Russia-Linked RomCom Hackers Targeting NATO Summit Guests
As part of a recently identified cyber operation, a Russia-linked threat actor known as RomCom has been targeting entities supporting Ukraine, including guests at the…
Category: SecurityWeek
Apple Ships Urgent iOS Patch for WebKit Zero-Day
Apple on Monday rolled out an urgent software update to its iOS and iPadOS mobile operating systems and warned that zero-day exploitation has already been…
Exploit Code Published for Remote Root Flaw in VMware Logging Software
Virtualization technology giant VMware on Monday warned that exploit code has been publicly released for a pre-authentication remote code execution flaw in its enterprise-facing VMware…
Europe Signs Off on a New Privacy Pact That Allows People’s Data to Keep Flowing to US
The European Union signed off Monday on a new agreement over the privacy of people’s personal information that gets pinged across the Atlantic, aiming to…
TPG to Acquire Forcepoint’s Government Cybersecurity Business Unit
Private equity giant TPG on Monday announced plans to acquire Forcepoint’s Global Governments and Critical Infrastructure (G2CI) business unit in a deal reportedly valued in…
Critical Infrastructure Services Firm Ventia Takes Systems Offline Due to Cyberattack
Critical infrastructure services provider Ventia over the weekend announced that it has taken some of its systems offline to contain a cyberattack. Ventia provides long-term…
A Cybersecurity Wish List Ahead of NATO Summit
As tomorrow’s NATO Summit in Vilnius, Lithuania approaches, SecurityWeek questions what NATO should do about cybersecurity. The Russia/Ukraine conflict offers an historic opportunity to NATO…
Honeywell Boosting OT Cybersecurity Offering With Acquisition of SCADAfence
Industrial giant Honeywell wants to extend its operational technology (OT) cybersecurity portfolio with the acquisition of Tel Aviv, Israel-based OT and IoT security firm SCADAfence.…
PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability
A recently patched vulnerability in Ubiquiti EdgeRouter and AirCube devices could be exploited to execute arbitrary code, vulnerability reporting firm SSD Secure Disclosure warns. Tracked…
Critical Vulnerability Can Allow Takeover of Mastodon Servers
A critical vulnerability in the decentralized social networking platform Mastodon could be exploited to take over servers. The issue was disclosed last week, when Mastodon…
Security Firm Finds Over 130k Internet-Exposed Photovoltaic Diagnostics Systems
More than 130,000 photovoltaic monitoring and diagnostic solutions are accessible from the public internet, which could make them susceptible to cyberattacks, threat intelligence firm Cyble…
OWASP SwSec 5D Tool Provides SDLC Maturity Ratings, Aids Software Supply Chain
The Open Source Foundation for Application Security (OWASP) announced a five-dimensional secure software development maturity reference framework (SwSec 5D) in May 2023. Its function is…