SecurityWeek will host its 2024 Attack Surface Management Summit as a fully immersive virtual event on Wednesday, September 18th.
The post SecurityWeek to Host 2024 Attack Surface Management Summit Today appeared first on SecurityWeek.
Threat Actors Target Accounting Software Used by Construction Contractors
Malicious hackers are caught brute-forcing Foundation Accounting Software at scale, compromising organizations in the construction industry.
The post Threat Actors Target Accounting Software Used by Construction Contractors appeared first on SecurityWeek.
North Korean Hackers Lure Critical Infrastructure Employees With Fake Jobs
A North Korean group tracked as UNC2970 has been spotted trying to deliver new malware to people in the aerospace and energy industries.
The post North Korean Hackers Lure Critical Infrastructure Employees With Fake Jobs appeared first on SecurityWeek.
Australian Police Infiltrate Encrypted Messaging App Ghost and Arrest Dozens
Australian police have infiltrated encrypted messaging app Ghost, which has been used for illegal activities, and arrested dozens of people.
The post Australian Police Infiltrate Encrypted Messaging App Ghost and Arrest Dozens appeared first on SecurityWeek.
Joint ODNI, FBI, and CISA Statement
CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities
CISA and the FBI have released an alert on XSS vulnerabilities, urging organizations to adopt a secure by design approach and eliminate them.
The post CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities appeared first on SecurityWeek.
Chrome 129 Patches High-Severity Vulnerability in V8 Engine
Google has released Chrome 129 with patches for nine vulnerabilities, including a high-severity bug in the V8 engine.
The post Chrome 129 Patches High-Severity Vulnerability in V8 Engine appeared first on SecurityWeek.
Why Pay A Pentester?
The evolution of software always catches us by surprise. I remember betting against the IBM computer Deep Blue during its chess match against the grandmaster Garry Kasparov in 1997, only to be stunned when the machine claimed victory. Fast forward to today, would we have imagined just three years ago that a chatbot could write essays, handle customer support calls, and even craft commercial
AT&T to Pay $13 Million in Settlement Over 2023 Data Breach
AT&T has agreed to pay $13 million in a settlement with the FCC over a 2023 data breach at a third-party vendor’s cloud environment.
The post AT&T to Pay $13 Million in Settlement Over 2023 Data Breach appeared first on SecurityWeek.
North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware
A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them with a previously undocumented backdoor dubbed MISTPEN.
The activity cluster is being tracked by Google-owned Mandiant under the moniker UNC2970, which it said overlaps with a threat group known as TEMP.Hermit, which is
The activity cluster is being tracked by Google-owned Mandiant under the moniker UNC2970, which it said overlaps with a threat group known as TEMP.Hermit, which is