Conduent Confirms Cyberattack After Government Agencies Report Outages
Conduent has confirmed suffering disruptions due to a cyberattack after government agencies reported service outages. The post Conduent Confirms Cyberattack After Government Agencies Report Outages appeared first on SecurityWeek.
Read More
Ransomware Groups Abuse Microsoft Services for Initial Access
Two separate threat actors have been observed abusing Microsoft 365 services and exploiting default Microsoft Teams configurations to initiate conversations with internal users, Sophos warns. Operating Microsoft 365 tenants, the two hacking groups launched at least 15 attacks over the past three months, likely aiming to compromise organizations for ransomware deployment and data theft. Tracked […]
Read More
Cyber Insights 2025: Attack Surface Management
SecurityWeek’s Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we discuss what to expect in Attack Surface Management. Business transformation is redefining attack surface management (ASM). […]
Read More
Students, Educators Impacted by PowerSchool Data Breach
California-based education tech giant PowerSchool is notifying students and educators that their personal information was compromised in a December 2024 data breach. The incident, the company says, was identified on December 28 and only involved its Student Information System (SIS) environments, which were accessed through the PowerSource community-focused customer support portal. According to PowerSchool, the […]
Read More
Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes
A Washington man has admitted in court to being involved in multiple fraud schemes that caused losses of more than $600,000. The man, Marco Raquan Honesty, 28, admitted that, throughout 2021 and into 2022, he engaged in COVID relief fraud, smishing scams, bank account takeover, forged money orders, and other fraud schemes. Honesty engaged in […]
Read More
Social Media Security Firm Spikerz Raises $7 Million
Social media security startup Spikerz last week announced raising $7 million in a seed funding round. The investment was led by Disruptive AI, with participation from previous investor Horizon Capital, as well as Wix Ventures, Storytime Capital, and BDMI. Spikerz said the funding will enable it to accelerate the development of its platform, expand its […]
Read More
Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities
Kaspersky has disclosed the details of over a dozen vulnerabilities discovered in a Mercedes-Benz infotainment system, but the carmaker has assured customers that the security holes have been patched and they are not easy to exploit. Kaspersky’s research of the Mercedes-Benz head unit, called Mercedes-Benz User Experience (MBUX), built on previous research conducted by a […]
Read More
FCC Taking Action in Response to China’s Telecoms Hacking
The Federal Communications Commission has adopted a declaratory ruling requiring telecommunications providers to secure their networks against cybersecurity threats. The ruling, for which the FCC currently seeks public comment, will also require wireless carriers to submit annual certification to the commission, proving that they have a cybersecurity risk management plan in place. “There is a […]
Read More
CISA, FBI Update Software Security Recommendations
The US cybersecurity agency CISA and the FBI have updated their guidance on risky software security bad practices to include the feedback received during a public comment period. Called Product Security Bad Practices, the guidance provides an overview of the security practices considered exceptionally risky, provides recommendations on addressing them, and urges makers of software […]
Read More
HPE Investigating Breach Claims After Hacker Offers to Sell Data
HPE has launched an investigation after a well-known hacker announced the sale of information allegedly stolen from the tech giant’s systems. The notorious hacker IntelBroker announced on January 16 on a cybercrime forum that he is selling files obtained from HPE systems. The compromised data allegedly includes source code for products such as Zerto and […]
Read More