Tag: securityweek

Noteworthy stories that might have slipped under the radar: communications of dozens of Iranian ships disrupted, only apps from verified developers will run on Android devices, and AI used across multiple phases of malicious attacks. The post In Other News:…

Read more →

The credit reporting firm did not name the third-party application involved in the incident, only noting that it was used for its US consumer support operations. The post TransUnion Data Breach Impacts 4.4 Million appeared first on SecurityWeek. This article…

Read more →

Google says the same OAuth token compromise that enabled Salesforce data theft also let hackers access a small number of Workspace accounts via the Salesloft Drift integration. The post Google Confirms Workspace Accounts Also Hit in Salesforce–Salesloft Drift Data Theft…

Read more →

Storm-0501 has been leveraging cloud-native capabilities for data exfiltration and deletion, without deploying file-encrypting malware. The post Ransomware Group Exploits Hybrid Cloud Gaps, Gains Full Azure Control in Enterprise Attacks appeared first on SecurityWeek. This article has been indexed from…

Read more →

US Treasury sanctions Russian and Chinese entities tied to North Korea’s use of fake IT workers, who exploited stolen identities, AI, and malware to funnel millions back to Pyongyang. The post US Sanctions Russian National, Chinese Firm Aiding North Korean…

Read more →

State officials confirm ransomware forced office closures, disrupted services, and led to data theft, as Nevada works with CISA and law enforcement to restore critical systems. The post Nevada Confirms Ransomware Attack Behind Statewide Service Disruptions appeared first on SecurityWeek.…

Read more →

China-linked APT ‘Salt Typhoon’ exploited known router flaws to maintain persistent access across telecom, government, and military networks, giving Beijing’s intelligence services global surveillance reach. The post China’s Salt Typhoon Hacked Critical Infrastructure Globally for Years appeared first on SecurityWeek.…

Read more →

CrowdStrike says the acquisition will bring valuable technology to enhance its Falcon Next-Gen SIEM. The post CrowdStrike to Acquire Onum to Fuel Falcon Next-Gen SIEM With Real-Time Telemetry appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read…

Read more →

Join this live discussion to learn how organizations can strengthen ransomware defenses while staying ahead of tightening compliance requirements. The post Webinar Today: Ransomware Defense That Meets Evolving Compliance Mandates appeared first on SecurityWeek. This article has been indexed from…

Read more →

With more than 4 million weekly downloads, the Nx build platform became the first known supply chain breach where hackers weaponized AI assistants for data theft. The post Hackers Target Popular Nx Build System in First AI-Weaponized Supply Chain Attack…

Read more →

AI-powered phishing attacks leverage ConnectWise ScreenConnect for remote access, underscoring their sophistication. The post Hackers Weaponize Trust with AI-Crafted Emails to Deploy ScreenConnect appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Hackers Weaponize…

Read more →

Google researchers say China-linked UNC6384 combined social engineering, signed malware, and adversary-in-the-middle attacks to evade detection. The post China-Linked Hackers Hijack Web Traffic to Deliver Backdoor appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

Google says the hackers systematically exported corporate data, focusing on secrets such as AWS and Snowflake keys. The post Hundreds of Salesforce Customers Hit by Widespread Data Theft Campaign appeared first on SecurityWeek. This article has been indexed from SecurityWeek…

Read more →

State websites and phone lines were taken offline, but officials say emergency services and personal data remain unaffected. The post Nevada State Offices Closed Following Disruptive Cyberattack appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →

Competition among malware-as-a-service developers has transformed infostealers into refined, accessible tools for cybercriminals worldwide. The post Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Infostealers: The…

Read more →

Proof-of-concept ransomware uses AI models to generate attack scripts in real time. The post PromptLock: First AI-Powered Ransomware Emerges appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: PromptLock: First AI-Powered Ransomware Emerges

Read more →

Zero-day exploited in the wild forces Citrix and CISA to push emergency patch deadlines for federal agencies. The post Citrix Patches Exploited NetScaler Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Citrix…

Read more →

Building secure AI agent systems requires a disciplined engineering approach focused on deliberate architecture and human oversight. The post Beyond the Prompt: Building Trustworthy Agent Systems appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…

Read more →

The personal information of many individuals was stolen from Healthcare Services Group’s computer systems in 2024. The post Healthcare Services Group Data Breach Impacts 624,000 appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article:…

Read more →

A critical vulnerability in Docker Desktop allows attackers to modify the filesystem of Windows hosts to become administrators. The post Docker Desktop Vulnerability Leads to Host Compromise appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…

Read more →