SecurityWeek
Xerox Versalink Printer Vulnerabilities Enable Lateral Movement
Xerox released security updates to resolve pass-back attack vulnerabilities in Versalink multifunction printers.
The post Xerox Versalink Printer Vulnerabilities Enable Lateral Movement appeared first on SecurityWeek.
Industry Moves for the week of February 17, 2025 - SecurityWeek
SailPoint IPO Signals Bright Spot for Cybersecurity
In a signal move for the cybersecurity sector, identity and access management (IAM) vendor SailPoint has made its return to public markets.
The post SailPoint IPO Signals Bright Spot for Cybersecurity appeared first on SecurityWeek.
Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems
The chief deputy attorney general of the agency sent an email on Wednesday that said nearly all of is computer systems were offline.
The post Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems appeared first on SecurityWeek.
Sean Cairncross is Trump Nominee for National Cyber Director
Former RNC official Sean Cairncross has been nominated for the post of National Cyber Director to streamline the US cybersecurity strategy.
The post Sean Cairncross is Trump Nominee for National Cyber Director appeared first on SecurityWeek.
Rising Tides: Lesley Carhart on Bridging Enterprise Security and OT—and Improving the Human Condition
In the latest edition of “Rising Tides” we talk with Lesley Carhart, Technical Director of Incident Response at Dragos.
The post Rising Tides: Lesley Carhart on Bridging Enterprise Security and OT—and Improving the Human Condition appeared first on SecurityWeek.
Meta Paid Out Over $2.3 Million in Bug Bounties in 2024
Meta received close to 10,000 vulnerability reports and paid out over $2.3 million in bug bounty rewards in 2024.
The post Meta Paid Out Over $2.3 Million in Bug Bounties in 2024 appeared first on SecurityWeek.
In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool
Noteworthy stories that might have slipped under the radar: Google pays $10,000 bug bounty for YouTube vulnerability, Cybereason CEO sues two investors, Otorio launches new OT security tool.
The post In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool appeared first on SecurityWeek.
SonicWall Firewall Vulnerability Exploited After PoC Publication
The exploitation of a recent SonicWall vulnerability has started shortly after proof-of-concept (PoC) code was published.
The post SonicWall Firewall Vulnerability Exploited After PoC Publication appeared first on SecurityWeek.
Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks
China-linked APT Salt Typhoon has been exploiting known vulnerabilities in Cisco devices in attacks on telecom providers in the US and abroad.
The post Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks appeared first on SecurityWeek.
New Windows Zero-Day Exploited by Chinese APT: Security Firm
ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda.
The post New Windows Zero-Day Exploited by Chinese APT: Security Firm appeared first on SecurityWeek.
SGNL Raises $30 Million for Identity Management Solution
Identity management provider SGNL has raised $30 million in a Series A funding round led by Brightmind Partners.
The post SGNL Raises $30 Million for Identity Management Solution appeared first on SecurityWeek.
Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure
Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure.
The post Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure appeared first on SecurityWeek.
Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation
Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product.
The post Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation appeared first on SecurityWeek.
Google Hub in Poland to Develop AI Use in Energy and Cybersecurity Sectors
Poland is being targeted by various forms of cyberattacks and sabotage actions believed to be sponsored by Russia.
The post Google Hub in Poland to Develop AI Use in Energy and Cybersecurity Sectors appeared first on SecurityWeek.
Circuit Board Maker Unimicron Targeted in Ransomware Attack
The Sarcoma ransomware group is threatening to leak data stolen from Taiwanese printed circuit board manufacturer Unimicron.
The post Circuit Board Maker Unimicron Targeted in Ransomware Attack appeared first on SecurityWeek.
CyberArk Expands Identity Security Play with $165M Acquisition of Zilla Security
CyberArk acquires early stage Boston startup Zilla Security for $165M, expanding its identity security and IGA capabilities.
The post CyberArk Expands Identity Security Play with $165M Acquisition of Zilla Security appeared first on SecurityWeek.
DeepSeek Exposes Major Cybersecurity Blind Spot
Millions of uninformed users have flocked to DeepSeek and share personal information without considering security or privacy risks.
The post DeepSeek Exposes Major Cybersecurity Blind Spot appeared first on SecurityWeek.
Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job
A toolset associated with China-linked espionage intrusions was employed in a ransomware attack, likely by a single individual.
The post Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job appeared first on SecurityWeek.
SecurityWeek Analysis: Over 400 Cybersecurity M&A Deals Announced in 2024
An analysis conducted by SecurityWeek shows that 405 cybersecurity-related mergers and acquisitions were announced in 2024.
The post SecurityWeek Analysis: Over 400 Cybersecurity M&A Deals Announced in 2024 appeared first on SecurityWeek.