US Gov Rolls Out National Cyber Workforce, Education Strategy
The Biden administration on Monday rolled out its first-ever National Cyber Workforce and Education Strategy (NCWES), announcing a series of...
Read more →Category: SecurityWeek
Reddit Taps Fredrick ‘Flee’ Lee for CISO Job
Reddit has upvoted Fredrick Lee into the CISO office. The San Francisco company on Monday announced the hiring of Lee...
Read more →
Apple Lists APIs That Developers Can Only Use for Good Reason
In an effort to boost user privacy by preventing unwanted data collection, Apple is requiring application developers to declare the...
Read more →
Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks
Ivanti has warned customers about a second zero-day vulnerability in its Endpoint Manager Mobile (EPMM) product that has been exploited...
Read more →
CISA Analyzes Malware Used in Barracuda ESG Attacks
The US Cybersecurity and Infrastructure Security Agency (CISA) has published analysis reports on three malware families deployed in an attack...
Read more →
US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications
New guidance from the Australian Cyber Security Centre (ACSC), the US Cybersecurity and Infrastructure Security Agency (CISA), and National Security...
Read more →
In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under...
Read more →
Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins
Threat intelligence company Greynoise says it has observed the first attempts to exploit a recent critical remote code execution (RCE)...
Read more →
Industry Reactions to New SEC Cyber Incident Disclosure Rules: Feedback Friday
The US Securities and Exchange Commission (SEC) has adopted new cybersecurity incident disclosure rules for public companies, but there is...
Read more →
Zimbra Patches Exploited Zero-Day Vulnerability
Zimbra this week released patches for a cross-site scripting (XSS) vulnerability in Collaboration Suite that has been exploited in malicious...
Read more →
CoinsPaid Blames North Korean Hackers for $37 Million Cryptocurrency Heist
Cryptocurrency payments firm CoinsPaid says North Korean hacking group Lazarus is likely responsible for the theft of approximatively $37 million...
Read more →
Weintek Weincloud Vulnerabilities Allowed Manipulation, Damaging of ICS Devices
Several vulnerabilities discovered by a researcher from industrial cybersecurity firm TXOne Networks in a Weintek product could have been exploited...
Read more →