First, workplaces went fully remote to keep business operations running during the COVID-19 pandemic. Now, as the pandemic is easing into endemic, organizations are asking their employees to return to their offices. Many workers are choosing a hybrid …
Tag: Network Security
Global Security News, Vulnerabilities
Oak9 Lands $8 Million in New Venture Investment
by SecurityWeek News •
Chicago-based Infrastructure-as-Code (IaC) startup oak9 has attracted new interest from venture capitalists with Cisco Investments and Morgan Stanley’s Next Level Fund joining a new $8 million funding round.
read more
Global Security News, Vulnerabilities
North Korea Lazarus Hackers Blamed for $100 Million Horizon Bridge Heist
by Ryan Naraine •
The infamous North Korean Lazarus hacking group is the prime suspect in the $100 million hack of Harmony’s Horizon Bridge, according to new data and research from blockchain analytics firm Elliptic.
read more
Europe, Global Security News, North America
Palo Alto Networks Expands Web App and API Security Options
by Michael Vizard •
Palo Alto Networks has added an out-of-band option for securing web applications and application programming interfaces (APIs) to its Prisma Cloud service. In addition, Palo Alto Networks has added an agentless capability for extending Prisma Cloud to…
Europe, Global Security News, North America
10 Major Database Security Threats and How to Prevent Them
by Guest Author •
Data is a crucial asset of your company. Companies gather a lot of data daily from their customers and daily operations. The data stored in databases are then utilized to handle and automate different functions within and outside companies. Because of …
Europe, Global Security News, North America
DE:CODED – Firewall speeds and VPN risks
by SE Labs Team •
“If they are not getting any money from you, then where are they getting the money from?” Show notes for series 2, episode 2 Is your firewall as fast as you think? What does XDR mean and how does it work? Do you need a personal VPN? We talk to Brian Mo…
Global Security News, Vulnerabilities
Normalyze Announces $22 Million for DSPM Technology
by Ryan Naraine •
Bay Area startup Normalyze on Monday announced a $22 million in Series A funding as venture capital investors rush to place bets on the newly coined Data Security Posture Management (DSPM) space.
read more
Europe, Global Security News, North America, Vulnerabilities
Russian Hackers Declare War on Lithuania — Killnet DDoS Panic
by Richi Jennings •
NATO member Lithuania is under attack from Russian hacking group Killnet. It raises serious concerns over Russia’s use of cyber warfare against NATO states.
The post Russian Hackers Declare War on Lithuania — Killnet DDoS Panic appeared first on Secur…
Global Security News, Vulnerabilities
Cyolo Banks $60M Series B for ZTNA Technology
by Ryan Naraine •
Cyolo, an Israeli startup building technology for zero trust networking, on Monday announced a new $60 million investment led by the venture investing arm of National Grid.
In addition to National Grid Partners, Cyolo said it scored investments from Gl…
Europe, Global Security News, North America, Vulnerabilities
Protecting Organizations From 5G Threats
by Sunil Ravi •
The industry is buzzing about 5G technology and its potential. For example, almost every new smartphone is advertised as “5G compatible,” with the majority of mobile subscriptions switching to 5G over the next five years. With its promise of improved …
Europe, Global Security News, North America
Using AI and ML to Fight Zero-Day Attacks
by Sue Poremba •
If it felt like you were asked to download a lot of patches in May and June, it’s because there were a lot of patches in May and June. An increase in zero-day vulnerabilities and exploits led to an increase in attacks. In fact, Mandiant reported that …
Europe, Global Security News, North America
ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo
by Richi Jennings •
We could soon have a federal GDPR. But the American Data Privacy and Protection Act wasn’t the only privacy related issue on Capitol Hill last week.
The post ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo appeared first on Security Boul…
Europe, Global Security News, North America, Vulnerabilities
NSA Wants To Help you Lock Down MS Windows in PowerShell
by Richi Jennings •
A new cheatsheet from four infosec agencies tells us how to use PowerShell for good, rather than let scrotes misuse it to “live off the land.”
The post NSA Wants To Help you Lock Down MS Windows in PowerShell appeared first on Security Boulevard.
Global Security News, Vulnerabilities
CrowdStrike: Ransomware Actor Caught Exploiting Mitel VOIP Zero-Day
by Ryan Naraine •
Security researchers at CrowdStrike have stumbled upon ransomware actors deploying zero-day exploits against Mitel VOIP appliances sitting on the network perimeter.
read more
Global Security News
US, UK, New Zealand Issue PowerShell Security Guidance
by Ionut Arghire •
The US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Cyber Security Centres in New Zealand (NZ NCSC) and the United Kingdom (NCSC-UK) have issued joint guidance on the proper configuration…
Global Security News
Security Orchestration: Beware of the Hidden Financial Costs
by Marc Solomon •
Among the many improvements in cybersecurity technology and tools we’ve seen over the last few years, one of the most significant has been the inclusion of security automation and orchestration capabilities in solution categories beyond SOAR platforms….
Global Security News, Vulnerabilities
Top Cryptographers Flag ‘Devastating’ Flaws in MEGA Cloud Storage
by Ryan Naraine •
Cryptographers at Swiss university ETH Zurich have found at least five exploitable security flaws in the privacy-themed MEGA cloud storage service and warned that the issues could lead to “devastating attacks on the confidentiality and integrity of use…
Security Bloggers, Security Vendor News
Alexa Retired Its Domain Rankings. Go One Better with InfoRanks
by Renée Burton •
Amazon discontinued production of its popular Internet domain ranking list, Alexa, on May 1st, 2022 and many users of the service are scrambling to find a replacement.1 Widely used for purposes ranging from search engine optimization to security applications, the website alexa[.]com began providing publicly available, free rankings of domains over twenty five years ago. […]
The post Alexa Retired Its Domain Rankings. Go One Better with InfoRanks appeared first on Infoblox Blog.
Global Security News, Vulnerabilities
Aqua Security Ships Open-Source Tool for Auditing Software Supply Chain
by Ryan Naraine •
Cloud security startup Aqua Security has partnered with the Center for Internet Security (CIS) to create guidelines for software supply chain security and followed up by shipping an open-source auditing tool to ensure compliance with the new benchmark….
Europe, Global Security News, North America
Machine Learning Tackles Ransomware Attacks
by Sue Poremba •
There are approximately 250 known ransomware families, and these families are directly related to the rise of ransomware-as-a-service, according to Bitdefender. “Ransomware infection is just the final step; these modern attacks take some time to prepa…
Uncategorized
How to stop malicious privileged user attacks
by Franklin Okeke •
Business organizations that have suffered from malicious attacks are beginning to realize that some of the attacks are precipitated by privileged users. As a result, privileged users should be a corporate security concern if you want to keep cyber-rela…
Europe, Global Security News, North America, Vulnerabilities
Hacker Paige Thompson Could Face 45 Years in Prison — ‘Suicide by Law Enforcement’
by Richi Jennings •
Capital One hacker Paige A. Thompson has been found guilty. But it has to be said that Capital One’s security design was absolutely awful.
The post Hacker Paige Thompson Could Face 45 Years in Prison — ‘Suicide by Law Enforcement’ appeared first on S…
Global Security News, Vulnerabilities
RevealSecurity Raises $23M for Application Detection and Response
by Ryan Naraine •
RevealSecurity, an Israeli data security startup building technology to thwart malicious insider threats, on Tuesday announced the closing of a $23 million funding round led by SYN Ventures.
In addition to SYN Ventures, Hanaco Ventures, SilverTech Vent…
Europe, Global Security News, North America
5 Tips to Thwart Business Email Compromise (BEC) Attacks
by Oliver Noble •
There’s been an astounding 84% increase in business email compromise (BEC) attacks, according to the latest NordLocker Email Threat Report, which compared half-yearly statistics. The news should be particularly alarming to organizations that use email…
Europe, Global Security News, North America
Digital Value Chain Attacks on the Rise
by Nathan Eddy •
Cybercriminals are moving to exploit vulnerabilities in the digital value chain as organizations fight to secure a rapidly expanding threat surface. These were among the findings of a report from Micro Focus subsidiary CyberRes. The study revealed No…
Europe, Global Security News, North America, Vulnerabilities
HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook
by Richi Jennings •
A study shows many U.S. hospitals are leaking personal information to Facebook. Experts say it’s a HIPAA violation.
The post HIPAA FAIL: ~33% of Hospital Websites Send PII to Facebook appeared first on Security Boulevard.
Global Security News
Hybrid Networks Require an Integrated On-prem and Cloud Security Strategy
by John Maddison •
Today’s dynamic networks change so fast that traditional point security solutions fail to keep up
read more
Europe, Global Security News, North America
We Need Zero-Trust for Private Cellular Networks
by Liron Ben-Horin •
For years, there were IP networks and public cellular networks. Each had its own functions, goals and purpose, and never did the ‘twain meet. But with the growth of private LTE and 5G networks, cellular technology now serves the same purposes that IP …
Europe, Global Security News, North America, Vulnerabilities
This Week in Malware: killing Windows Defender with an npm package
by Ax Sharma •
This Week in Malware, highlights include malicious npm package ‘flame-vali’ that claims to let developers “bypass any request proxys.” But that’s not quite the case. And, some more dependency confusion packages caught by us.
The post This Week in…
Global Security News, Vulnerabilities
‘MaliBot’ Android Malware Steals Financial, Personal Information
by Ionut Arghire •
Researchers at F5 Labs have nabbed a new Android malware family capable of exfiltrating financial and personal information after taking control of infected devices.
read more
Global Security News, Vulnerabilities
Volexity Blames ‘DriftingCloud’ APT For Sophos Firewall Zero-Day
by Ryan Naraine •
Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks.
read more
Europe, Global Security News, North America
Firewalls and the Plateau of Productivity
by Jaye Tillson •
Firewalls: Something every architect is familiar with. Something that still raises many of our heart rates. At some point in your IT career, it’s likely you’ve had to deploy and configure a firewall and most likely it was a painful experience no…
Europe, Global Security News, North America
4 Cloud Application Security Best Practices
by Gilad David Maayan •
In today’s digital-first landscape, more and more organizations move their workloads to the cloud. However, many do not realize that cloud environments come with a certain set of unique security threats. In this article, you will learn about top clou…
Europe, Global Security News, North America
Koverse Unveils Zero-Trust Platform for Managing Data
by Michael Vizard •
Koverse, Inc., a unit of SAIC, has updated its software-as-a-service (SaaS) platform this week to provide customers with a zero-trust approach to managing data. Version 4.0 of the Koverse Data Platform (KDP) adds a set of granular controls that limit …
Global Security News, Vulnerabilities
GreyNoise Attracts Major Investor Interest
by Ryan Naraine •
GreyNoise Intelligence, a startup competing in the crowded threat-intelligence space, has deposited $15 million in a new round of venture capital funding led by Radian Capital.
read more
Global Security News, Vulnerabilities
GreyNoise Attracts Major Investor Interest
by Ryan Naraine •
GreyNoise Intelligence, a startup competing in the crowded threat-intelligence space, has deposited $15 million in a new round of venture capital funding led by Radian Capital.
read more
Europe, Global Security News, North America
BlackBerry Set to Unfurl Zero-Trust Network Access Service
by Michael Vizard •
BlackBerry Ltd. next month will make available a zero-trust network access-as-service offering based on a gateway it hosts on its cloud platform. Alex Willis, vice president of global sales engineering and independent software vendors (ISVs), said the…
Global Security News, Vulnerabilities
Jit Banks Massive $38.5 Seed Round Funding
by Ryan Naraine •
Jit, an Israeli startup promising technology to help developers simplify security when deploying cloud apps, has banked an eye-opening $38.5 million in seed-stage funding.
The funding round was Boldstart Ventures. Venture capital outfit Insight Partner…
Europe, Global Security News, North America
Identity and Access: The Game is the Same, But Fiercer
by Gunnar Peterson •
Earlier this year, cybercriminals infiltrated authentication provider Okta’s systems. Okta is used by thousands of organizations around the world to manage access to their networks and applications. The threat actor gang, known as Lapsus$, gained acce…
Europe, Global Security News, North America
Identity and Access: The Game is the Same, But Fiercer
by Gunnar Peterson •
Earlier this year, cybercriminals infiltrated authentication provider Okta’s systems. Okta is used by thousands of organizations around the world to manage access to their networks and applications. The threat actor gang, known as Lapsus$, gained acce…