SecurityWeek RSS Feed

Researchers Abuse Apple's Find My Network for Data Upload

Security researchers have discovered a way to leverage Apple's Find My's Offline Finding network to upload data from devices, even those that do not have a Wi-Fi or mobile network connection. read more

Rapid7 Source Code Exposed in Codecov Supply Chain Attack

Rapid7 says unauthorized third-party accessed source code, customer data during Codecov supply chain breach read more

Vendor Survey vs Reality on SASE Implementation

Gartner believes it will be four years before the market achieves two-thirds of the position a WSJ Intelligence and Forcepoint survey says is already achieved read more

Biden to Bring Up Russian Hackers Issue With Putin

President Joe Biden said Thursday that Vladimir Putin was not connected to a Russia-based criminal cyber attack on a huge US fuel pipeline but that he will raise the issue at an expected summit. read more

Citrix Patches Vulnerability in Workspace App for Windows

Citrix this week announced that it has patched a local privilege escalation vulnerability in the Citrix Workspace app for Windows. read more

Verizon DBIR 2021: Ransomware, Web App and Phishing Attacks Dominate

Data breaches from 2020 show that not much has changed over the last year: businesses continue to struggle with the basics of securing web apps, cloud deployments and educating employees read more

Microsoft Warns of Attacks on Aerospace, Travel Sectors

Organizations in the aerospace and travel sectors have been targeted in the past months in a campaign aimed at infecting victims with remote access Trojans (RAT) and other types of malware, Microsoft warns. read more

Query.AI Launches With Security Investigations Platform, $4.6 Million Seed Funding

Query.AI officially launched on Thursday with a security investigations platform and $4.6 million in seed funding. The funding came from ClearSky Security, DNX Ventures, and South Dakota Equity Partners, and Query.AI says it will be used to accelerate adoption of its product. read more

Security Automation: Data is More Important Than Process

Automation can't be just about running the process, but must include three important stages read more

UK Foreign Secretary Calls for Cooperation on Cybersecurity

U.K. Foreign Secretary Dominic Raab on Wednesday urged global cooperation to combat cyberattacks by "hostile state actors" and criminal gangs. Raab also pledged 22 million pounds ($31 million) in support to "vulnerable" countries in Africa and the Indo-Pacific to improve their digital defense capacity. read more

Green Energy Company Volue Hit by Ransomware

Norway-based green energy solutions provider Volue has been working on restoring systems after being targeted in a ransomware attack. read more

Colonial Pipeline Initiates Restart of Pipeline Operations After Ransomware Attack

Colonial Pipeline read more

Tech Audit of Colonial Pipeline Found 'Glaring' Problems

An outside audit three years ago of the major East Coast pipeline company hit by a cyberattack found "atrocious" information management practices and "a patchwork of poorly connected and secured systems," its author told The Associated Press. read more

Biden Signs Order to Beef Up Federal Cyber Defenses

President Joe Biden signed an executive order Wednesday meant to strengthen U.S. cybersecurity defenses in response to a series of headline-grabbing hacking incidents that highlight how vulnerable the country's public and private sectors are to high-tech spies and criminals operating from half a world away. read more

Asset Discovery Provider Panaseer Raises $26.5 Million

Asset and security control management provider Panaseer on Wednesday announced a new $26.5 million round of funding, bringing the total investment in the company up to $43 million. read more

Inside The UK's Active Cyber Defense Program

Active Cyber Defence (ACD) program

UK's National Cyber Security Centre highlights the success of its Active Cyber Defence (ACD) program read more

Apple Removed 95,000 Fraudulent Applications From App Store in 2020

In 2020, Apple removed or rejected hundreds of thousands of applications from the App Store for engaging in various forms of fraudulent behavior, including spam, mischief, and privacy violations. read more

Security Researchers Dive Into DarkSide Ransomware

Following the ransomware attack that impacted the pipeline operated by Georgia-based Colonial Pipeline, security firms are providing detailed information on the cybercriminal gang behind the attack. read more

Industry Reactions to Ransomware Attack on Colonial Pipeline

Industry reactions to Colonial Pipeline ransomware attack read more

Jamf to Acquire Wandera for $400 Million to Bring Zero Trust to Apple Ecosystem

Acquisition will extend Jamf's Zero Trust Network Access, threat defense and data policy enforcement for Apple devices read more

Distributed by