Top 10 API Security Threats for Q3 2023
The two primary takeaways from a new Q3 ‘API Threatstats’ report are: firstly, the number of API vulnerabilities is growing rapidly; and secondly, because of…
Category: SecurityWeek
ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric
Siemens and Schneider Electric’s Patch Tuesday advisories for November 2023 address roughly 90 vulnerabilities affecting their products. Siemens Siemens has released 14 new advisories to…
Radiant Snags $15 Million for AI-Powered SOC Technology
Radiant Security, a San Francisco startup with ambitious plans to modernize SOC (security operations center) technology with AI co-pilots, has attracted $15 million in new…
MySQL Servers, Docker Hosts Infected With DDoS Malware
Attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed denial-of-service (DDoS) attacks, according to a warning from researchers at…
Royal Ransomware Possibly Rebranding After Targeting 350 Organizations Worldwide
The Royal ransomware gang has targeted at least 350 organizations worldwide, with their ransom demands exceeding $275 million, and the cybercriminals may be preparing to…
Google Suing Cybercriminals Who Delivered Malware via Fake Bard Downloads
Google announced on Monday that it’s taking legal action against cybercriminals who delivered malware through websites that told users they could download Bard, the tech…
Hacker Conversations: Chris Wysopal, AKA Weld Pond
Chris Wysopal is the founder and CTO of Veracode, a firm focused on ensuring the development of secure code. Two decades ago, he was better…
Webinar Today: Using Governance and Privilege to Gain Control Over Third-Party Access
Live Webinar: Tuesday, November 14, 2023 at 1PM ET | Register It’s been said “you cannot control the outcome, but you can control the process.”…
PyPI Packages Found to Expose Thousands of Secrets
An analysis of the Python code committed to PyPI packages has revealed the presence of thousands of hardcoded credentials, code security firm GitGuardian warns. Working…
22 Energy Firms Hacked in Largest Coordinated Attack on Denmark’s Critical Infrastructure
Hackers compromised 22 energy organizations in a coordinated attack against Denmark’s critical infrastructure, non-profit cybersecurity center for critical sectors SektorCERT reveals. As part of the…
Dragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third Party
Dragos says it has found no evidence of a data breach after a known ransomware group claimed to have hacked the industrial cybersecurity company’s systems…
Ransomware Group RansomedVC Closes Shop
The ransomware and data extortion group RansomedVC announced plans to shut down the project and sell parts of its infrastructure. RansomedVC has only been around…