Security Week Home

A researcher has disclosed the details of a 2FA bypass vulnerability affecting Instagram and Facebook.

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment in cybersecurity.

Lexmark warns of a remote code execution (RCE) vulnerability impacting over 120 printer models, for which PoC code has been published.

The latest BIND updates patch multiple remotely exploitable vulnerabilities that could lead to denial-of-service (DoS).

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.

Iranian APT Moses Staff is leaking data stolen from Saudi Arabia government ministries under the recently created Abraham’s Ax persona

US government reminds the public that a reward of up to $10 million is offered for information on cybercriminals, including members of the Hive operation.

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Tenable has launched a $25 million venture fund to place bets on early-stage startups in the exposure management space.

Zacks Investment Research is informing 820,000 individuals that their personal data was compromised in a data breach.

How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.

The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

The UK’s NCSC has issued a security advisory to warn about spearphishing campaigns conducted by two unrelated Russian and Iranian hacker groups.