Page 2
-
DHS warns of heightened cyber threat as US enters Iran conflict
Federal officials are warning that pro-Iran hacktivists or state-linked actors may target poorly secured U.S. networks.
-
Aflac discloses cyber intrusion linked to wider crime spree targeting insurance industry
The breach marks the latest in a series of recent attacks linked to cybercrime group Scattered Spider.
Updated June 20, 2025 -
AWS CISO stumps for security as an AI enabler
AI’s rapid development underscores the need for secure foundations, Amy Herzog said Tuesday during the company’s annual cybersecurity conference.
-
Researchers urge vigilance as Veeam releases patch to address critical flaw
The patch for a previously disclosed vulnerability in the company’s backup software did not offer adequate protection, according to researchers.
-
Critical Zyxel vulnerability under active exploitation after long period of quiet
Researchers say a sudden burst of activity could be linked to a Mirai botnet variant.
-
Cloud storage buckets leaking secret data despite security improvements
New data from Tenable highlighted significant improvements in the number of businesses with publicly exposed and critically vulnerable buckets storing sensitive data.
-
FTC reminds car dealers to protect customer data
The commission described how recently updated federal regulations affect dealerships — and their vendors.
Updated June 17, 2025 -
Threat group linked to UK, US retail attacks now targeting insurance industry
The warning from Google researchers follows a recent incident at Erie Insurance, although the perpetrators of that attack have not been identified.
-
US critical infrastructure could become casualty of Iran-Israel conflict
Researchers warn that Iran-aligned threat groups could soon target U.S. companies and individuals in cyber espionage or sabotage attacks.
-
Cyberattacks top list of global business concerns, Kroll finds
Many companies feel unprepared to comply with global privacy and security rules, according to the advisory firm’s annual business sentiment survey.
-
SEC scraps proposed cybersecurity rules for investment advisers, market participants
The commission offered no rationale for removing rules that would have imposed security requirements on financial services providers.
Updated June 16, 2025 -
CISA warns of supply chain risks as ransomware attacks exploit SimpleHelp flaws
The latest confirmed cyber intrusion hit a utility billing software provider and its customers.
-
Software vulnerabilities pile up at government agencies, research finds
A Veracode report reveals that government networks have accumulated years of unresolved security flaws, putting them at serious risk of exploitation.
-
Critical flaw in Microsoft Copilot could have allowed zero-click attack
Researchers said the vulnerability, dubbed “EchoLeak,” could allow a hacker to access data without any specific user interaction.
Updated June 11, 2025 -
How AI agents could revolutionize the SOC — with human help
AI agents aren’t foolproof, but they could soon replace some of the most common tasks for cyber defenders.
-
Global law-enforcement operation targets infostealer malware
Authorities in three countries arrested 32 people and seized dozens of servers.
-
UNFI’s operations remain hobbled following cyberattack
The grocery company had to entirely shut down its network following the intrusion and is serving customers on only a “limited basis” as it works to recover, CEO Sandy Douglas said.
-
From malware to deepfakes, generative AI is transforming attacks
Generative AI is even helping hackers trick open-source developers into using malicious code, according to Gartner.
-
Marks & Spencer restores some online-order operations following cyberattack
The department store chain six weeks ago was one of the first targets in an international spree of attacks disrupting retailers.
-
Main distributor to Whole Foods hit by cyberattack
UNFI, a grocery retailer and wholesaler, is working to resume full operations following “unauthorized activity” involving its IT systems.
-
SentinelOne rebuffs China-linked attack — and discovers global intrusions
The security firm said the operatives who tried to breach it turned out to be responsible for cyberattacks on dozens of critical infrastructure organizations worldwide.
Updated June 9, 2025 -
Scattered Spider targeting MSPs, IT vendors in social engineering campaigns
The same group is believed to be behind a wave of attacks against retailers in the UK, the US and elsewhere.
-
Opinion
Gartner: How to create a compelling SOC narrative for executives
Focus on financial impact, efficiency and risk management to ensure informed cybersecurity investment decisions.
-
Trump scraps Biden software security, AI, post-quantum encryption efforts in new executive order
The White House accused the Biden administration of trying to “sneak problematic and distracting issues into cybersecurity policy.”
-
Data security is a CX issue, too
A string of cyberattacks have targeted retailers like Adidas and North Face. Incidents like these can weaken customer trust and lead to lost business, experts say.