SecurityWeek
Hacker Leaks Samsung Customer Data
Hacker leaks 270,000 customer tickets allegedly stolen from Samsung Germany using long-compromised credentials.
The post Hacker Leaks Samsung Customer Data appeared first on SecurityWeek.
Part of EU’s New €1.3 Billion Investment Going to Cybersecurity
The European Commission plans on investing €1.3 billion ($1.4 billion) in cybersecurity, artificial intelligence and digital skills.
The post Part of EU’s New €1.3 Billion Investment Going to Cybersecurity appeared first on SecurityWeek.
‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft
The newly identified Android banking trojan Crocodilus takes over devices, enabling overlay attacks, remote control, and keylogging.
The post ‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft appeared first on SecurityWeek.
Industry Moves for the week of March 31, 2025 - SecurityWeek
CISA Analyzes Malware Used in Ivanti Zero-Day Attacks
CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day.
The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek.
170,000 Impacted by Data Breach at Chord Specialty Dental Partners
An email security incident at Chord Specialty Dental Partners, a US dental service organization, has impacted more than 170,000 people.
The post 170,000 Impacted by Data Breach at Chord Specialty Dental Partners appeared first on SecurityWeek.
Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware
Analysis found that 99% of healthcare organizations are vulnerable to publicly available exploits.
The post Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware appeared first on SecurityWeek.
9-Year-Old NPM Crypto Package Hijacked for Information Theft
Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers.
The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek.
In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked
Noteworthy stories that might have slipped under the radar: Key members of Hellcat ransomware group identified, controversy around CrushFTP flaw CVE, NYU website hacked and defaced.
The post In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked appeared first on SecurityWeek.
New Issuance Requirements Improve HTTPS Certificate Validation
HTTPS certificate issuance now requires Multi-Perspective Issuance Corroboration and linting to improve validation.
The post New Issuance Requirements Improve HTTPS Certificate Validation appeared first on SecurityWeek.
Morphing Meerkat Phishing Kits Target Over 100 Brands
A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages.
The post Morphing Meerkat Phishing Kits Target Over 100 Brands appeared first on SecurityWeek.
Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe
The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe.
The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on SecurityWeek.
Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia
Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day.
The post Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia appeared first on SecurityWeek.
Splunk Patches Dozens of Vulnerabilities
Splunk patches high-severity remote code execution and information disclosure flaws in Splunk Enterprise and Secure Gateway App.
The post Splunk Patches Dozens of Vulnerabilities appeared first on SecurityWeek.
Russian Espionage Group Using Ransomware in Attacks
Russian-speaking espionage group RedCurl has been deploying ransomware on victims’ networks in a recent campaign.
The post Russian Espionage Group Using Ransomware in Attacks appeared first on SecurityWeek.
UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach
The UK ICO has fined Advanced Computer Software Group £3 million ($3.8 million) over a 2022 data breach resulting from a ransomware attack.
The post UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach appeared first on SecurityWeek.
The Importance of Allyship For Women in Cyber
Interview with Taylor Pyle, a Cybersecurity Engineer at Viasat on her experience with both cyber and mentorship.
The post The Importance of Allyship For Women in Cyber appeared first on SecurityWeek.
GetReal Security Raises $17.5 Million to Tackle Gen-AI Threats
GetReal Security has raised $17.5 million in series A funding to combat deepfakes, impersonation, and other AI-generated threats.
The post GetReal Security Raises $17.5 Million to Tackle Gen-AI Threats appeared first on SecurityWeek.
Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations
US defense contractor MORSE Corp has agreed to pay $4.6 million to settle allegations over its cybersecurity failures.
The post Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations appeared first on SecurityWeek.
Ransomware Groups Increasingly Adopting EDR Killer Tools
ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software.
The post Ransomware Groups Increasingly Adopting EDR Killer Tools appeared first on SecurityWeek.