CISA Unveils Cybersecurity Strategic Plan for Next 3 Years
The US Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its Cybersecurity Strategic Plan for the next three years, focusing on three main goals and…
Category: SecurityWeek
Colorado Department of Higher Education Discloses Ransomware Attack, Data Breach
The Colorado Department of Higher Education (CDHE) has been targeted in a ransomware attack that resulted in a data breach impacting many students and teachers.…
A Cyberattack Has Disrupted Hospitals and Health Care in Five States
A cyberattack has disrupted hospital computer systems in several states, forcing some emergency rooms to close and ambulances to be diverted, and many primary care…
In Other News: Cybersecurity Funding Rebounds, Cloud Threats, BeyondTrust Vulnerability
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a…
Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft
Threat actors have been observed abusing an open source tool named Cloudflared to maintain persistent access to compromised systems and to steal information without being…
New York Couple Plead Guilty to Bitcoin Laundering
A married couple from New York dubbed “Bitcoin Bonnie and Crypto Clyde” pleaded guilty on Thursday to laundering billions of dollars in stolen bitcoin, prosecutors…
Microsoft Criticized Over Handling of Critical Power Platform Vulnerability
A critical Microsoft Power Platform vulnerability exposed organizations’ authentication data and other secrets, but the tech giant has been accused of handling it poorly. In…
Points.com Vulnerabilities Allowed Customer Data Theft, Rewards Program Hacking
Multiple vulnerabilities in the popular airline and hotel rewards platform points.com could have allowed attackers to access users’ personal information, security researchers warn. Acting as…
Exploitation of Ivanti EPMM Flaw Picking Up as New Vulnerability Is Disclosed
Exploitation of the recently disclosed Ivanti Endpoint Manager Mobile (EPMM) vulnerability has started to pick up, just as the vendor announced the discovery of a…
Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities
Government agencies in Australia, Canada, New Zealand, the UK, and the US have published a list of the software vulnerabilities that were most frequently exploited…
CISA Calls Urgent Attention to UEFI Attack Surfaces
The US government’s cybersecurity agency CISA is calling attention to under-researched attack surfaces in UEFI, warning that the dominant firmware standard presents a juicy target…
670 ICS Vulnerabilities Disclosed by CISA in First Half of 2023: Analysis
The US Cybersecurity and Infrastructure Security Agency (CISA) disclosed 670 vulnerabilities affecting industrial control systems (ICS) and other operational technology (OT) products in the first…