CISOs’ New Stressors Brought on by Digitalization: Report
Whether cloud migration is a cause or effect of digitalization, it is nevertheless a major part of the journey currently being taken by business. Cloud…
Category: SecurityWeek
Kaspersky Dissects Spyware Used in iOS Zero-Click Attacks
Russian anti-malware vendor Kaspersky has analyzed the spyware implant deployed as part of recent zero-click iMessage attack that targeted iOS-powered devices in its corporate network.…
Cooperation or Competition? China’s Security Industry Sees the US, Not AI, as the Bigger Threat
After years of breakneck growth, China’s security and surveillance industry is now focused on shoring up its vulnerabilities to the United States and other outside…
Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites
Web application security firm Defiant warns of critical-severity authentication bypass vulnerabilities in two WordPress plugins with tens of thousands of installations. The first security defect,…
Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) this week issued advisories detailing two unpatched vulnerabilities in Enphase products. An American energy technology company, Enphase…
DOJ Launches Cyber Unit to Prosecute Nation-State Threat Actors
The United States Department of Justice (DOJ) has created a new litigating section to increase its ability to disrupt and prosecute nation-state threat actors and…
Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use?
Like all major applications, Google’s Chrome suffers from vulnerabilities. During 2022, SecurityWeek reported on 456 vulnerabilities (averaging 38 per month), including nine zero-days. The high…
Biden Discusses Risks and Promises of Artificial Intelligence With Tech Leaders in San Francisco
President Joe Biden convened a group of technology leaders on Tuesday to debate what he called the “risks and enormous promises” of artificial intelligence. The…
VMware Confirms Live Exploits Hitting Just-Patched Security Flaw
Less than two weeks after shipping urgent patches to cover security defects in its Aria Operations for Networks product, VMware says hackers have started launching…
Researchers Flag Account Takeover Flaw in Microsoft Azure AD OAuth Apps
Researchers at security startup Descope have discovered a major misconfiguration in Microsoft Azure AD OAuth applications and warned that any business using ‘Log in with…
Russian APT Group Caught Hacking Roundcube Email Servers
A prolific APT group linked to the Russian government has been caught exploiting security flaws in the open-source Roundcube webmail software to spy on organizations…
Norton Parent Says Employee Data Stolen in MOVEit Ransomware Attack
Gen Digital (NASDAQ: GEN), the company behind known cybersecurity brands such as Avast, Avira, AVG, Norton, and LifeLock, has confirmed that employee’s personal information was…