CISA Hires ‘Mudge’ to Work on Security-by-Design Principles
The U.S. government’s cybersecurity agency CISA on Monday confirmed the addition of Peiter ‘Mudge’ Zatko to its roster of prominent...
Read more →Category: SecurityWeek
9 Vulnerabilities Patched in SEL Power System Management Products
Nine vulnerabilities, including potentially serious flaws, were patched recently in a couple of electric power management products made by Schweitzer...
Read more →
MITRE and CISA Release Open Source Tool for OT Attack Emulation
The MITRE Corporation and the US Cybersecurity and Infrastructure Security Agency (CISA) today announced a new extension for the open...
Read more →
7 Million Users Possibly Impacted by Freecycle Data Breach
Freecycle.org, a platform that allows users to recycle their belongings, has prompted millions of users to reset their passwords after...
Read more →
Norfolk Southern Says a Software Defect — Not a Hacker — Forced It to Park Its Trains This Week
Norfolk Southern believes a software defect — not a hacker — was the cause of the widespread computer outage that...
Read more →
Developers Warned of Malicious PyPI, NPM, Ruby Packages Targeting Macs
Threat actors have started uploading malicious packages to PyPI, NPM, and RubyGems repositories in a new campaign aimed at stealing...
Read more →
Okta Says US Customers Targeted in Sophisticated Attacks
Identity and access management solutions provider Okta warns that multiple customers based in the United States have been targeted in...
Read more →
Cybersecurity M&A Roundup: 40 Deals Announced in August 2023
Forty cybersecurity-related merger and acquisition (M&A) deals were announced in August 2023. The number of transactions has bounced back in...
Read more →
Ransomware Attack on Fencing Systems Maker Zaun Impacts UK Military Data
British mesh fencing systems maker Zaun has disclosed a LockBit ransomware attack that potentially led to the compromise of data...
Read more →
Exploit Code Published for Critical-Severity VMware Security Defect
Just days after shipping a major security update to correct vulnerabilities in its Aria Operations for Networks product line, VMWare...
Read more →
Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer
Multiple threat actors have adopted ‘SapphireStealer’ after the information stealer’s source code was published on GitHub, Cisco’s Talos security researchers...
Read more →
Elon Musk Says X, Formerly Twitter, Will Have Voice and Video Calls, Updates Privacy Policy
Elon Musk said Thursday that his social network X, formerly known as Twitter, will give users the ability to make...
Read more →