OT Security Responsibility Is Elevating to Executive Leadership
New research delves into the state of operational technology (OT) cybersecurity.
DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware
A threat actor with suspected ties to India has been observed targeting a European foreign affairs ministry with malware capable of harvesting sensitive data from compromised hosts. The activity has been attributed by Trellix Advanced Research Center to an advanced persistent threat (APT) group called DoNot Team, which is alsoRead More »DoNot APT Expands Operations, Targets European Foreign Ministries with LoptikMod Malware
Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack
Nippon Steel Solutions has disclosed a data breach that resulted from the exploitation of a zero-day in network equipment. The post Nippon Steel Subsidiary Blames Data Breach on Zero-Day Attack appeared first on SecurityWeek.
Samsung Announces Security Improvements for Galaxy Smartphones
New Samsung Galaxy features include protections for on-device AI, expanded cross-device threat detection, and quantum-resistant encryption for network security. The post Samsung Announces Security Improvements for Galaxy Smartphones appeared first on SecurityWeek.
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Tuesday sanctioned a member of a North Korean hacking group called Andariel for their role in the infamous remote information technology (IT) worker scheme. The Treasury said Song Kum Hyok, a 38-year-old North Korean national with anRead More »U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
Yet Another Strava Privacy Leak
This time it’s the Swedish prime minister’s bodyguards. (Last year, it was the US Secret Service and Emmanuel Macron’s bodyguards. in 2018, it was secret US military bases.) This is ridiculous. Why do people continue to make their data public?
ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact
Industrial solutions providers Siemens, Schneider Electric and Phoenix Contact have released July 2025 Patch Tuesday ICS security advisories. The post ICS Patch Tuesday: Vulnerabilities Addressed by Siemens, Schneider, Phoenix Contact appeared first on SecurityWeek.
How To Automate Ticket Creation, Device Identification and Threat Triage With Tines
Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. A recent standout is a workflow that handles malware alerts withRead More »How To Automate Ticket Creation, Device Identification and Threat Triage With Tines
Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking
Multiple vulnerabilities in Ruckus Wireless management products could be exploited to fully compromise the managed environments. The post Unpatched Ruckus Vulnerabilities Allow Wireless Environment Hacking appeared first on SecurityWeek.
Canadian Electric Utility Says Power Meters Disrupted by Cyberattack
Nova Scotia Power is notifying individuals affected by the recent data breach, including in the United States. The post Canadian Electric Utility Says Power Meters Disrupted by Cyberattack appeared first on SecurityWeek.