Government agencies in the US, Canada, Australia and New Zealand have issued joint guidance for improving the security of communications infrastructure in response to espionage attacks conducted by China-linked threat actors against major telecommunications providers. The guidance provides recommendations for strengthening visibility into organizations’ network traffic, user activity, and data flow, which makes it easier […]

SecurityWeek’s Cyber AI & Automation Summit will take place today, December 4th, as a fully immersive online experience. Sessions will run from 11AM – 4PM ET. SecurityWeek’s 2024 Cyber AI & Automation Summit discusses the revolutionary role of AI, machine learning, and automation in cybersecurity. Attendees can expect robust talks on practical use-cases for AI-enabled security, the […]

Most of the security professionals I’ve worked with over the course of my career have been sincere, talented, constructive players. These types of people know that the whole is greater than the sum of the parts, and they work collaboratively to build up both their peers and the broader teams that they work within. Unfortunately, […]

Google on Tuesday announced patches for 14 high-severity vulnerabilities as part of Android’s December 2024 security update, including a remote code execution flaw in the System component. The first part of the update, which arrives on devices as the 2024-12-01 security patch level, resolves six security defects in the Framework and System components, five of […]

Some decentralized application developers this week downloaded backdoored versions of the Solana Web3.js library after an attacker compromised a GitHub account with publish rights. Solana Web3.js is a JavaScript library that developers commonly use to build decentralized applications (dapps) for Node, web, and React Native. With over 400,000 weekly downloads, the library ensures communication between […]

Law enforcement agencies announced on Tuesday that they have taken down yet another encrypted messaging service used by criminals, but not before spying on its users.  Europol said police and other agencies in France, Germany, Netherlands, Italy, Lithuania and Spain have targeted a service named Matrix, whose existence came to light during an investigation into […]

Federal authorities on Tuesday urged telecommunication companies to boost network security following a sprawling Chinese hacking campaign that gave officials in Beijing access to private texts and phone conversations of an unknown number of Americans. The guidance issued by the FBI and the Cybersecurity and Infrastructure Security Agency is intended to help root out the […]

The Council of the European Union on Monday announced the adoption of two new laws meant to improve the overall cybersecurity across the EU. The two new laws in the cybersecurity package establish a cybersecurity shield that calls for member states to cooperate in detecting and responding to cyberattacks, and amend the EU’s Cybersecurity Act […]

Amazon Web Services (AWS) and other vendors announced new cloud security products and features at the re:Invent 2024 conference hosted by AWS. AWS made several announcements. It launched an incident response service designed to provide organizations with quick and effective security incident management capabilities.  The cloud giant also announced extended threat detection capabilities for Amazon […]

The U.S. Commerce Department has expanded the list of Chinese technology companies subject to export controls to include many that make equipment used to make computer chips, chipmaking tools and software. The 140 companies newly included in the so-called “entity list” are nearly all based in China. But some are Chinese-owned businesses in Japan, South […]