SecurityWeek
Major CPU, Software Vendors Impacted by New GhostRace Attack
CPU makers Intel, AMD, Arm and IBM, as well as software vendors, are impacted by a new speculative race condition (SRC) attack named GhostRace.
The post Major CPU, Software Vendors Impacted by New GhostRace Attack appeared first on SecurityWeek.
Fortinet Patches Critical Vulnerabilities Leading to Code Execution
Fortinet has released patches for critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS.
The post Fortinet Patches Critical Vulnerabilities Leading to Code Execution appeared first on SecurityWeek.
Rockwell Automation Hires Stephen Ford as Chief Information Security Officer
Rockwell Automation hired Stephen Ford as vice VP & CISO, who joins the company from McKesson Corporation, where he was Vice President, Global Security.
The post Rockwell Automation Hires Stephen Ford as Chief Information Security Officer appeared first on SecurityWeek.
US Spearheads First UN Resolution on Artificial Intelligence
The US is spearheading the first United Nations resolution on artificial intelligence, aimed at ensuring the new technology is “safe, secure and trustworthy” and that all countries have equal access.
The post US Spearheads First UN Resolution on Artificial Intelligence appeared first on SecurityWeek.
Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server
Microsoft ships patches for at least 60 security vulnerabilities in the Windows ecosystem and warned of remote code execution risks.
The post Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server appeared first on SecurityWeek.
SAP Patches Critical Command Injection Vulnerabilities
Enterprise software maker SAP documents multiple critical-severity issues and warns of risk of command injection attacks.
The post SAP Patches Critical Command Injection Vulnerabilities appeared first on SecurityWeek.
Adobe Patches Critical Flaws in Enterprise Products
Patch Tuesday: Adobe ships a hefty batch of security updates to fix critical-severity vulnerabilities in multiple enterprise-facing products.
The post Adobe Patches Critical Flaws in Enterprise Products appeared first on SecurityWeek.
Google Paid Out $10 Million via Bug Bounty Programs in 2023
Google paid out $10 million via its bug bounty programs in 2023, bringing the total to nearly $60 million since 2010.
The post Google Paid Out $10 Million via Bug Bounty Programs in 2023 appeared first on SecurityWeek.
ICS Patch Tuesday: Siemens Ruggedcom Devices Impacted by 45 Fortinet Vulnerabilities
Siemens and Schneider Electric publish March 2024 Patch Tuesday advisories to inform customers about over 200 vulnerabilities.
The post ICS Patch Tuesday: Siemens Ruggedcom Devices Impacted by 45 Fortinet Vulnerabilities appeared first on SecurityWeek.
J.P. Morgan Growth Leads $39 Million Investment in Eye Security
Eye Security raises $39 million to bring enterprise-level security and cyber insurance products to mid-market businesses.
The post J.P. Morgan Growth Leads $39 Million Investment in Eye Security appeared first on SecurityWeek.
EquiLend Ransomware Attack Leads to Data Breach
EquiLend is informing its employees that their personal information was compromised in a January ransomware attack.
The post EquiLend Ransomware Attack Leads to Data Breach appeared first on SecurityWeek.
CISA’s OT Attack Response Team Understaffed: GAO
GAO study finds that CISA does not have enough staff to respond to significant OT attacks in multiple locations at the same time.
The post CISA’s OT Attack Response Team Understaffed: GAO appeared first on SecurityWeek.
US, Russia Accuse Each Other of Potential Election Cyberattacks
US and Russia suspect each other of intent to disrupt presidential elections set for this week in Russia and November in the US.
The post US, Russia Accuse Each Other of Potential Election Cyberattacks appeared first on SecurityWeek.
Exploited Building Access System Vulnerability Patched 5 Years After Disclosure
Vulnerabilities affecting a Nice Linear physical access product, including an exploited flaw, patched five years after their disclosure.
The post Exploited Building Access System Vulnerability Patched 5 Years After Disclosure appeared first on SecurityWeek.
Justice Department Beefs up Focus on Artificial Intelligence Enforcement, Warns of Harsher Sentences
Officials are set to warn that companies and people who deliberately misuse AI technology to advance a white-collar crime like price fixing and market manipulation will be at risk for a harsher sentence
The post Justice Department Beefs up Focus on Artificial Intelligence Enforcement, Warns of Harsher Sentences appeared first on SecurityWeek.
The French Government Says It’s Being Targeted by Unusual Intense Cyberattacks
A group of hackers called Anonymous Sudan, considered by cybersecurity experts as pro-Russia, claimed responsibility for the attacks in online posts.
The post The French Government Says It’s Being Targeted by Unusual Intense Cyberattacks appeared first on SecurityWeek.
Broadcom Merges Symantec and Carbon Black Into New Business Unit
Fresh off its $69 billion acquisition of VMware, Broadcom creates an Enterprise Security Group unit that merges Symantec and Carbon Black.
The post Broadcom Merges Symantec and Carbon Black Into New Business Unit appeared first on SecurityWeek.
Software Reliability Firm Steadybit Raises $6 Million
Steadybit was founded in 2019 and has now raised a total of $13.8 million in funding.
The post Software Reliability Firm Steadybit Raises $6 Million appeared first on SecurityWeek.
Recent TeamCity Vulnerability Exploited in Ransomware Attacks
Servers impacted by recently patched TeamCity vulnerability CVE-2024-27198 targeted in ransomware attacks and abused for DDoS.
The post Recent TeamCity Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.
Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks
A high-severity XSS vulnerability in the Ultimate Member plugin allows attackers to inject scripts into WordPress sites.
The post Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks appeared first on SecurityWeek.