Category: SecurityWeek

Threat actors have started exploiting critical-severity vulnerabilities in ServiceNow shortly after public disclosure.

The post Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks appeared first on SecurityWeek.

Noteworthy stories that might have slipped under the radar: FBI article on agency’s Cyber Action Team, data of Pentagon IT provider Leidos leaked, Nigerian cybercriminal sentenced to 12 years in prison.

The post In Other News: FBI Cyber Action Team, Pentagon IT Firm Leak, Nigerian Gets 12 Years in Prison appeared first on SecurityWeek.

The US is offering a reward of up to $10 million for information on Rim Jong Hyok, a member of the North Korean hacking group APT45.

The post US Offers $10 Million Reward for Information on North Korean Hacker appeared first on SecurityWeek.

A vulnerability dubbed PKfail can allow attackers to run malicious code during the boot process, which can be used to deliver UEFI bootkits.

The post PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models  appeared first on SecurityWeek.

CrowdStrike says 97% of Windows systems impacted by its bad update are back online, just as an insurer predicts billions in losses for major companies.

The post 97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses appeared first on SecurityWeek.

A man who allegedly carried out attacks for a North Korean military intelligence agency has been indicted in a conspiracy to hack healthcare firms, NASA, military bases and other entities.

The post North Korean Charged in Ransomware Attacks on American Hospitals appeared first on SecurityWeek.

Software supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion.

The post Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads appeared first on SecurityWeek.

The latest BIND security updates address remotely exploitable vulnerabilities leading to denial-of-service.

The post BIND Updates Resolve High-Severity DoS Vulnerabilities appeared first on SecurityWeek.

Stargazer Goblin has created a network of over 3,000 GitHub accounts to distribute malware through phishing repositories.

The post Network of 3,000 GitHub Accounts Used for Malware Distribution appeared first on SecurityWeek.

A fresh Mandiant report documents North Korea’s APT45 as a distinct hacking team conducting cyberespionage and ransomware operations.

The post Mandiant Shines Spotlight on APT45 Behind North Korea’s Digital Military Machine appeared first on SecurityWeek.