Business resilience must be the ultimate purpose of all the security controls and processes we employ, because we will never conclusively defeat or protect ourselves from social engineering. The post Cyber Insights 2025: Social Engineering Gets AI Wings appeared first on SecurityWeek.
Pwn2Own Automotive 2025 has come to an end and participants have earned a total of $886,000 for exploits targeting EV chargers and infotainment systems. The post Hackers Earn $886,000 at Pwn2Own Automotive 2025 for Charger, OS, Infotainment Exploits appeared first on SecurityWeek.
Eclypsium warns that Palo Alto Networks firewalls are impacted by BIOS and bootloader flaws, but the vendor says users should not be concerned. The post Palo Alto Networks Addresses Impact of BIOS, Bootloader Vulnerabilities on Its Firewalls appeared first on SecurityWeek.
Conduent has confirmed suffering disruptions due to a cyberattack after government agencies reported service outages. The post Conduent Confirms Cyberattack After Government Agencies Report Outages appeared first on SecurityWeek.
Two separate threat actors have been observed abusing Microsoft 365 services and exploiting default Microsoft Teams configurations to initiate conversations with internal users, Sophos warns. Operating Microsoft 365 tenants, the two hacking groups launched at least 15 attacks over the past three months, likely aiming to compromise organizations for ransomware deployment and data theft. Tracked […]
SecurityWeek’s Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we discuss what to expect in Attack Surface Management. Business transformation is redefining attack surface management (ASM). […]
California-based education tech giant PowerSchool is notifying students and educators that their personal information was compromised in a December 2024 data breach. The incident, the company says, was identified on December 28 and only involved its Student Information System (SIS) environments, which were accessed through the PowerSource community-focused customer support portal. According to PowerSchool, the […]
A Washington man has admitted in court to being involved in multiple fraud schemes that caused losses of more than $600,000. The man, Marco Raquan Honesty, 28, admitted that, throughout 2021 and into 2022, he engaged in COVID relief fraud, smishing scams, bank account takeover, forged money orders, and other fraud schemes. Honesty engaged in […]
Social media security startup Spikerz last week announced raising $7 million in a seed funding round. The investment was led by Disruptive AI, with participation from previous investor Horizon Capital, as well as Wix Ventures, Storytime Capital, and BDMI. Spikerz said the funding will enable it to accelerate the development of its platform, expand its […]
Kaspersky has disclosed the details of over a dozen vulnerabilities discovered in a Mercedes-Benz infotainment system, but the carmaker has assured customers that the security holes have been patched and they are not easy to exploit. Kaspersky’s research of the Mercedes-Benz head unit, called Mercedes-Benz User Experience (MBUX), built on previous research conducted by a […]