Category: securityweek

French organizers said “the summit aims at promoting an ambitious French and European AI strategy” as advances in the sector have been led by the U.S. and China. The post Trump’s AI Ambition and China’s DeepSeek Overshadow an AI Summit…

Read more →

A critical vulnerability found in Orthanc servers can pose a serious risk to medical data and healthcare operations. The post Orthanc Server Vulnerability Poses Risk to Medical Data, Healthcare Operations appeared first on SecurityWeek. This article has been indexed from…

Read more →

HPE is notifying an unknown number of individuals that Russian hackers accessed their personal information in a December 2023 attack. The post HPE Says Personal Information Stolen in 2023 Russian Hack appeared first on SecurityWeek. This article has been indexed…

Read more →

Memorial Hospital and Manor says 120,000 people had their personal information stolen in a November 2024 ransomware attack. The post Information of 120,000 Stolen in Ransomware Attack on Georgia Hospital appeared first on SecurityWeek. This article has been indexed from…

Read more →

News analysis: The big AI platforms are emerging as frontline early warning systems, detecting nation-state hackers at the outset of their campaigns. Can this help save the threat intel industry? The post Can AI Early Warning Systems Reboot the Threat…

Read more →

Explore industry moves and significant changes in the industry for the week of February 10, 2025. Stay updated with the latest industry trends and shifts. This article has been indexed from SecurityWeek Read the original article: Industry Moves for the…

Read more →

SolarWinds will become a privately held company following its acquisition by Turn/River Capital for $4.4 billion in cash.  The post SolarWinds Taken Private in $4.4 Billion Turn/River Capital Acquisition appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

ThreatMate has raised $3.2 million in seed funding for its AI-powered attack surface management solution for MSPs. The post ThreatMate Raises $3.2 Million for Attack Surface Management Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

Noteworthy stories that might have slipped under the radar: NanoLock Security ceases operations, NSO publishes transparency report, cybersecurity salaries data.   The post In Other News: Cybersecurity Salaries, NanoLock Collapse, NSO Transparency Report appeared first on SecurityWeek. This article has been…

Read more →

Hospital Sisters Health System says the personal information of 883,000 individuals was compromised in a 2023 crippling cyberattack. The post Information of 883,000 Stolen in Crippling Attack on Hospital Sisters Health System appeared first on SecurityWeek. This article has been…

Read more →

UK engineering firm IMI says it suffered a cyberattack that resulted in unauthorized access to some of its systems. The post UK Engineering Giant IMI Hit by Cyberattack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

University Diagnostic Medical Imaging and Allegheny Health Network have disclosed data breaches impacting approximately 430,000 patients. The post 430,000 Impacted by Data Breaches at New York, Pennsylvania Healthcare Organizations appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware. The post Trimble Cityworks Customers Warned of Zero-Day Exploitation appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

A bipartisan duo in the the U.S. House is proposing legislation to ban the Chinese artificial intelligence app DeepSeek from federal devices. The post House Lawmakers Push to Ban AI App DeepSeek From US Government Devices appeared first on SecurityWeek.…

Read more →

Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications. The post 1,000 Apps Used in Malicious Campaign Targeting Android Users in India appeared first on SecurityWeek.…

Read more →

Astra Security and Invary have received new funding to fuel development of their vulnerability scanning and runtime security solutions. The post Astra, Invary Raise Millions for AI-Powered Pentesting, Runtime Security appeared first on SecurityWeek. This article has been indexed from…

Read more →

Spanish authorities have arrested an individual who allegedly hacked several high-profile organizations, including NATO and the US army. The post Hacker Who Targeted NATO, US Army Arrested in Spain appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Five Eyes cybersecurity agencies have released guidance on securing edge devices against increasing threats. The post Five Eyes Agencies Release Guidance on Securing Edge Devices appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Read more →

The blame of security incidents may be shared—but the burden of response always falls on the security team. Here’s how to prepare for the inevitable. The post Security Teams Pay the Price: The Unfair Reality of Cyber Incidents appeared first…

Read more →

Critical vulnerabilities in Cisco Identity Services Engine could lead to elevation of privileges and  system configuration modifications. The post Cisco Patches Critical Vulnerabilities in Enterprise Management Product appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

7AI has launched an agentic security platform, which uses AI agents to handle repetitive tasks. The post 7AI Launches With $36 Million in Seed Funding for Agentic Security Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

7AI has launched an agentic security platform, which uses AI agents to handle repetitive tasks, and raised $36 million in seed funding. The post 7AI Raises $36 Million in Seed Funding for Agentic Security Platform appeared first on SecurityWeek. This…

Read more →

San Francisco application security startup raises $100 million in a Series D funding round led by Menlo Ventures.  The post Semgrep Raises $100M for AI-Powered Code Security Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

With each passing year, social engineering attacks are becoming bigger and bolder thanks to rapid advancements in artificial intelligence. The post How Agentic AI will be Weaponized for Social Engineering Attacks appeared first on SecurityWeek. This article has been indexed…

Read more →

Explore industry moves and significant changes in the industry for the week of February 3, 2025. Stay updated with the latest industry trends and shifts. This article has been indexed from SecurityWeek Read the original article: Industry Moves for the…

Read more →

David Kennedy is a hacker. There is no doubt about that. He has qualities common among hackers, but also many differences. The post Hacker Conversations: David Kennedy – an Atypical Typical Hacker appeared first on SecurityWeek. This article has been…

Read more →

Just as OT technology differs from IT technology, the threats, likely adversaries, and potential harm also differ. The post Cyber Insights 2025: OT Security appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Cyber…

Read more →

A significant number of cybersecurity-related merger and acquisition (M&A) deals announced in January 2025.  The post Cybersecurity M&A Roundup: 45 Deals Announced in January 2025 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Read more →

Riot has raised $30 million in Series B funding for a platform that helps employees improve their cybersecurity posture. The post Riot Raises $30 Million for Employee Cybersecurity Solution appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Russian threat groups have been observed exploiting a zero-day vulnerability in 7-Zip against Ukrainian entities. The post Russian Hackers Exploited 7-Zip Zero-Day Against Ukraine appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Russian…

Read more →

Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities. The post Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Chrome…

Read more →

Join this panel of CISOs and threat-intel professionals for a deep-dive on aligning incident response and threat intelligence with broader business objectives. The post Webinar Today: Defenders on the Frontline – Incident Response and Threat Intel Under the Microscope  appeared…

Read more →

CISA has added CVE-2024-29059, a flaw affecting Microsoft .NET, to its Known Exploited Vulnerabilities catalog. The post CISA Issues Exploitation Warning for .NET Vulnerability appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: CISA…

Read more →

Multiple Zyxel legacy DSL CPE products are affected by exploited zero-day vulnerabilities that will not be patched. The post Zyxel Issues ‘No Patch’ Warning for Exploited Zero-Days appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Sophos has completed its $859 million all-cash acquisition of SecureWorks. The post Sophos Completes Acquisition of Secureworks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Sophos Completes Acquisition of Secureworks

Read more →

The number of vulnerabilities first reported as exploited surged last year amid a decrease in zero-day reports. The post Exploitation of Over 700 Vulnerabilities Came to Light in 2024 appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

AMD has released patches for a microprocessor vulnerability found by Google that could allow an attacker to load malicious microcode. The post AMD Patches CPU Vulnerability That Could Break Confidential Computing Protections appeared first on SecurityWeek. This article has been…

Read more →

AMD has released patches for a microprocessor vulnerability that could allow an attacker to load malicious microcode. The post AMD Patches CPU Vulnerability Found by Google appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

Food delivery firm GrubHub has disclosed a data breach impacting the personal information of drivers and customers. The post Personal Information Compromised in GrubHub Data Breach appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

There has never been a single job description for the CISO – the role depends upon each company, its maturity, its size and resources, and the risk tolerance of boards. The post Cyber Insights 2025: The CISO Outlook appeared first…

Read more →

The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild. The post Vulnerability Patched in Android Possibly Exploited by Forensic Tools appeared first on SecurityWeek. This article has been indexed…

Read more →

DeepSeek’s susceptibility to jailbreaks has been compared by Cisco to other popular AI models, including from Meta, OpenAI and Google. The post DeepSeek Compared to ChatGPT, Gemini in AI Jailbreak Test appeared first on SecurityWeek. This article has been indexed…

Read more →

Vietnamese cybercrime gang shifts from credit card-skimming to exploiting at least two zero-day vulnerabilities enterprise software product. The post XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits appeared first on SecurityWeek. This article has been indexed…

Read more →

2025 is an important year – it is probably our last chance to start our migration to post quantum cryptography before we are all undone by cryptographically relevant quantum computers. The post Cyber Insights 2025: Quantum and the Threat to…

Read more →

Hundreds of thousands have been impacted by data breaches at Asheville Eye Associates and Delta County Memorial Hospital District. The post Hundreds of Thousands Hit by Data Breaches at Healthcare Firms in Colorado, North Carolina appeared first on SecurityWeek. This…

Read more →

A threat actor has infected Casio UK’s website with a web skimmer on all pages, except the typical checkout page. The post Casio Website Infected With Skimmer  appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Insurance firm Globe Life says a threat actor may have compromised the personal information of roughly 850,000 individuals. The post Insurance Company Globe Life Notifying 850,000 People of Data Breach appeared first on SecurityWeek. This article has been indexed from…

Read more →

Explore industry moves and significant changes in the industry for the week of February 3, 2025. Stay updated with the latest industry trends and shifts. This article has been indexed from SecurityWeek Read the original article: Industry Moves for the…

Read more →

Community Health Center, Inc. says hackers stole the personal and health information of over one million individuals. The post 1 Million Impacted by Data Breach at Connecticut Healthcare Provider appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

“Texas will not allow the Chinese Communist Party to infiltrate our state’s critical infrastructure through data-harvesting AI and social media apps,” Abbott said. The post Texas Governor Orders Ban on DeepSeek, RedNote for Government Devices appeared first on SecurityWeek. This…

Read more →

Noteworthy stories that might have slipped under the radar: stealing browser data via Syncjacking, hackers falsely claim AWS breach, Google prevented 2 million bad apps from reaching Google Play.  The post In Other News: Browser Syncjacking, Fake AWS Hack, Google…

Read more →

Italy’s data protection authority expressed dissatisfaction with DeepSeek’s response to its query about what personal data is collected, where it is stored and how users are notified. The post Italy Blocks Access to the Chinese AI Application DeepSeek to Protect…

Read more →

US and Dutch authorities seized 39 domains to disrupt a network of hacking and fraud marketplaces operated by Saim Raza. The post US, Dutch Authorities Disrupt Pakistani Hacking Shop Network appeared first on SecurityWeek. This article has been indexed from…

Read more →

Two individuals have been arrested and one alleged admin has been charged in the takedown of the Nulled and Cracked cybercrime forums. The post 2 Arrested in Takedown of Nulled, Cracked Hacking Forums appeared first on SecurityWeek. This article has…

Read more →

New York Blood Center Enterprises and its operating divisions have taken systems offline to contain a ransomware attack. The post New York Blood Bank Hit by Ransomware appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

CISA and FDA say Contec patient monitors used in the US contain a backdoor function that could allow remote attackers to tamper with the device. The post CISA, FDA Warn of Dangerous Backdoor in Contec Patient Monitors appeared first on…

Read more →

Different research teams have demonstrated jailbreaks against ChatGPT, DeepSeek, and Alibaba’s Qwen AI models.  The post ChatGPT, DeepSeek Vulnerable to AI Jailbreaks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: ChatGPT, DeepSeek Vulnerable…

Read more →

NorthBay Health says hackers stole the personal information of 569,000 individuals in a 2024 ransomware attack. The post NorthBay Health Data Breach Impacts 569,000 Individuals appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Read more →

Clutch Security has raised $20 million in a Series A funding round led by SignalFire to secure non-human identities. The post Clutch Security Raises $20 Million for Non-Human Identity Protection Platform appeared first on SecurityWeek. This article has been indexed…

Read more →

What challenges will the new administration face and what might President Trump’s record on cybersecurity indicate about the likely approach in 2025 and beyond? The post Trump Administration Faces Security Balancing Act in Borderless Cyber Landscape appeared first on SecurityWeek.…

Read more →

The lawsuit said that the combination of businesses would eliminate competition, raise prices and reduce innovation. The post Justice Department Sues to Block $14 Billion Juniper Buyout by Hewlett Packard Enterprise appeared first on SecurityWeek. This article has been indexed…

Read more →

VMWare calls attention to patches for multiple ‘high-risk’ security defects in its Aria Operations and Aria Operations for Logs products. The post VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products appeared first on SecurityWeek. This article has been indexed…

Read more →

Backed by SYN Ventures, Conifers.ai plans to use “agentic AI” technology to tackle complex security operations center (SOC) problems. The post Conifers.ai Scores $25M Investment for Agentic AI SOC Technology appeared first on SecurityWeek. This article has been indexed from…

Read more →

Valence Security and Endor Labs have introduced extensions to their existing platforms specifically to tackle the invisibility and wrongful use of Shadow AI. The post Taming Shadow AI: Valence Security, Endor Labs Unveil New Protections to Counter Hidden AI Threats appeared…

Read more →

Backline has emerged from stealth mode with an autonomous security remediation platform and $9 million in seed funding. The post Backline Emerges From Stealth With $9M in Funding for Vulnerability Remediation Platform appeared first on SecurityWeek. This article has been…

Read more →

Better risk management could lead to reduced premiums on top of value for money, making cyberinsurance a silent driver for improved cybersecurity. The post Cyber Insights 2025: Cyberinsurance – The Debate Continues appeared first on SecurityWeek. This article has been…

Read more →

Seraphic Security banks $29 million investment as VCs remain bullish on startups with security-themed browsers for corporate defenders. The post Seraphic Attracts $29M Investment to Chase Enterprise Browser Business appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

President Donald Trump has yet to name anyone to lead the U.S. Cybersecurity and Infrastructure Security. The post US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration appeared first on SecurityWeek. This article has been indexed…

Read more →

TeamViewer has released patches for a high-severity elevation of privilege vulnerability in its client and host applications for Windows. The post TeamViewer Patches High-Severity Vulnerability in Windows Applications appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

Maryland healthcare provider Frederick Health has taken some of its systems offline in response to a ransomware attack. The post Frederick Health Hit by Ransomware Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

Law firm Berman & Rabin says 152,000 people are impacted by a data breach resulting from a July 2024 ransomware attack. The post 152,000 Impacted by Data Breach at Berman & Rabin appeared first on SecurityWeek. This article has been…

Read more →

An unprotected database belonging to Chinese AI company DeepSeek exposed highly sensitive information, including chat history, secret keys, and backend data. The post Unprotected DeepSeek Database Exposed Chats, Other Sensitive Information appeared first on SecurityWeek. This article has been indexed…

Read more →

GreyNoise reports active exploitation of a newly discovered zero-day vulnerability in Zyxel CPE devices. There are no patches available. The post New Zyxel Zero-Day Under Attack, No Patch Available appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

Oligo Security has raised $50 million in Series B funding for its application detection and response (ADR) platform. The post Oligo Raises $50M to Tackle Application Detection and Response appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

New CPU side-channel attacks named SLAP and FLOP can be exploited to remotely steal data from Apple mobile and desktop devices.  The post New SLAP and FLOP CPU Attacks Expose Data From Apple Computers, Phones appeared first on SecurityWeek. This…

Read more →

The Mirai-based Aquabot botnet has been targeting a vulnerability in Mitel SIP phones for which a proof-of-concept (PoC) exploit exists. The post Aquabot Botnet Targeting Vulnerable Mitel Phones appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

Engineering firm Smiths Group has disclosed a cyberattack that forced it to take some systems offline and activate business continuity plans. The post Smiths Group Scrambling to Restore Systems Following Cyberattack appeared first on SecurityWeek. This article has been indexed…

Read more →

Rockwell Automation has released six new security advisories to inform customers about several critical and high-severity vulnerabilities. The post Rockwell Patches Critical, High-Severity Vulnerabilities in Several Products appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Threat actors have been exploiting SimpleHelp remote access software shortly after the disclosure of three vulnerabilities. The post SimpleHelp Remote Access Software Exploited in Attacks appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Read more →

Frenos, a company that has developed an autonomous OT security assessment platform, has raised $3.88 million in seed funding.  The post Frenos Raises $3.88M in Seed Funding for OT Security Assessment Platform appeared first on SecurityWeek. This article has been…

Read more →

VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access. The post VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer appeared first on SecurityWeek.…

Read more →

The investment includes equity and debt from new investors Qualcomm Ventures, Pavilion Capital, Singtel Innov8, and Sixty Degree Capital.  The post Eclypsium Eyes Global Expansion with $45 Million Series C Investment appeared first on SecurityWeek. This article has been indexed…

Read more →

Hackers stole more than $85 million in crypto assets from hot wallets at cryptocurrency exchange Phemex. The post Hackers Drain Over $85 Million From Crypto Exchange Phemex appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

The European Union has added three Russian nationals to its sanctions list for their involvement in cyberattacks against Estonia. The post European Union Sanctions Russian Nationals for Hacking Estonia appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

China’s DeepSeek blamed sign-up disruptions on a cyberattack as researchers started finding vulnerabilities in the R1 AI model.  The post DeepSeek Blames Disruption on Cyberattack as Vulnerabilities Emerge appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

ENGlobal has informed the SEC that personal information was compromised in a November 2024 ransomware attack. The post ENGlobal Says Personal Information Accessed in Ransomware Attack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

SonicWall has confirmed that an SMA 1000 zero-day tracked as CVE-2025-23006 has been exploited in the wild. The post SonicWall Confirms Exploitation of New SMA Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

Apple has released fixes for dozens of vulnerabilities in its mobile and desktop products, including an iOS zero-day exploited in attacks. The post Apple Patches First Exploited iOS Zero-Day of 2025 appeared first on SecurityWeek. This article has been indexed…

Read more →

UK telecoms firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about hacking it. The post TalkTalk Confirms Data Breach, Downplays Impact appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

Cybersecurity regulations are facing a tipping point. There are too many and they are too complex to manage – and it’s getting worse. The post Cyber Insights 2025: Cybersecurity Regulatory Mayhem appeared first on SecurityWeek. This article has been indexed…

Read more →

Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool. The post Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST appeared first on SecurityWeek. This article has been…

Read more →

Industrial automation protocols continue to be the most targeted in OT attacks, but building automation systems have been increasingly targeted.  The post Building Automation Protocols Increasingly Targeted in OT Attacks: Report appeared first on SecurityWeek. This article has been indexed…

Read more →

Vulnerabilities in Git’s credential retrieval protocol could have allowed attackers to compromise user credentials. The post Git Vulnerabilities Led to Credentials Exposure appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Git Vulnerabilities Led…

Read more →

Explore industry moves and significant changes in the industry for the week of January 27, 2025. Stay updated with the latest industry trends and shifts. This article has been indexed from SecurityWeek Read the original article: Industry Moves for the…

Read more →

The impact of the Change Healthcare ransomware-caused data breach has increased from 100 million to 190 million individuals. The post Change Healthcare Data Breach Impact Grows to 190 Million Individuals appeared first on SecurityWeek. This article has been indexed from…

Read more →

A vulnerability in Subaru’s Starlink connected vehicle service exposed US, Canada, and Japan vehicle and customer accounts. The post Subaru Starlink Vulnerability Exposed Cars to Remote Hacking appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

North Korean fake IT workers are more aggressively extorting their employers in response to law enforcement actions. The post North Korean Fake IT Workers More Aggressively Extorting Enterprises appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to North Korea. The post US Charges Five People Over North Korean IT Worker Scheme appeared first on SecurityWeek. This article has…

Read more →

CISA has added the JQuery flaw CVE-2020-11023, previously linked to APT1, to its Known Exploited Vulnerabilities (KEV) catalog.   The post CISA Warns of Old jQuery Vulnerability Linked to Chinese APT appeared first on SecurityWeek. This article has been indexed from…

Read more →

Business resilience must be the ultimate purpose of all the security controls and processes we employ, because we will never conclusively defeat or protect ourselves from social engineering. The post Cyber Insights 2025: Social Engineering Gets AI Wings appeared first…

Read more →