Former NSA Director Rob Joyce Joins DataTribe as Venture Partner
Former NSA director Rob Joyce has joined venture capital firm DataTribe as a venture partner to help identify and grow early-stage startups focused on cybersecurity. DataTribe, which describes itself as a cyber startup foundry, said Joyce will be a venture partner tasked with finding entrepreneurs developing new and emerging technologies for cyber defense. Joyce, who […]
Read More
Chinese Tech Companies Tencent, CATL and Others Protest US Listings as Army-Linked Companies
The U.S. Defense Department has added dozens of Chinese companies, including games and technology company Tencent, artificial intelligence firm SenseTime and the world’s biggest battery maker CATL, to a list of companies it says have ties to China’s military, prompting some to protest and say they will seek to have the decision reversed. In recent […]
Read More
Dell, HPE, MediaTek Patch Vulnerabilities in Their Products
Hardware makers MediaTek, HPE and Dell on Monday released advisories to inform customers about potentially serious vulnerabilities found and patched in their products. Taiwanese semiconductor company MediaTek announced patches for a dozen vulnerabilities, including a critical-severity flaw in the modem component of tens of chipsets that could lead to remote code execution (RCE). Tracked as […]
Read More
Washington Attorney General Sues T-Mobile Over 2021 Data Breach
Washington State Attorney General Bob Ferguson on Monday filed a lawsuit against wireless carrier T-Mobile over a 2021 data breach. Disclosed in August 2021, the attack resulted in the personal information of 76.6 million people being stolen. The next year, T-Mobile agreed to pay $350 million to settle a class action lawsuit over the incident, […]
Read More
CISA: No Federal Agency Beyond Treasury Impacted by BeyondTrust Incident
The US cybersecurity agency CISA on Monday said that no other federal agency beyond the Department of the Treasury was impacted by the recent ‘major cybersecurity incident’ involving a BeyondTrust cloud-based service. Disclosed on December 31, the attack resulted in Chinese state-sponsored hackers accessing Treasury workstations and unclassified documents using a compromised API key for […]
Read More
Critical Infrastructure Ransomware Attack Tracker Reaches 2,000 Incidents
Roughly 2,000 ransomware attacks were launched over the past decade against critical infrastructure organizations in the United States and other countries, according to data collected as part of a project maintained at Temple University in Philadelphia. SecurityWeek first wrote about the project in 2020, when it covered more than 680 ransomware attacks targeting critical infrastructure. […]
Read More
China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks
China has slammed a decision by the U.S. Treasury to sanction a Beijing-based cybersecurity company for its alleged role in multiple hacking incidents targeting critical U.S. infrastructure, while the Chinese cyber security agency complained Monday of attacks on Chinese networks. Asked about the sanctions against Beijing-based Integrity Technology Group, Chinese Foreign Ministry spokesperson Guo Jiakun […]
Read More
Anticipating the Cyber Frontier: Top Predictions for 2025
The year 2024 witnessed heightened cybersecurity activity, with security professionals and adversaries locked in a continuous game of cat and mouse. The dynamic nature of cyber threats and the ever-expanding digital attack surface have compelled organizations to refine and bolster their security architectures. Despite hopes for a respite from the relentless tide of phishing, ransomware, […]
Read More
Wallet Drainer Malware Used to Steal $500 Million in Cryptocurrency in 2024
Nearly $500 million in cryptocurrency was stolen from more than 332,000 victims in 2024 by means of wallet drainer malware, anti-scam firm Scam Sniffer says. Wallet drainers trick victims into signing malicious transactions, which results in their assets being stolen. Last year, wallet drainer malware caused losses of approximately $494 million, marking a 67% year-over-year […]
Read More
Code Execution Flaw Found in Nuclei Vulnerability Scanner
A security defect in the Nuclei vulnerability scanner could have allowed threat actors to execute arbitrary code using custom code templates. Relying on simple YAML-based templates, Nuclei is a highly popular vulnerability scanner that can be used with a broad range of assets and which has more than 21,000 stars on GitHub and over 2.1 […]
Read More