Security Week

Join this one-day virtual summit as we shine the spotlight on the shadowy dynamics of ransomware attacks and how you can best prepare your organization to defend against and recover from these relentless attacks.

The post Virtual Event Tomorrow: Ransomware Resilience & Recovery Summit  appeared first on SecurityWeek.

PuTTY vulnerability CVE-2024-31497 allows attackers to compromise private keys and use them to forge signatures. 

The post Critical PuTTY Vulnerability Allows Secret Key Recovery appeared first on SecurityWeek.

Charles O. Parks III was arrested and charged with defrauding two cloud-services providers of $3.5 million.

The post Cryptojacker Arrested, Charged for Defrauding Cloud Providers of $3.5 Million appeared first on SecurityWeek.

Cloud security specialists found data exposure risk associated with Azure, AWS, and Google Cloud command-line tools.

The post Cloud Users Warned of Data Exposure Risk From Command-Line Tools appeared first on SecurityWeek.

Kevin O’Connor knew he was a hacker by the time he was in Middle School. He went on to work for the NSA and is now director of threat research at Adlumin.

The post Hacker Conversations: Kevin O’Connor, From Childhood Hacker to NSA Operative appeared first on SecurityWeek.

The RansomHub group has started leaking information allegedly stolen from Change Healthcare in February 2024.

The post Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare appeared first on SecurityWeek.

Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves.

The post You Against the World: The Offenders Dilemma appeared first on SecurityWeek.

Omni Hotels says customer information was compromised in a cyberattack claimed by the Daixin Team ransomware group.

The post Omni Hotels Says Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek.

PAM company Delinea over the weekend rushed to patch a critical authentication bypass vulnerability after it apparently ignored the researcher who found the flaw.

The post Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt appeared first on SecurityWeek.

Cisco Duo warns that breach exposed phone numbers, phone carriers, metadata and other logs that could lead to downstream social engineering attacks.

The post Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs appeared first on SecurityWeek.

NightVision, an early stage startup in the application security testing space, has raised $5.4 million in seed funding.

The post NightVision Raises $5.4 Million for Application Security Testing appeared first on SecurityWeek.

The Dark Angels (Dunghill) ransomware group claims to have stolen 1 Tb of data from Nexperia, which is investigating the incident.

The post Ransomware Group Claims Theft of Data From Chipmaker Nexperia  appeared first on SecurityWeek.

Juniper Networks patches dozens of vulnerabilities in Junos OS, Junos OS Evolved, and other products.

The post Juniper Networks Publishes Dozens of New Security Advisories appeared first on SecurityWeek.

ICS malware Fuxnet allegedly used by Ukrainian Blackjack group to disrupt industrial sensors and other systems belonging to a Moscow infrastructure firm.

The post Destructive ICS Malware ‘Fuxnet’ Used by Ukraine Against Russian Infrastructure appeared first on SecurityWeek.

Authorities in Australia and the US have arrested and charged two individuals for developing and selling the Hive RAT.

The post Two People Arrested in Australia and US for Development and Sale of Hive RAT appeared first on SecurityWeek.

Former security engineer Shakeeb Ahmed was sentenced to prison for hacking and defrauding cryptocurrency exchanges.

The post Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges appeared first on SecurityWeek.

Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus. 

The post Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge appeared first on SecurityWeek.

The bill was approved on a bipartisan basis, 273-147, though it will still have to clear the Senate to become law.

The post House Passes Reauthorization of Key US Surveillance Program After Days of Upheaval Over Changes appeared first on SecurityWeek.

A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks.

The post State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls appeared first on SecurityWeek.

Financial terms of the translation were not disclosed but reports out of Tel Aviv valued the deal in the range of $350 million.

The post Wiz Acquires Gem Security, Pushes Security Tools Consolidation appeared first on SecurityWeek.