FIRST Releases CVSS 4.0 Vuln Scoring Standard
The Forum of Incident Response and Security Teams (FIRST) on Monday pushed out a refresh of its CVSS vulnerability scoring...
Read more →Category: SecurityWeek
Countries at a UK Summit Pledge to Tackle AI’s Potentially ‘Catastrophic’ Risks
Delegates from 28 nations, including the U.S. and China, agreed Wednesday to work together to contain the potentially “catastrophic” risks...
Read more →
Mozi Botnet Likely Killed by Its Creators
The recent shutdown of the Mozi botnet is believed to be the work of its operators, who may have been...
Read more →
Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges
VMware Carbon Black’s Threat Analysis Unit (TAU) has identified dozens of previously unknown vulnerable kernel drivers that could be exploited...
Read more →
Supply Chain Startup Chainguard Scores $61 Million Series B
Chainguard, a high-flying security startup founded by a team of former Google software engineers, has banked $61 million in new...
Read more →
Iranian Cyber Spies Use ‘LionTail’ Malware in Latest Attacks
An Iranian espionage group has been caught using a new malware framework in a recent spate of cyberattacks, according to...
Read more →
Mass Exploitation of ‘Citrix Bleed’ Vulnerability Underway
Thousands of Citrix NetScaler ADC and Gateway instances remain unpatched against a critical vulnerability that is being widely exploited, security...
Read more →
Chrome 119 Patches 15 Vulnerabilities
Google on Tuesday announced the release of Chrome 119 to the stable channel with patches for 15 vulnerabilities, including 13...
Read more →
MITRE Releases ATT&CK v14 With Improvements to Detections, ICS, Mobile
MITRE on Tuesday announced the release of version 14 of ATT&CK, the widely used knowledge base of adversary tactics and...
Read more →
DPI: Still Effective for the Modern SOC?
There has been an ongoing debate in the security industry over the last decade or so about whether or not...
Read more →
Malicious NuGet Packages Abuse MSBuild Integrations for Code Execution
As part of an ongoing and coordinated campaign, threat actors have been continuously publishing malicious NuGet packages with hidden code...
Read more →
SIEM and Log Management Provider Graylog Raises $39 Million
Security information and event management (SIEM) and log management provider Graylog on Tuesday announced that it has raised $39 million...
Read more →