recommendations following attacks claimed by pro-Russian hacktivists on ICS/OT systems.
SecurityWeek2d
Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server
Chinese cybersecurity firm QAX XLab uncovered an Android trojan that hides its command-and-control server behind compromised ...
SecurityWeek2d
CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen
SecurityWeek discusses cybersecurity leadership with Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent ...
SecurityWeek1d
1,400 GitLab Servers Impacted by Exploited Vulnerability
CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched ...
SecurityWeek1d
Ransomware Defense Startup Mimic Raises Hefty $27M Seed Round
A new Silicon Valley startup called Mimic comes out of the shadows with a hefty $27 million seed round led by Ballistic ...
SecurityWeek1d
Deepfake of Principal’s Voice Is the Latest Case of AI Being Used for Harm
Police say a principal from a Maryland high school was framed as racist by a fake recording of his voice using AI-based ...
SecurityWeek22h
White House Issues National Security Memorandum for Critical Infrastructure
The White House has published a national security memorandum focusing on critical infrastructure security and resilience. The ...
SecurityWeek2d
UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike
UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee ...
SecurityWeek2d
Adobe Adds Content Credentials and Firefly to Bug Bounty Program
Adobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials ...
SecurityWeek3d
Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues
Microsoft Copilot provides an easy and logical first step into GenAI for many organizations, but beware of the privacy ...