News

Spanish authorities have announced the arrest of an individual suspected of being a hacker who has claimed attacks on dozens of organizations.  Police said the unnamed man — described as a “dangerous hacker” — was arrested in the town of Calpe in Spain’s Alicante province, for allegedly launching cyberattacks on more than 40 organizations and leaking stolen data. Investigators searched the suspect’s home, seized electronic devices, and identified more than 50 cryptocurrency accounts. According to…

Read More

Virtual conference will explore cybersecurity use-cases for artificial intelligence (AI) technology and the race to protect LLM algorithms from adversarial use. SecurityWeek will host its 2023 Cyber AI & Automation Summit on December 6, 2023 as a fully immersive virtual conference, showcasing prominent technologists discussing the burgeoning AI-powered security landscape. The Cyber AI & Automation Summit will feature keynotes and editorial presentations from Chief Information Security Officers (CISOs), software developers, policy analysts, government representatives and…

Read More

Open-source file-sharing and collaboration software ownCloud is plagued by critical vulnerabilities that could lead to the exposure of credentials and other sensitive information and to authentication and validation bypass. The most serious issue, which carries a CVSS score of 10/10, impacts the graphapi app, which uses a third-party library providing a URL that, when accessed, reveals the PHP environment’s configuration details (phpinfo). “This information includes all the environment variables of the webserver. In containerized deployments,…

Read More

A North Korean threat group breached a Taiwanese software company and leveraged its systems to deliver malware to devices in North America and Asia, Microsoft reported this week. The threat actor is tracked by the tech giant as Diamond Sleet (Zinc). Previously described as a sub-group of the notorious Lazarus, the hacker gang has been conducting attacks for data theft, espionage, destruction and financial gain. In the past, it was observed targeting security researchers, penetration…

Read More

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More

Computer chip and software maker Broadcom has announced it has cleared all regulatory hurdles and plans to complete its $69 billion acquisition of cloud technology company VMware on Wednesday. The company, based in San Jose, California, announced it planned to move ahead with the deal after China joined the list of countries that had given a go-ahead for the acquisition. Broadcom is paying $61 billion in cash and stock for VMware and taking on $8…

Read More

End-to-end generative AI security startup Lasso Security has emerged from stealth mode with $6 million in a seed funding round led by Entrée Capital, with additional investment from Samsung Next. Established earlier this year, the Tel Aviv-based company is building technology to tackle the cyber threats faced by generative AI and large language models (LLMs) and prevent data exposure, and security and compliance risks. By protecting every LLM touchpoint, Lasso wants to help secure businesses…

Read More