Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) this week issued advisories detailing two unpatched vulnerabilities in Enphase products. An...
Read more →Category: SecurityWeek
DOJ Launches Cyber Unit to Prosecute Nation-State Threat Actors
The United States Department of Justice (DOJ) has created a new litigating section to increase its ability to disrupt and...
Read more →
Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use?
Like all major applications, Google’s Chrome suffers from vulnerabilities. During 2022, SecurityWeek reported on 456 vulnerabilities (averaging 38 per month),...
Read more →
Biden Discusses Risks and Promises of Artificial Intelligence With Tech Leaders in San Francisco
President Joe Biden convened a group of technology leaders on Tuesday to debate what he called the “risks and enormous...
Read more →
VMware Confirms Live Exploits Hitting Just-Patched Security Flaw
Less than two weeks after shipping urgent patches to cover security defects in its Aria Operations for Networks product, VMware...
Read more →
Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps
Researchers at security startup Descope have discovered a major misconfiguration in Microsoft Azure AD OAuth applications and warned that any...
Read more →
Russian APT Group Caught Hacking Roundcube Email Servers
A prolific APT group linked to the Russian government has been caught exploiting security flaws in the open-source Roundcube webmail...
Read more →
Norton Parent Says Employee Data Stolen in MOVEit Ransomware Attack
Gen Digital (NASDAQ: GEN), the company behind known cybersecurity brands such as Avast, Avira, AVG, Norton, and LifeLock, has confirmed...
Read more →
New ‘RDStealer’ Malware Targets RDP Connections
A state-sponsored espionage campaign is leveraging new custom malware to monitor incoming remote desktop protocol (RDP) connections and infect connecting...
Read more →
OT:Icefall: Vulnerabilities Identified in Wago Controllers
Forescout Technologies has disclosed the details of three vulnerabilities impacting operational technology (OT) products from Wago and Schneider Electric. The...
Read more →
Fulfilling Expected SEC Requirements for Cybersecurity Expertise at Board Level
The U.S. Securities and Exchange Commission (SEC) is expected to introduce a rule requiring demonstration of cybersecurity expertise at the...
Read more →
Australian Government Says Its Data Was Stolen in Law Firm Ransomware Attack
The Office of the Australian Information Commissioner (OAIC) says some of its files were stolen in a ransomware attack on...
Read more →