Warning: Tunnel of Love Leads to Scams
Romance-baiting losses were up 40% last year, as more and more pig-butchering efforts crop up in the wild.
darkreading – Read More
Rising Tides: Lesley Carhart on Bridging Enterprise Security and OT—and Improving the Human Condition
In the latest edition of “Rising Tides” we talk with Lesley Carhart, Technical Director of Incident Response at Dragos.
The post Rising Tides: Lesley Carhart on Bridging Enterprise Security and OT—and Improving the Human Condition appeared first on SecurityWeek.
SecurityWeek – Read More
In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool
Noteworthy stories that might have slipped under the radar: Google pays $10,000 bug bounty for YouTube vulnerability, Cybereason CEO sues two investors, Otorio launches new OT security tool.
The post In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool appeared first on SecurityWeek.
SecurityWeek – Read More
SonicWall Firewall Vulnerability Exploited After PoC Publication
The exploitation of a recent SonicWall vulnerability has started shortly after proof-of-concept (PoC) code was published.
The post SonicWall Firewall Vulnerability Exploited After PoC Publication appeared first on SecurityWeek.
SecurityWeek – Read More
SGNL Raises $30 Million for Identity Management Solution
Identity management provider SGNL has raised $30 million in a Series A funding round led by Brightmind Partners.
The post SGNL Raises $30 Million for Identity Management Solution appeared first on SecurityWeek.
SecurityWeek – Read More
Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks
China-linked APT Salt Typhoon has been exploiting known vulnerabilities in Cisco devices in attacks on telecom providers in the US and abroad.
The post Salt Typhoon Targeting Old Cisco Vulnerabilities in Fresh Telecom Hacks appeared first on SecurityWeek.
SecurityWeek – Read More
New Windows Zero-Day Exploited by Chinese APT: Security Firm
ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda.
The post New Windows Zero-Day Exploited by Chinese APT: Security Firm appeared first on SecurityWeek.
SecurityWeek – Read More
Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure
Attempts to exploit CVE-2024-0108, an authentication bypass vulnerability in Palo Alto firewalls, started one day after disclosure.
The post Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure appeared first on SecurityWeek.
SecurityWeek – Read More
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7.
The vulnerability, tracked as CVE-2025-1094 (CVSS score: 8.1), affects the PostgreSQL interactive tool psql.
“An
The Hacker News – Read More
Roundtable: Is DOGE Flouting Cybersecurity for US Data?
Cybersecurity experts weigh in on the red flags flying around the new Department of Government Efficiency’s handling of the mountains of US data it now has access to, potentially without basic information security protections in place.
darkreading – Read More