www.securityweek.com
Open in
urlscan Pro
2606:4700:20::6818:a003
Public Scan
URL:
https://www.securityweek.com/
Submission: On May 15 via api from IE — Scanned from DE
Submission: On May 15 via api from IE — Scanned from DE
Form analysis 3 forms found in the DOM
GET https://www.securityweek.com/
<form method="get" id="zox-search-form" action="https://www.securityweek.com/">
<input type="text" name="s" id="zox-search-input" value="Search" onfocus="if (!window.__cfRLUnblockHandlers) return false; if (this.value == "Search") { this.value = ""; }"
onblur="if (!window.__cfRLUnblockHandlers) return false; if (this.value == "Search") { this.value = ""; }">
<input type="submit" id="zox-search-submit" value="Search">
</form>Name: ccoptin — POST https://visitor.constantcontact.com/d.jsp
<form class="sw-newsletter-cc" style="" method="post" target="_blank" action="https://visitor.constantcontact.com/d.jsp" name="ccoptin">
<input type="hidden" value="1102592012458" name="m">
<input type="hidden" value="oi" name="p">
<div class="form-item">
<input type="text" class="form-text required" value="" placeholder="Business Email Address..." size="60" name="ea" maxlength="128">
<input type="submit" class="submit" value="Subscribe" name="go">
</div>
</form>Name: ccoptin — POST https://visitor.constantcontact.com/d.jsp
<form class="sw-newsletter-cc" style="" method="post" target="_blank" action="https://visitor.constantcontact.com/d.jsp" name="ccoptin">
<input type="hidden" value="1102592012458" name="m">
<input type="hidden" value="oi" name="p">
<div class="form-item">
<input type="text" class="form-text required" value="" placeholder="Business Email Address..." size="60" name="ea" maxlength="128">
<input type="submit" class="submit" value="Subscribe" name="go">
</div>
</form>Text Content
SECURITYWEEK NETWORK: * Cybersecurity News * Webcasts * Virtual Events ICS: * ICS Cybersecurity Conference * Malware & Threats * Cyberwarfare * Cybercrime * Data Breaches * Fraud & Identity Theft * Nation-State * Ransomware * Vulnerabilities * Security Operations * Threat Intelligence * Incident Response * Tracking & Law Enforcement * Security Architecture * Application Security * Cloud Security * Endpoint Security * Identity & Access * IoT Security * Mobile & Wireless * Network Security * Risk Management * Cyber Insurance * Data Protection * Privacy & Compliance * Supply Chain Security * CISO Strategy * Cyber Insurance * CISO Conversations * CISO Forum * ICS/OT * Industrial Cybersecurity * ICS Cybersecurity Conference * Funding/M&A * Cybersecurity Funding * M&A Tracker * Cybersecurity News * Webcasts * Virtual Events * ICS Cybersecurity Conference Connect with us * * * Hi, what are you looking for? SECURITYWEEK * Malware & Threats * Cyberwarfare * Cybercrime * Data Breaches * Fraud & Identity Theft * Nation-State * Ransomware * Vulnerabilities * Security Operations * Threat Intelligence * Incident Response * Tracking & Law Enforcement * Security Architecture * Application Security * Cloud Security * Endpoint Security * Identity & Access * IoT Security * Mobile & Wireless * Network Security * Risk Management * Cyber Insurance * Data Protection * Privacy & Compliance * Supply Chain Security * CISO Strategy * Cyber Insurance * CISO Conversations * CISO Forum * ICS/OT * Industrial Cybersecurity * ICS Cybersecurity Conference * Funding/M&A * Cybersecurity Funding * M&A Tracker LATEST CYBERSECURITY NEWS SENATORS URGE $32 BILLION IN EMERGENCY SPENDING ON AI AFTER FINISHING YEARLONG REVIEW The group recommends that Congress draft emergency spending legislation to boost U.S. investments in artificial intelligence, including new R&D and testing standards to understand the technology’s potential harms. ICS PATCH TUESDAY: ADVISORIES PUBLISHED BY SIEMENS, ROCKWELL, MITSUBISHI ELECTRIC Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their products. VERMONT LEGISLATURE PASSES ONE OF THE STRONGEST DATA PRIVACY MEASURES IN THE COUNTRY Vermont legislature passed a bill that prohibits the sale of sensitive data, such as social security and drivers’ license numbers, financial or health information. MICROSOFT WARNS OF ACTIVE ZERO-DAY EXPLOITATION, PATCHES 60 WINDOWS VULNERABILITIES Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention. ADOBE PATCHES CRITICAL FLAWS IN READER, ACROBAT Adobe documents multiple code execution flaws in a wide range of products, including the widely deployed Adobe Acrobat and Reader software. SAP PATCHES CRITICAL VULNERABILITIES IN CX COMMERCE, NETWEAVER SAP has released 14 new and three updated security notes on its May 2024 Security Patch Day. VMWARE PATCHES VULNERABILITIES EXPLOITED AT PWN2OWN 2024 VMware has patched three vulnerabilities exploited earlier this year at the Pwn2Own hacking competition. HACKER CONVERSATIONS: RON REITER, AND THE MAKING OF A PROFESSIONAL HACKER Ron Reiter was a childhood hacker in Israel. He was recruited into the IDF’s elite Unit 8200 for his military service. Now he is CTO and co-founder of cybersecurity firm Sentra. ATTACKERS USE DNS TUNNELING TO TRACK VICTIM ACTIVITY, SCAN NETWORKS Threat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures. GOOGLE PATCHES SECOND CHROME ZERO-DAY IN ONE WEEK Google has patched CVE-2024-4761, the second exploited vulnerability addressed by the company within one week. STUDENT, PERSONNEL INFORMATION STOLEN IN CITY OF HELSINKI CYBERATTACK The City of Helsinki says usernames, email addresses, and personal information was stolen in a recent cyberattack. PEOPLE ON THE MOVE PR and marketing firm FleishmanHillard named Scott Radcliffe as the agency’s global director of cybersecurity. Portnox, a provider of zero trust access control solutions, announced that Joseph Rodriguez has joined the company as Chief Revenue Officer. Cybersecurity awareness training firm NINJIO has appointed Jon Dion as its Chief Revenue Officer. IAM firm Device Authority has announced the appointment of Richard Seward as its VP of Product Management. Cohesity has hired former DoD Chief Digital and Artificial Intelligence Officer (CDAO) Dr. Craig Martell as Chief Technology Officer. More People On The Move MICROSOFT WARNS OF ACTIVE ZERO-DAY EXPLOITATION, PATCHES 60 WINDOWS VULNERABILITIES Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention. ZSCALER CONFIRMS ONLY ISOLATED TEST SERVER WAS HACKED Zscaler has completed its investigation into the recent hacking claims and found that only an isolated test environment was compromised. NATO DRAWS A CYBER RED LINE IN TENSIONS WITH RUSSIA Weakening liberal democracies and weakening the NATO alliance are conjoined in the hybrid war that Russia is conducting against Ukraine. TOP CYBERSECURITY HEADLINES SENATORS URGE $32 BILLION IN EMERGENCY SPENDING ON AI AFTER FINISHING YEARLONG REVIEW The group recommends that Congress draft emergency spending legislation to boost U.S. investments in artificial intelligence, including new R&D and testing standards to understand… ICS PATCH TUESDAY: ADVISORIES PUBLISHED BY SIEMENS, ROCKWELL, MITSUBISHI ELECTRIC Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their products. VERMONT LEGISLATURE PASSES ONE OF THE STRONGEST DATA PRIVACY MEASURES IN THE COUNTRY Vermont legislature passed a bill that prohibits the sale of sensitive data, such as social security and drivers’ license numbers, financial or health information. MICROSOFT WARNS OF ACTIVE ZERO-DAY EXPLOITATION, PATCHES 60 WINDOWS VULNERABILITIES Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention. SECURITYWEEK INDUSTRY EXPERTS SHIELDS UP: HOW TO MINIMIZE RANSOMWARE EXPOSURE Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response. Torsten George Read more FROM WARNINGS TO ACTION: PREPARING AMERICA’S INFRASTRUCTURE FOR IMMINENT CYBER THREATS As cyber threats grow more sophisticated, America cannot afford complacency. The time for decisive action and enhanced cyber resilience is now. Danelle Au Read more BUILDING THE RIGHT VENDOR ECOSYSTEM – A GUIDE TO MAKING THE MOST OF RSA CONFERENCE As you look to navigate RSA Conference, with so many vendors, approaches and solutions, how do you know what solutions you should be investing in? Marc Solomon Read more WHY USING MICROSOFT COPILOT COULD AMPLIFY EXISTING DATA QUALITY AND PRIVACY ISSUES Microsoft provides an easy and logical first step into GenAI for many organizations, but beware of the pitfalls. Alastair Paterson Read more BEYOND THE BUZZ: RETHINKING ALCOHOL AS A CYBERSECURITY BONDING RITUAL Jennifer Leggio makes the case for more alcohol-free networking events at conferences, and community-building opportunities for sober individuals working in cybersecurity. Jennifer Leggio Read more More Expert Insights TRENDING MICROSOFT WARNS OF ACTIVE ZERO-DAY EXPLOITATION, PATCHES 60 WINDOWS VULNERABILITIES APPLE PATCH DAY: CODE EXECUTION FLAWS IN IPHONES, IPADS, MACOS NATO DRAWS A CYBER RED LINE IN TENSIONS WITH RUSSIA EXPLOITED CHROME ZERO-DAY PATCHED BY GOOGLE $2.5 MILLION OFFERED AT UPCOMING ‘MATRIX CUP’ CHINESE HACKING CONTEST BLACK BASTA RANSOMWARE HIT OVER 500 ORGANIZATIONS EUROPOL INVESTIGATING BREACH AFTER HACKER OFFERS TO SELL CLASSIFIED DATA HEALTHCARE GIANT ASCENSION HACKED, HOSPITALS DIVERTING EMERGENCY SERVICE DAILY BRIEFING NEWSLETTER Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. * Facebook * Twitter * LinkedIn * RSS Feed WEBINAR: CIEM CHAT: HOW TO REDUCE CLOUD IDENTITY RISK March 26, 2024 Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities. Register VIRTUAL EVENT: RANSOMWARE RESILIENCE & RECOVERY SUMMIT April 17, 2024 SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident. Register * CYBERSECURITY M&A ROUNDUP: 33 DEALS ANNOUNCED IN APRIL 2024 * DARKTRACE TO BE TAKEN PRIVATE IN $5.3 BILLION SALE TO THOMA BRAVO * KNOWBE4 PLANS TO ACQUIRE EGRESS FOR EMAIL SECURITY TECH * ARMIS ACQUIRES SILK SECURITY FOR $150 MILLION * WIZ ACQUIRES GEM SECURITY, PUSHES SECURITY TOOLS CONSOLIDATION * SECURITYWEEK CYBER INSIGHTS 2024 SERIES * CYBER INSIGHTS 2024: A DIRE YEAR FOR CISOS? * CYBER INSIGHTS 2024: OT, ICS AND IIOT * CYBER INSIGHTS 2024: APIS – A CLEAR, PRESENT, AND FUTURE DANGER * CYBER INSIGHTS 2024: QUANTUM AND THE CRYPTOPOCALYPSE * CYBER INSIGHTS 2024: ARTIFICIAL INTELLIGENCE * HACKER CONVERSATIONS: RON REITER, AND THE MAKING OF A PROFESSIONAL HACKER * HACKER CONVERSATIONS: KEVIN O’CONNOR, FROM CHILDHOOD HACKER TO NSA OPERATIVE * HACKER CONVERSATIONS: STEPHANIE ‘SNOW’ CARRUTHERS, CHIEF PEOPLE HACKER AT IBM X-FORCE RED * HACKER CONVERSATIONS: ROB DYKE ON LEGAL BULLYING OF GOOD FAITH RESEARCHERS * HACKER CONVERSATIONS: HD MOORE AND THE LINE BETWEEN BLACK AND WHITE * CISO CONVERSATIONS: LINKEDIN’S GEOFF BELKNAP AND META’S GUY ROSEN * CISO CONVERSATIONS: NICK MCKENZIE (BUGCROWD) AND CHRIS EVANS (HACKERONE) * SECURITYWEEK CYBER INSIGHTS 2024 SERIES * CYBER INSIGHTS 2024: A DIRE YEAR FOR CISOS? * CISO CONVERSATIONS: THE LEGAL SECTOR WITH ALYSSA MILLER AT EPIQ AND MARK WALMSLEY AT FRESHFIELDS UPCOMING CYBERSECURITY EVENTS The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders. [June 25-26, Ritz-Carlton, Half Moon Bay, CA] Learn More SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident. Learn More Designed for senior level cybersecurity leaders to discuss, share and learn innovative information security and risk management strategies, SecurityWeek’s CISO Forum, will take place June 25-26 at the Ritz-Carlton, Half Moon Bay, CA Learn More SecurityWeek’s Threat Detection and Incident Response (TDIR) Summit dives into Threat hunting tools and frameworks, and explores the value of threat intelligence data in the defender’s security stack. Learn More VULNERABILITIES * MICROSOFT WARNS OF ACTIVE ZERO-DAY EXPLOITATION, PATCHES 60 WINDOWS VULNERABILITIES Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention. (May 14, 2024) * ADOBE PATCHES CRITICAL FLAWS IN READER, ACROBAT Adobe documents multiple code execution flaws in a wide range of products, including the widely deployed Adobe Acrobat and Reader software. (May 14, 2024) * SAP PATCHES CRITICAL VULNERABILITIES IN CX COMMERCE, NETWEAVER SAP has released 14 new and three updated security notes on its May 2024 Security Patch Day. (May 14, 2024) * VMWARE PATCHES VULNERABILITIES EXPLOITED AT PWN2OWN 2024 VMware has patched three vulnerabilities exploited earlier this year at the Pwn2Own hacking competition. (May 14, 2024) CYBERCRIME * CRIMINAL USE OF AI GROWING, BUT LAGS BEHIND DEFENDERS When not scamming other criminals, criminals are concentrating on the use of mainstream AI products rather than developing their own AI systems. (May 9, 2024) * ZSCALER INVESTIGATES HACKING CLAIMS AFTER DATA OFFERED FOR SALE Zscaler says its customer, production and corporate environments are not impacted after a notorious hacker offers to sell access. (May 9, 2024) * GERMANY RECALLS ITS AMBASSADOR IN RUSSIA FOR A WEEK IN PROTEST OVER A HACKER ATTACK Germany recalled its ambassador to Russia for a week of consultations in Berlin following an alleged hacker attack on Chancellor Olaf Scholz’s party. (May 7, 2024) * FRENCH CYBERWARRIORS READY TO TEST THEIR DEFENSE AGAINST HACKERS AND MALWARE DURING THE OLYMPICS Vincent Strubel, who heads France’s national cybersecurity agency, called the cyberthreats level facing the Olympic Games unprecedented. (May 4, 2024) SENATORS URGE $32 BILLION IN EMERGENCY SPENDING ON AI AFTER FINISHING YEARLONG REVIEW The group recommends that Congress draft emergency spending legislation to boost U.S. investments in artificial intelligence, including new R&D and testing standards to understand the technology's potential harms. May 15, 2024 ICS PATCH TUESDAY: ADVISORIES PUBLISHED BY SIEMENS, ROCKWELL, MITSUBISHI ELECTRIC Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their products. May 15, 2024 VERMONT LEGISLATURE PASSES ONE OF THE STRONGEST DATA PRIVACY MEASURES IN THE COUNTRY Vermont legislature passed a bill that prohibits the sale of sensitive data, such as social security and drivers’ license numbers, financial or health information. May 14, 2024 MICROSOFT WARNS OF ACTIVE ZERO-DAY EXPLOITATION, PATCHES 60 WINDOWS VULNERABILITIES Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention. May 14, 2024 ADOBE PATCHES CRITICAL FLAWS IN READER, ACROBAT Adobe documents multiple code execution flaws in a wide range of products, including the widely deployed Adobe Acrobat and Reader software. May 14, 2024 SAP PATCHES CRITICAL VULNERABILITIES IN CX COMMERCE, NETWEAVER SAP has released 14 new and three updated security notes on its May 2024 Security Patch Day. May 14, 2024 VMWARE PATCHES VULNERABILITIES EXPLOITED AT PWN2OWN 2024 VMware has patched three vulnerabilities exploited earlier this year at the Pwn2Own hacking competition. May 14, 2024 HACKER CONVERSATIONS: RON REITER, AND THE MAKING OF A PROFESSIONAL HACKER Ron Reiter was a childhood hacker in Israel. He was recruited into the IDF’s elite Unit 8200 for his military service. Now he is CTO and co-founder of cybersecurity firm Sentra. May 14, 2024 ATTACKERS USE DNS TUNNELING TO TRACK VICTIM ACTIVITY, SCAN NETWORKS Threat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures. May 14, 2024 GOOGLE PATCHES SECOND CHROME ZERO-DAY IN ONE WEEK Google has patched CVE-2024-4761, the second exploited vulnerability addressed by the company within one week. May 14, 2024 STUDENT, PERSONNEL INFORMATION STOLEN IN CITY OF HELSINKI CYBERATTACK The City of Helsinki says usernames, email addresses, and personal information was stolen in a recent cyberattack. May 14, 2024 MITRE EMB3D THREAT MODEL OFFICIALLY RELEASED MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure. May 14, 2024 FCC WARNS OF ‘ROYAL TIGER’ ROBOCALL SCAMMERS The FCC has issued a public notice on robocall scammer group ‘Royal Tiger’, the first designated threat actor. May 14, 2024 ZSCALER CONFIRMS ONLY ISOLATED TEST SERVER WAS HACKED Zscaler has completed its investigation into the recent hacking claims and found that only an isolated test environment was compromised. May 14, 2024 APPLE PATCH DAY: CODE EXECUTION FLAWS IN IPHONES, IPADS, MACOS Apple documents another zero-day flaw being exploited on older iPhones and documents security problems in macOS, iOS and iPadOS. May 13, 2024 CHINA AND US ENVOYS WILL HOLD FIRST TOP-LEVEL DIALOGUE ON ARTIFICIAL INTELLIGENCE China’s official Xinhua news agency said the two sides would take up issues including the technological risks of AI and global governance. May 13, 2024 More Articles Page 1 of 182312345Next ›Last » The leading global conference series for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity. Learn More APPLICATION SECURITY APPLICATION SECURITY ADOBE ADDS CONTENT CREDENTIALS AND FIREFLY TO BUG BOUNTY PROGRAM Adobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials and Adobe Firefly. Ionut ArghireMay 1, 2024 APPLICATION SECURITY SAP APPLICATIONS INCREASINGLY IN ATTACKER CROSSHAIRS, REPORT SHOWS APPLICATION SECURITY MIGGO SECURITY GETS $7.5 MILLION SEED FUNDING TO BUILD ADR TECHNOLOGY APPLICATION SECURITY NIGHTVISION RAISES $5.4 MILLION FOR APPLICATION SECURITY TESTING CLOUD SECURITY CLOUD SECURITY WIZ RAISES $1 BILLION AT $12 BILLION VALUATION Cloud security giant Wiz has raised $1 billion, which brings the total funding to $1.9 billion, at a valuation of $12 billion. Eduard KovacsMay 7, 2024 ARTIFICIAL INTELLIGENCE GOOGLE DEBUTS NEW SECURITY PRODUCTS, HYPING AI AND MANDIANT EXPERTISE CISO STRATEGY MICROSOFT OVERHAULS CYBERSECURITY STRATEGY AFTER SCATHING CSRB REPORT CLOUD SECURITY LAYERX RAISES $26 MILLION FOR BROWSER SECURITY PLATFORM ICS/OT ICS/OT ICS PATCH TUESDAY: ADVISORIES PUBLISHED BY SIEMENS, ROCKWELL, MITSUBISHI ELECTRIC Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their products. Eduard Kovacs13 mins ago ICS/OT CINTERION MODEM FLAWS POSE RISK TO MILLIONS OF DEVICES IN INDUSTRIAL, OTHER SECTORS FUNDING/M&A TXONE NETWORKS SCORES $51M SERIES B EXTENSION ICS/OT FROM WARNINGS TO ACTION: PREPARING AMERICA’S INFRASTRUCTURE FOR IMMINENT CYBER THREATS * * * POPULAR TOPICS * Cybersecurity News * Industrial Cybersecurity SECURITY COMMUNITY * Virtual Cybersecurity Events * Webcast Library * CISO Forum * AI Risk Summit * ICS Cybersecurity Conference * Cybersecurity Newsletters STAY INTOUCH * Cyber Weapon Discussion Group * RSS Feed * Security Intelligence Group * Follow SecurityWeek on LinkedIn ABOUT SECURITYWEEK * Advertising * Event Sponsorships * Writing Opportunities * Feedback/Contact Us NEWS TIPS Got a confidential news tip? We want to hear from you. Submit Tip ADVERTISING Reach a large audience of enterprise cybersecurity professionals Contact Us DAILY BRIEFING NEWSLETTER Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox. * Privacy Policy Copyright © 2024 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved. Close