Google Chrome Hit in Another Mysterious Zero-Day Attack
Google late Tuesday shipped another urgent security patch for its dominant Chrome browser and warned that attackers are exploiting one of the zero-days in active attacks.
read more
Pulse Secure Zero-Day Flaw Actively Exploited in Attacks
Multiple threat actors are actively engaged in the targeting of four vulnerabilities in Pulse Secure VPN appliances, including a zero-day identified this month that won't be patched until next month.
read more
Passwordless Authentication Firm HYPR Raises $35 Million
HYPR, a company that provides cloud-based passwordless authentication platform, has raised $35 million in a Series C financing, doubling the company’s total funding to more than $70 million.
read more
Japan Says Chinese Military Likely Behind Cyberattacks
Tokyo police are investigating cyberattacks on about 200 Japanese companies and research organizations, including the country’s space agency, by a hacking group believed to be linked to the Chinese military, the government said Tuesday.
read more
Firefox 88 Combats Cross-Site Tracking to Improve User Privacy
Mozilla this week released Firefox 88 in the stable channel with patches for a dozen vulnerabilities and with improved user privacy, obtained through isolating the window.name property to the website that created it.
read more
US Takes Steps to Protect Electric System From Cyberattacks
The Biden administration is taking steps to protect the country’s electric system from cyberattacks through a new 100-day initiative combining federal government agencies and private industry.
read more
Druva Raises $147 Million at $2 Billion Valuation
California-based cloud data protection and management firm Druva on Monday announced raising another $147 million, which brings the company’s valuation to more than $2 billion.
read more
SaaS Security Company Grip Security Emerges From Stealth
SaaS security company Grip Security on Tuesday emerged from stealth mode and announced raising $6 million in seed funding.
read more
Car Insurance Company GEICO Discloses Data Breach
American auto insurance provider GEICO has disclosed a cyber-incident that resulted in driver’s license numbers being compromised.
A wholly owned subsidiary of Berkshire Hathaway, the Government Employees Insurance Company (GEICO) is the second largest car insurer in the United States,...
Mastercard Acquires Digital Identity Verification Firm Ekata for $850 Million
Mastercard on Monday announced that it’s acquiring digital identity verification company Ekata for $850 million.
The acquisition of Seattle-based Ekata is part of Mastercard’s plan to boost its identity verification capabilities.
read more
Supreme Court Asked to Give Access to Secretive Court’s Work
Civil liberties groups are asking the Supreme Court to give the public access to opinions of the secretive court that reviews bulk email collection, warrantless internet searches and other government surveillance programs.
read more
Russian Security Vendor Positive Technologies Responds to U.S. Sanctions
Following sanctions announced by the U.S. Department of the Treasury last week, Russian cyber-security firm Positive Technologies says the accusations are groundless.
read more
WordPress 5.7.1 Patches XXE Flaw in PHP 8
WordPress has released version 5.7.1 of its popular content management system (CMS), which brings more than 25 bug fixes, including patches for two security vulnerabilities.
read more
Member of FIN7 Hacking Group Sentenced to US Prison
A Ukrainian national arrested for his role in a hacking group that compromised millions of financial accounts was sentenced to a decade in prison, US prosecutors said Friday.
read more
Cybersecurity M&A Roundup for April 12-18, 2021
Several cybersecurity-related acquisitions and mergers were announced in the week of April 12-18, 2021.
read more
FCC to Focus Efforts on 5G, Software and Cloud Service Vulnerabilities
Former Chairman of the Federal Communications Commission (FCC), Ajit Pai, resigned on the day of President Biden’s inauguration. He was replaced by Acting Chairwoman Jessica Rosenworcel, who last month delivered her first major action by fining Texas based telemarketers...
Europol Report Highlights Pandemic's Effect on Cybercrime
Europol’s Serious Organized Crime Threat Assessment report 2021 summarizes the criminal threat of the last four years and provides insights into what to expect over the next four years. While focused on Europe, it will not be substantively different...
PlexTrac Raises $10 Million for Its Purple Teaming Platform
PlexTrac, a company that provides information security management solutions for security teams, last week announced closing a $10 million Series A funding round led by Noro-Moseley Partners and Madrona Venture Group, with participation from StageDotO Ventures.
read more
Vulnerabilities in OpENer Stack Expose Industrial Devices to Attacks
Multiple vulnerabilities in the OpENer stack could be exploited in attacks aimed at supervisory control and data acquisition (SCADA) and other industrial systems that use OpENer.
read more
Vulnerabilities in OpENer Stack Expose Industrial Devices to Attacks
Multiple vulnerabilities in the OpENer stack could be exploited in attacks aimed at supervisory control and data acquisition (SCADA) and other industrial systems that use OpENer.
read more
WARNING: Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations
If the Pulse Connect Secure gateway is part of your organization network, you need to be aware of a newly discovered critical zero-day authentication bypass vulnerability (CVE-2021-22893) that is currently being exploited in the wild and for which there...
Japan accuses Chinese military of cyber-attacks on its space agency
200 other companies also targeted, but no data lost Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…
Japan accuses Chinese military of cyber-attacks on its space agency
200 other companies also targeted, but no data lost Japan has accused a member of the Chinese Communist Party of conducting cyber-attacks on its space agency and 200 other local entities.…
Tool links email addresses to Facebook accounts at scale
Enlarge (credit: Getty Images)
Still smarting from last month’s dump of phone numbers belonging to 500 million Facebook users, the social media giant has a new privacy crisis to contend with: a tool that, on a mass scale,...
With details sparse, vendors scramble to make sense of Biden 100-day grid security plan
The Biden administration launched what it called a “bold” 100-day sprint to improve the cybersecurity of electric utilities on Tuesday. The plan was not released in full to the public, or to many vendors who might be instrumental in...
