DHS Launches New Critical Infrastructure Security and Resilience Campaign
The DHS and two of its agencies, CISA and FEMA, on Tuesday announced the launch of a new campaign whose goal is to help critical…
Category: SecurityWeek
Offense Intended: How Adversarial Emulation Went From State Secret To Board Bullet Point
Offensive security as a category has blown past its tipping point, to where it’s in danger of becoming one of those overused terms that means…
Sumo Logic Urges Users to Change Credentials Due to Security Breach
Cloud monitoring, log management, and SIEM tools provider Sumo Logic is urging customers to change credentials following the discovery of a security breach. The company…
FBI Highlights Emerging Initial Access Methods Used by Ransomware Groups
The FBI has released a fresh warning on ransomware operators compromising third-party vendors and services to abuse them for initial access to victim environments. Threat…
Marina Bay Sands Discloses Data Breach Impacting 665k Customers
Singapore’s Marina Bay Sands luxury resort revealed on Tuesday that 665,000 of its customers are impacted by a recent data breach. The incident affects Marina…
Dropper Service Bypassing Android Security Restrictions to Install Malware
A recently identified dropper-as-a-service (DaaS) uses a novel technique to bypass Android’s security restrictions for payload delivery, online fraud detection firm ThreatFabric reports. Dubbed ‘SecuriDropper’,…
Data Brokers Expose Sensitive US Military Member Info to Foreign Threat Actors: Study
Foreign threat actors can easily obtain sensitive information on US military members from data brokers, according to a new Duke University study whose results were…
Critical Vulnerabilities Expose Veeam ONE Software to Code Execution
Veeam Software has rolled out patches for four severe security vulnerabilities that expose users of its Veeam ONE product to remote code execution attacks The…
Federal Push for Secure-by-Design: What It Means for Developers
Secure-by-design as a requirement is coming. Developers should start preparing for it now. The March 2023 National Cybersecurity Strategy (NCS) includes, “In setting cybersecurity regulations…
Free Tool Helps Industrial Organizations Find OPC UA Vulnerabilities
A free tool helps industrial organizations find OPC UA (Open Platform Communications United Architecture) misconfigurations and vulnerabilities that could expose them to cyberattacks. OPC UA…
New MacOS Malware Linked to North Korean Hackers
A new macOS malware probably used by North Korean hackers to target crypto exchanges has been found by security firm Jamf. The group behind the…
Myrror Security Emerges From Stealth Mode With $6 Million in Funding
Israeli application security startup Myrror Security today emerged from stealth mode with $6 million in funding from Blumberg Capital and Entrée Capital. Founded in 2022…