Category: SecurityWeek

Patch Tuesday: Critical Flaws in Adobe Commerce Software
25
Sep
2023

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

A critical vulnerability in the TeamCity CI/CD server could be exploited remotely, without authentication, to execute arbitrary code and gain…

Patch Tuesday: Critical Flaws in Adobe Commerce Software
24
Sep
2023

Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware

A leading Egyptian opposition politician was targeted with spyware after announcing a presidential bid, security researchers reported Friday. They said…

Cybersecurity news roundup
22
Sep
2023

In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under…

Patch Tuesday: Critical Flaws in Adobe Commerce Software
22
Sep
2023

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

The Known Exploited Vulnerabilities (KEV) Catalog maintained by the US cybersecurity agency CISA has led to significant improvements in federal…

China
22
Sep
2023

China’s Offensive Cyber Operations in Africa Support Soft Power Efforts

Chinese state-sponsored threat groups have targeted telecommunications, financial and government organizations in Africa in support of Beijing’s soft power agenda…

Patch Tuesday: Critical Flaws in Adobe Commerce Software
22
Sep
2023

Air Canada Says Employee Information Accessed in Cyberattack

Air Canada, the largest airline in the country, this week announced that the personal information of some employees was accessed…

Patch Tuesday: Critical Flaws in Adobe Commerce Software
22
Sep
2023

BIND Updates Patch Two High-Severity DoS Vulnerabilities

The Internet Systems Consortium (ISC) has released security updates to address two remotely exploitable denial-of-service (DoS) vulnerabilities in the DNS…

SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
22
Sep
2023

SANS Survey Shows Drop in 2023 ICS/OT Security Budgets

A survey conducted by the SANS Institute shows that the budgets allocated by organizations for the security of industrial control…

New iOS exploit blamed on US intelligence
22
Sep
2023

Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones

Apple announced on Thursday that its latest operating system updates patch three new zero-day vulnerabilities. Based on the previous work…

Sandman APT
21
Sep
2023

New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware

A new and mysterious APT group has been spotted targeting telco service providers in Europe and Asia as part of…

Car vulnerability analysis
21
Sep
2023

Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade

Research-focused security services provider IOActive has conducted an analysis of car vulnerability trends over the past decade and determined that…

Patch Tuesday: Critical Flaws in Adobe Commerce Software
21
Sep
2023

Navigating the Digital Frontier in Cybersecurity Awareness Month 2023

This October will mark the 20th anniversary of Cybersecurity Awareness Month, a pivotal initiative launched under the guidance of the…