Security Week

New York startup Oasis Security banks $35 million in a Series A extension round led by Accel, Cyberstarts, and Sequoia Capital.

The post Oasis Security Raises $35 Million to Tackle Non-Human Identity Management appeared first on SecurityWeek.

Traceable AI has raised $110 million since launching in 2018 with ambitious plans in the competitive API security and observability space.  

The post Traceable AI Raises $30 Million to Safeguard Cloud APIs appeared first on SecurityWeek.

Researchers can earn as much as $450,000 for a single vulnerability report as Google boosts its mobile vulnerability rewards program.

The post Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push appeared first on SecurityWeek.

Adobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials and Adobe Firefly.

The post Adobe Adds Content Credentials and Firefly to Bug Bounty Program appeared first on SecurityWeek.

Cuttlefish malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic.

The post Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data  appeared first on SecurityWeek.

Venafi introduced a 90-Day TLS Readiness solution to help enterprises prepare for Google’s proposed 90-day limit for the lifecycle of a digital certificate.

The post Machine Identity Firm Venafi Readies for the 90-day Certificate Lifecycle appeared first on SecurityWeek.

AI-Native Trust, Risk, and Security Management (TRiSM) startup DeepKeep raises $10 million in seed funding.

The post DeepKeep Launches AI-Native Security Platform With $10 Million in Seed Funding appeared first on SecurityWeek.

SecurityWeek interviews Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta.

The post CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen appeared first on SecurityWeek.

The new Wpeeper Android trojan ceased operations after a week and has zero detections in VirusTotal.

The post Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server appeared first on SecurityWeek.

UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee set for May 1, 2024.

The post UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike appeared first on SecurityWeek.

In February 2023, French police arrested well-known Finnish hacker Aleksanteri Kivimäki, who was living under a false identity near Paris. He was deported to Finland. His trial ended last month.

The post Finnish Hacker Gets Prison for Accessing Thousands of Psychotherapy Records and Demanding Ransoms appeared first on SecurityWeek.

JFrog raises an alarm after finding three large-scale malware campaigns targeting Docker Hub with imageless repositories.

The post Docker Hub Users Targeted With Imageless, Malicious Repositories appeared first on SecurityWeek.

Three vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host.

The post Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover appeared first on SecurityWeek.

Mainsail Partners leads a $15 million financing round for end-to-end cybersecurity compliance platform company Apptega.

The post Apptega Raises $15 Million for Cybersecurity Compliance Platform appeared first on SecurityWeek.

Despite competitive pressures from industry behemoths like Microsoft and Google, investors are still betting big on startups in the specialized enterprise browser space.

The post Island Secures $175M Investment as Enterprise Browser Startups Defy Tech Giants appeared first on SecurityWeek.

While China-linked Muddling Meerkat’s operations look like DNS DDoS attacks, it seems unlikely that denial of service is their goal, at least in the near term.

The post Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report appeared first on SecurityWeek.

The Federal Communications Commission leveraged nearly $200 million in fines against wireless carriers AT&T, Sprint, T-Mobile and Verizon for illegally sharing customers’ location data.

The post FCC Fines Wireless Carriers for Sharing User Locations Without Consent appeared first on SecurityWeek.

SafeBase has raised north of $50 million since launching in 2020 with plans to simplify vendor risk assessment disclosures.

The post SafeBase Scores $33M Series B Investment appeared first on SecurityWeek.

A vulnerability (CVE-2024-27322) in the R programming language implementation can be exploited to execute arbitrary and be used as part of a supply chain attack.

The post Vulnerability in R Programming Language Could Fuel Supply Chain Attacks appeared first on SecurityWeek.

Microsoft provides an easy and logical first step into GenAI for many organizations, but beware of the pitfalls.

The post Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues appeared first on SecurityWeek.