SecurityWeek
Greylock Makes $10M Bet on Bedrock Security
Silicon Valley startup deposits $10 million in seed-stage funding to help organizations manage risk from cloud and gen-AI technologies.
The post Greylock Makes $10M Bet on Bedrock Security appeared first on SecurityWeek.
Apple Patches Code Execution Vulnerability in iOS, macOS
Apple has released iOS 17.4.1 and macOS Sonoma 14.4.1 with patches for an arbitrary code execution vulnerability.
The post Apple Patches Code Execution Vulnerability in iOS, macOS appeared first on SecurityWeek.
US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities
CISA and the FBI issue a secure-by-design alert on eliminating SQL injection vulnerabilities from software.
The post US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities appeared first on SecurityWeek.
Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks
CVE-2023-48788, a critical SQL injection vulnerability in Fortinet’s FortiClient EMS product, is being exploited in the wild.
The post Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks appeared first on SecurityWeek.
UK, New Zealand Accuse China of Cyberattacks on Government Entities
Australia and New Zealand support the UK in condemning Chinese hackers for targeting UK institutions and parliamentarians.
The post UK, New Zealand Accuse China of Cyberattacks on Government Entities appeared first on SecurityWeek.
US Treasury Slaps Sanctions on China-Linked APT31 Hackers
The US Treasury Department sanctions a pair of Chinese hackers linked to “malicious cyber operations targeting US critical infrastructure sectors.”
The post US Treasury Slaps Sanctions on China-Linked APT31 Hackers appeared first on SecurityWeek.
Leen Banks Early Stage Funding for Data Security Technology
Leen Security, a new startup building technology to help reduce chaos in the data security space, has banked a $2.8 million pre-seed funding.
The post Leen Banks Early Stage Funding for Data Security Technology appeared first on SecurityWeek.
The OODA Loop: The Military Model That Speeds Up Cybersecurity Response
The OODA Loop can be used both by defenders and incident responders for a variety of use cases such as threat assessment, threat monitoring, and threat hunting.
The post The OODA Loop: The Military Model That Speeds Up Cybersecurity Response appeared first on SecurityWeek.
Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks
More than 100 organizations in the US and EU have been targeted in recent StrelaStealer infostealer campaigns.
The post Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks appeared first on SecurityWeek.
Top Python Developers Hacked in Sophisticated Supply Chain Attack
Multiple Python developers get infected after downloading malware-packed clone of the popular tool Colorama.
The post Top Python Developers Hacked in Sophisticated Supply Chain Attack appeared first on SecurityWeek.
Mozilla Patches Firefox Zero-Days Exploited at Pwn2Own
Firefox browser updates address two zero-day vulnerabilities exploited at the Pwn2Own hacking contest.
The post Mozilla Patches Firefox Zero-Days Exploited at Pwn2Own appeared first on SecurityWeek.
White House Nominates First Assistant Secretary of Defense for Cyber Policy
Michael Sulmeyer has been nominated by the White House as the first assistant secretary of defense for cyber policy at the Pentagon.
The post White House Nominates First Assistant Secretary of Defense for Cyber Policy appeared first on SecurityWeek.
Finite State Raises $20 Million to Grow Software Supply Chain Security Business
Software risk management firm Finite State has raised a $20 million growth round led by Energy Impact Partners (EIP).
The post Finite State Raises $20 Million to Grow Software Supply Chain Security Business appeared first on SecurityWeek.
German Authorities Shut Down Online Marketplace for Drugs, Data and Cybercrime Services
German authorities took down the Nemesis Market, a major online marketplace for drugs, cybercrime services and stolen credit card data.
The post German Authorities Shut Down Online Marketplace for Drugs, Data and Cybercrime Services appeared first on SecurityWeek.
Russian APT29 Hackers Caught Targeting German Political Parties
Russia’s APT29 hacking group is expanding targets to political parties in Germany using a new backdoor variant tracked as Wineloader.
The post Russian APT29 Hackers Caught Targeting German Political Parties appeared first on SecurityWeek.
UN Adopts Resolution Backing Efforts to Ensure Artificial Intelligence is Safe
The resolution, sponsored by the United States and co-sponsored by 123 countries, including China, was adopted by consensus with a bang of the gavel and without a vote, meaning it has the support of all 193 U.N. member nations.
The post UN Adopts Resolution Backing Efforts to Ensure Artificial Intelligence is Safe appeared first on SecurityWeek.
Ransomware Group Takes Credit for Attack on Boat Dealer MarineMax
The Rhysida ransomware group has taken credit for the cyberattack on MarineMax and is offering to sell stolen data for 15 bitcoin.
The post Ransomware Group Takes Credit for Attack on Boat Dealer MarineMax appeared first on SecurityWeek.
‘Brain Weasels’: Impostor Syndrome in Cybersecurity
There are several attributes that tie the cybersecurity community together–namely our collective passion for solving complex problems in order to reduce harm – but one has stood out prominently over the years: impostor syndrome.
The post ‘Brain Weasels’: Impostor Syndrome in Cybersecurity appeared first on SecurityWeek.
In Other News: Google’s PQC Threat Model, Keyboard Sounds Expose Data, AI Roadmap
Noteworthy stories that might have slipped under the radar: Google’s post-quantum cryptography threat model, keyboard typing sounds can expose data, DHS publishes AI roadmap.
The post In Other News: Google’s PQC Threat Model, Keyboard Sounds Expose Data, AI Roadmap appeared first on SecurityWeek.
39,000 Websites Infected in ‘Sign1’ Malware Campaign
Over 39,000 websites have been infected with the Sign1 malware that redirects visitors to scam domains.
The post 39,000 Websites Infected in ‘Sign1’ Malware Campaign appeared first on SecurityWeek.