SecurityWeek

Major CPU, Software Vendors Impacted by New GhostRace Attack

Security Week - Wed, 03/13/2024 - 5:57am

CPU makers Intel, AMD, Arm and IBM, as well as software vendors, are impacted by a new speculative race condition (SRC) attack named GhostRace.

The post Major CPU, Software Vendors Impacted by New GhostRace Attack appeared first on SecurityWeek.

Categories: SecurityWeek

Fortinet Patches Critical Vulnerabilities Leading to Code Execution

Security Week - Wed, 03/13/2024 - 5:42am

Fortinet has released patches for critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS.

The post Fortinet Patches Critical Vulnerabilities Leading to Code Execution appeared first on SecurityWeek.

Categories: SecurityWeek

Rockwell Automation Hires Stephen Ford as Chief Information Security Officer

Security Week - Wed, 03/13/2024 - 5:00am

Rockwell Automation hired Stephen Ford as vice VP & CISO, who joins the company from McKesson Corporation, where he was Vice President, Global Security.

The post Rockwell Automation Hires Stephen Ford as Chief Information Security Officer appeared first on SecurityWeek.

Categories: SecurityWeek

US Spearheads First UN Resolution on Artificial Intelligence

Security Week - Tue, 03/12/2024 - 10:16pm

The US is spearheading the first United Nations resolution on artificial intelligence, aimed at ensuring the new technology is “safe, secure and trustworthy” and that all countries have equal access.

The post US Spearheads First UN Resolution on Artificial Intelligence appeared first on SecurityWeek.

Categories: SecurityWeek

Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server 

Security Week - Tue, 03/12/2024 - 2:20pm

Microsoft ships patches for at least 60 security vulnerabilities in the Windows ecosystem and warned of remote code execution risks.

The post Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server  appeared first on SecurityWeek.

Categories: SecurityWeek

SAP Patches Critical Command Injection Vulnerabilities

Security Week - Tue, 03/12/2024 - 1:26pm

Enterprise software maker SAP documents multiple critical-severity issues and warns of risk of command injection attacks.

The post SAP Patches Critical Command Injection Vulnerabilities appeared first on SecurityWeek.

Categories: SecurityWeek

Adobe Patches Critical Flaws in Enterprise Products

Security Week - Tue, 03/12/2024 - 1:14pm

Patch Tuesday: Adobe ships a hefty batch of security updates to fix critical-severity vulnerabilities in multiple enterprise-facing products.

The post Adobe Patches Critical Flaws in Enterprise Products appeared first on SecurityWeek.

Categories: SecurityWeek

Google Paid Out $10 Million via Bug Bounty Programs in 2023

Security Week - Tue, 03/12/2024 - 12:01pm

Google paid out $10 million via its bug bounty programs in 2023, bringing the total to nearly $60 million since 2010.

The post Google Paid Out $10 Million via Bug Bounty Programs in 2023 appeared first on SecurityWeek.

Categories: SecurityWeek

ICS Patch Tuesday: Siemens Ruggedcom Devices Impacted by 45 Fortinet Vulnerabilities 

Security Week - Tue, 03/12/2024 - 11:22am

Siemens and Schneider Electric publish March 2024 Patch Tuesday advisories to inform customers about over 200 vulnerabilities.

The post ICS Patch Tuesday: Siemens Ruggedcom Devices Impacted by 45 Fortinet Vulnerabilities  appeared first on SecurityWeek.

Categories: SecurityWeek

J.P. Morgan Growth Leads $39 Million Investment in Eye Security

Security Week - Tue, 03/12/2024 - 9:53am

Eye Security raises $39 million to bring enterprise-level security and cyber insurance products to mid-market businesses.

The post J.P. Morgan Growth Leads $39 Million Investment in Eye Security appeared first on SecurityWeek.

Categories: SecurityWeek

EquiLend Ransomware Attack Leads to Data Breach 

Security Week - Tue, 03/12/2024 - 9:15am

EquiLend is informing its employees that their personal information was compromised in a January ransomware attack.

The post EquiLend Ransomware Attack Leads to Data Breach  appeared first on SecurityWeek.

Categories: SecurityWeek

CISA’s OT Attack Response Team Understaffed: GAO

Security Week - Tue, 03/12/2024 - 8:47am

GAO study finds that CISA does not have enough staff to respond to significant OT attacks in multiple locations at the same time.

The post CISA’s OT Attack Response Team Understaffed: GAO appeared first on SecurityWeek.

Categories: SecurityWeek

US, Russia Accuse Each Other of Potential Election Cyberattacks

Security Week - Tue, 03/12/2024 - 8:26am

US and Russia suspect each other of intent to disrupt presidential elections set for this week in Russia and November in the US.

The post US, Russia Accuse Each Other of Potential Election Cyberattacks appeared first on SecurityWeek.

Categories: SecurityWeek

Exploited Building Access System Vulnerability Patched 5 Years After Disclosure

Security Week - Tue, 03/12/2024 - 6:15am

Vulnerabilities affecting a Nice Linear physical access product, including an exploited flaw, patched five years after their disclosure.

The post Exploited Building Access System Vulnerability Patched 5 Years After Disclosure appeared first on SecurityWeek.

Categories: SecurityWeek

Justice Department Beefs up Focus on Artificial Intelligence Enforcement, Warns of Harsher Sentences

Security Week - Tue, 03/12/2024 - 5:18am

Officials are set to warn that companies and people who deliberately misuse AI technology to advance a white-collar crime like price fixing and market manipulation will be at risk for a harsher sentence

The post Justice Department Beefs up Focus on Artificial Intelligence Enforcement, Warns of Harsher Sentences appeared first on SecurityWeek.

Categories: SecurityWeek

The French Government Says It’s Being Targeted by Unusual Intense Cyberattacks

Security Week - Mon, 03/11/2024 - 9:27pm

A group of hackers called Anonymous Sudan, considered by cybersecurity experts as pro-Russia, claimed responsibility for the attacks in online posts.

The post The French Government Says It’s Being Targeted by Unusual Intense Cyberattacks appeared first on SecurityWeek.

Categories: SecurityWeek

Broadcom Merges Symantec and Carbon Black Into New Business Unit

Security Week - Mon, 03/11/2024 - 1:37pm

Fresh off its $69 billion acquisition of VMware, Broadcom creates an Enterprise Security Group unit that merges Symantec and Carbon Black.

The post Broadcom Merges Symantec and Carbon Black Into New Business Unit appeared first on SecurityWeek.

Categories: SecurityWeek

Software Reliability Firm Steadybit Raises $6 Million

Security Week - Mon, 03/11/2024 - 12:18pm

Steadybit was founded in 2019 and has now raised a total of $13.8 million in funding.

The post Software Reliability Firm Steadybit Raises $6 Million appeared first on SecurityWeek.

Categories: SecurityWeek

Recent TeamCity Vulnerability Exploited in Ransomware Attacks

Security Week - Mon, 03/11/2024 - 11:29am

Servers impacted by recently patched TeamCity vulnerability CVE-2024-27198 targeted in ransomware attacks and abused for DDoS.

The post Recent TeamCity Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.

Categories: SecurityWeek

Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks

Security Week - Mon, 03/11/2024 - 10:09am

A high-severity XSS vulnerability in the Ultimate Member plugin allows attackers to inject scripts into WordPress sites.

The post Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks appeared first on SecurityWeek.

Categories: SecurityWeek

Pages