SecurityWeek

Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities

Security Week - 3 hours 29 min ago

Using the Security Copilot tool, Microsoft discovered 20 critical vulnerabilities in widely deployed open-source bootloaders.

The post Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities appeared first on SecurityWeek.

Categories: SecurityWeek

Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogs

Security Week - 5 hours 52 min ago

An undocumented remote access backdoor in the Unitree Go1 Robot Dog allows remote control over the tunnel network and use of the vision cameras to see through their eyes.

The post Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogs appeared first on SecurityWeek.

Categories: SecurityWeek

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals

Security Week - 9 hours 35 min ago

GreyNoise warns of a coordinated effort probing the internet for potentially vulnerable Palo Alto Networks GlobalProtect instances.

The post Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals appeared first on SecurityWeek.

Categories: SecurityWeek

Security Operations Firm ReliaQuest Raises $500M at $3.4B Valuation

Security Week - 12 hours 23 min ago

ReliaQuest has announced a new growth funding round that brings the total raised by the firm to over $830 million.

The post Security Operations Firm ReliaQuest Raises $500M at $3.4B Valuation appeared first on SecurityWeek.

Categories: SecurityWeek

Ransomware Group Takes Credit for National Presto Industries Attack

Security Week - 12 hours 57 min ago

A ransomware group has claimed responsibility for a March cyberattack on National Presto Industries subsidiary National Defense Corporation.

The post Ransomware Group Takes Credit for National Presto Industries Attack appeared first on SecurityWeek.

Categories: SecurityWeek

Critical Vulnerability Found in Canon Printer Drivers

Security Week - 13 hours 18 min ago

Microsoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers. 

The post Critical Vulnerability Found in Canon Printer Drivers appeared first on SecurityWeek.

Categories: SecurityWeek

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability

Security Week - 13 hours 53 min ago

Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161.

The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek.

Categories: SecurityWeek

Check Point Responds to Hacking Claims

Security Week - 14 hours 18 min ago

Check Point has responded to a hacker’s claims of sensitive data theft, confirming an incident but saying that it had limited impact.

The post Check Point Responds to Hacking Claims appeared first on SecurityWeek.

Categories: SecurityWeek

Apple Patches Recent Zero-Days in Older iPhones

Security Week - 14 hours 38 min ago

Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models.

The post Apple Patches Recent Zero-Days in Older iPhones appeared first on SecurityWeek.

Categories: SecurityWeek

France’s Antitrust Watchdog Fines Apple for Problems With App Tracking Transparency

Security Week - 15 hours 3 min ago

France’s antitrust watchdog fined Apple 150 million euros ($162 million) over a privacy feature protecting users from apps snooping on them.

The post France’s Antitrust Watchdog Fines Apple for Problems With App Tracking Transparency appeared first on SecurityWeek.

Categories: SecurityWeek

Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory

Security Week - Mon, 03/31/2025 - 11:05am

Sucuri has discovered multiple malware families deployed in the WordPress mu-plugins directory to evade routine security checks.

The post Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory appeared first on SecurityWeek.

Categories: SecurityWeek

Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program

Security Week - Mon, 03/31/2025 - 10:19am

A strong security program will sometimes require substantial organizational and cultural changes around security practices, and inevitably, a higher cost.

The post Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program appeared first on SecurityWeek.

Categories: SecurityWeek

Hacker Leaks Samsung Customer Data

Security Week - Mon, 03/31/2025 - 8:33am

Hacker leaks 270,000 customer tickets allegedly stolen from Samsung Germany using long-compromised credentials.

The post Hacker Leaks Samsung Customer Data appeared first on SecurityWeek.

Categories: SecurityWeek

Part of EU’s New €1.3 Billion Investment Going to Cybersecurity

Security Week - Mon, 03/31/2025 - 7:42am

The European Commission plans on investing €1.3 billion ($1.4 billion) in cybersecurity, artificial intelligence and digital skills. 

The post Part of EU’s New €1.3 Billion Investment Going to Cybersecurity appeared first on SecurityWeek.

Categories: SecurityWeek

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft

Security Week - Mon, 03/31/2025 - 6:53am

The newly identified Android banking trojan Crocodilus takes over devices, enabling overlay attacks, remote control, and keylogging.

The post ‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft appeared first on SecurityWeek.

Categories: SecurityWeek

Industry Moves for the week of March 31, 2025 - SecurityWeek

Security Week - Mon, 03/31/2025 - 6:31am
Explore industry moves and significant changes in the industry for the week of March 31, 2025. Stay updated with the latest industry trends and shifts.
Categories: SecurityWeek

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks

Security Week - Mon, 03/31/2025 - 6:29am

CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day.

The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek.

Categories: SecurityWeek

170,000 Impacted by Data Breach at Chord Specialty Dental Partners

Security Week - Mon, 03/31/2025 - 6:10am

An email security incident at Chord Specialty Dental Partners, a US dental service organization, has impacted more than 170,000 people. 

The post 170,000 Impacted by Data Breach at Chord Specialty Dental Partners appeared first on SecurityWeek.

Categories: SecurityWeek

Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware

Security Week - Fri, 03/28/2025 - 8:36am

Analysis found that 99% of healthcare organizations are vulnerable to publicly available exploits.

The post Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware appeared first on SecurityWeek.

Categories: SecurityWeek

9-Year-Old NPM Crypto Package Hijacked for Information Theft

Security Week - Fri, 03/28/2025 - 8:30am

Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers.

The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek.

Categories: SecurityWeek

Pages