Security Week

Subscribe to Security Week feed Security Week
Cybersecurity News, Insights & Analysis
Updated: 16 min 35 sec ago

Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogs

Tue, 04/01/2025 - 3:15pm

An undocumented remote access backdoor in the Unitree Go1 Robot Dog allows remote control over the tunnel network and use of the vision cameras to see through their eyes.

The post Hackers Could Unleash Chaos Through Backdoor in China-Made Robot Dogs appeared first on SecurityWeek.

Categories: SecurityWeek

Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals

Tue, 04/01/2025 - 11:33am

GreyNoise warns of a coordinated effort probing the internet for potentially vulnerable Palo Alto Networks GlobalProtect instances.

The post Hackers Looking for Vulnerable Palo Alto Networks GlobalProtect Portals appeared first on SecurityWeek.

Categories: SecurityWeek

Security Operations Firm ReliaQuest Raises $500M at $3.4B Valuation

Tue, 04/01/2025 - 8:44am

ReliaQuest has announced a new growth funding round that brings the total raised by the firm to over $830 million.

The post Security Operations Firm ReliaQuest Raises $500M at $3.4B Valuation appeared first on SecurityWeek.

Categories: SecurityWeek

Ransomware Group Takes Credit for National Presto Industries Attack

Tue, 04/01/2025 - 8:10am

A ransomware group has claimed responsibility for a March cyberattack on National Presto Industries subsidiary National Defense Corporation.

The post Ransomware Group Takes Credit for National Presto Industries Attack appeared first on SecurityWeek.

Categories: SecurityWeek

Critical Vulnerability Found in Canon Printer Drivers

Tue, 04/01/2025 - 7:50am

Microsoft’s offensive security team warned Canon about a critical code execution vulnerability in printer drivers. 

The post Critical Vulnerability Found in Canon Printer Drivers appeared first on SecurityWeek.

Categories: SecurityWeek

CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability

Tue, 04/01/2025 - 7:15am

Shadowserver has started seeing exploitation attempts aimed at a CrushFTP vulnerability tracked as CVE-2025-2825 and CVE-2025-31161.

The post CrushFTP Blames Security Firms for Fast Exploitation of Vulnerability appeared first on SecurityWeek.

Categories: SecurityWeek

Check Point Responds to Hacking Claims

Tue, 04/01/2025 - 6:50am

Check Point has responded to a hacker’s claims of sensitive data theft, confirming an incident but saying that it had limited impact.

The post Check Point Responds to Hacking Claims appeared first on SecurityWeek.

Categories: SecurityWeek

Apple Patches Recent Zero-Days in Older iPhones

Tue, 04/01/2025 - 6:30am

Apple has released a hefty round of security updates for its desktop and mobile products, patching two recent zero-days in older iPhone models.

The post Apple Patches Recent Zero-Days in Older iPhones appeared first on SecurityWeek.

Categories: SecurityWeek

France’s Antitrust Watchdog Fines Apple for Problems With App Tracking Transparency

Tue, 04/01/2025 - 6:05am

France’s antitrust watchdog fined Apple 150 million euros ($162 million) over a privacy feature protecting users from apps snooping on them.

The post France’s Antitrust Watchdog Fines Apple for Problems With App Tracking Transparency appeared first on SecurityWeek.

Categories: SecurityWeek

Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory

Mon, 03/31/2025 - 11:05am

Sucuri has discovered multiple malware families deployed in the WordPress mu-plugins directory to evade routine security checks.

The post Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory appeared first on SecurityWeek.

Categories: SecurityWeek

Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program

Mon, 03/31/2025 - 10:19am

A strong security program will sometimes require substantial organizational and cultural changes around security practices, and inevitably, a higher cost.

The post Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program appeared first on SecurityWeek.

Categories: SecurityWeek

Hacker Leaks Samsung Customer Data

Mon, 03/31/2025 - 8:33am

Hacker leaks 270,000 customer tickets allegedly stolen from Samsung Germany using long-compromised credentials.

The post Hacker Leaks Samsung Customer Data appeared first on SecurityWeek.

Categories: SecurityWeek

Part of EU’s New €1.3 Billion Investment Going to Cybersecurity

Mon, 03/31/2025 - 7:42am

The European Commission plans on investing €1.3 billion ($1.4 billion) in cybersecurity, artificial intelligence and digital skills. 

The post Part of EU’s New €1.3 Billion Investment Going to Cybersecurity appeared first on SecurityWeek.

Categories: SecurityWeek

‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft

Mon, 03/31/2025 - 6:53am

The newly identified Android banking trojan Crocodilus takes over devices, enabling overlay attacks, remote control, and keylogging.

The post ‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft appeared first on SecurityWeek.

Categories: SecurityWeek

Industry Moves for the week of March 31, 2025 - SecurityWeek

Mon, 03/31/2025 - 6:31am
Explore industry moves and significant changes in the industry for the week of March 31, 2025. Stay updated with the latest industry trends and shifts.
Categories: SecurityWeek

CISA Analyzes Malware Used in Ivanti Zero-Day Attacks

Mon, 03/31/2025 - 6:29am

CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day.

The post CISA Analyzes Malware Used in Ivanti Zero-Day Attacks appeared first on SecurityWeek.

Categories: SecurityWeek

170,000 Impacted by Data Breach at Chord Specialty Dental Partners

Mon, 03/31/2025 - 6:10am

An email security incident at Chord Specialty Dental Partners, a US dental service organization, has impacted more than 170,000 people. 

The post 170,000 Impacted by Data Breach at Chord Specialty Dental Partners appeared first on SecurityWeek.

Categories: SecurityWeek

Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware

Fri, 03/28/2025 - 8:36am

Analysis found that 99% of healthcare organizations are vulnerable to publicly available exploits.

The post Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware appeared first on SecurityWeek.

Categories: SecurityWeek

9-Year-Old NPM Crypto Package Hijacked for Information Theft

Fri, 03/28/2025 - 8:30am

Nearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers.

The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek.

Categories: SecurityWeek

In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked

Fri, 03/28/2025 - 8:00am

Noteworthy stories that might have slipped under the radar: Key members of Hellcat ransomware group identified, controversy around CrushFTP flaw CVE, NYU website hacked and defaced.

The post In Other News: Hellcat Hackers Unmasked, CrushFTP Bug Controversy, NYU Hacked appeared first on SecurityWeek.

Categories: SecurityWeek

Pages