150 People Arrested in US-Europe Darknet Drug Probe
Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday.
read more
Adobe Patches Gaping Security Flaws in 14 Software Products
Adobe on Tuesday released a slew of urgent patches with fixes for more than 90 documented vulnerabilities that expose Windows, macOS and Linux users to malicious hacker attacks.
The security defects affect a wide range of popular products, including Adobe...
Illumio Brings Visibility, Zero Trust Principles to Hybrid Cloud
A new product seeks to solve the two primary security issues that come with moving to the cloud: the danger of accidental misconfigurations and the loss of visibility.
read more
Iran Blames Cyberattack as Fuel Supply Hit
Iranian authorities on Tuesday blamed a mysterious cyber attack for unprecedented disruption to the country's fuel distribution network.
read more
Mozilla Blocks Malicious Firefox Add-Ons Abusing Proxy API
The open-source Mozilla Foundation says it blocked a series of malicious Firefox add-ons that misused the proxy API that extensions use to proxy web requests.
The API allows add-ons to control the manner in which the browser connects to the...
Researcher Explains Wi-Fi Password Cracking at Scale
A security researcher at CyberArk was able to easily break more than 70 percent of Wi-Fi passwords he sniffed using relatively simple, cheap equipment.
read more
Targets and Prizes Announced for 2022 ICS-Themed Pwn2Own
The Zero Day Initiative (ZDI) on Monday announced the targets and prizes for the next Pwn2Own Miami hacking contest, which focuses on industrial control system (ICS) products and associated protocols.
read more
Cloud Security Company Sonrai Raises $50 Million
Public cloud security provider Sonrai Security today announced that it has raised $50 million in Series C funding, which brings the total raised by the company to $88.5 million.
The new funding round was led by ISTARI, but existing investors...
Enterprise Data Privacy Startup Piiano Emerges From Stealth Mode
Tel Aviv, Israel-based Piiano emerged from stealth mode on Tuesday with $9 million in seed funding and a data engineering solution designed to help enterprises centralize and secure personal and other sensitive information.
read more
BillQuick Billing Software Exploited to Hack U.S. Engineering Company
Hackers abused the BillQuick Web Suite billing software to compromise the network of an engineering company in the United States and deploy ransomware, threat detection firm Huntress reports.
read more
UK Spy Chiefs Seal Cloud Data Deal With Amazon: FT
UK intelligence agencies have entrusted classified data to Amazon's cloud computing arm AWS in a deal designed to vastly speed up their espionage capabilities, the Financial Times reported on Tuesday.
read more
Logging and Security Analytics Firm Devo Raises $250 Million at $1.5 Billion Valuation
Cambridge, MA-based cloud-native logging, SIEM and security analytics company Devo Technology on Tuesday announced that it has achieved unicorn status after raising $250 million.
read more
US State Department Sets Up Cyber Bureau, Envoy Amid Hacking Alarm
US Secretary of State Antony Blinken announced Monday that the State Department will establish a new bureau and envoy to handle cyber policy, revamping amid alarm over rising hacking attacks.
In a memo to staff, Blinken said that a review...
Kansas Man Admits Hacking Public Water Facility
Roughly seven months after being indicted for his actions, a Kansas man admitted in court to tampering with the systems at the Post Rock Rural Water District.
read more
CISA Raises Alarm on Critical Vulnerability in Discourse Forum Software
The United States Cybersecurity and Infrastructure Security Agency (CISA) over the weekend issued an alert on a critical vulnerability in open source discussion platform Discourse.
read more
Russia-Linked SolarWinds Hackers Continue Launching Supply Chain Attacks
The Russia-linked cyberespionage group that hacked IT management solutions provider SolarWinds continues to launch supply chain attacks, Microsoft warned on Monday.
read more
Changing Approaches to Preventing Ransomware Attacks
Conducting scaled and cost-effective attack surface and digital threat monitoring gives organizations of all sizes the best chance of identifying and defeating their adversaries
read more
Cybersecurity M&A Roundup for October 11-24, 2021
A total of 15 cybersecurity-related acquisitions were announced October 11-24, 2021.
read more
Researcher Earns $2 Million for Critical Vulnerability in Polygon
Security researcher Gerhard Wagner earned a $2 million bug bounty reward for a critical vulnerability in Polygon’s Plasma Bridge that could have allowed a malicious user to submit the same withdrawal transaction 224 times, with different exit IDs.
read more
Facebook Sues Ukrainian for Scraping, Selling Data of 178 Million Users
Facebook last week filed a lawsuit against a Ukrainian national who allegedly scraped the information of 178 million of its users and then sold the obtained information on hacker forums.
read more
China Telecom booted out of USA as Feds worry it could disrupt or spy on local networks
FCC urges more action against Huawei and DJI, too The US Federal Communications Commission (FCC) has terminated China Telecom's authority to provide communications services in the USA.…
150 People Arrested in US-Europe Darknet Drug Probe
Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday.
read more
Free Tool Helps Security Teams Measure Their API Attack Surface
Data Theorem's free API Attack Surface Calculator helps security teams understand potential API exposures.
SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike
Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.
North Korea's Lazarus Group Turns to Supply Chain Attacks
State-backed group is among a growing number of threat actors looking at supply chain companies as an entry point into enterprise networks.
