Vulnerabilities identified in the STEM Audio Table conference room speakerphone could be exploited by hackers for various purposes, including to eavesdrop on conversations, according to cybersecurity research firm GRIMM.
read more
Identity management provider Elisity on Tuesday announced that it secured $26 million in Series A funding, bringing the total raised by the company to $33.5 million.
The new funding round was co-led by Two Bear Capital and AllegisCyber Capital, with pa…
Japanese multinational corporation Fujifilm on Monday reported that it has restored operations following a recent ransomware attack.
Founded in 1934 and headquartered in Tokyo, the company operates in a broad range of areas, including photography, offi…
Google this week announced the introduction of client-side encryption in Google Workspace, which is meant to provide users with control over the encryption keys used to keep their data safe.
read more
The cyberattack on SITA that impacted multiple airlines around the world was orchestrated by a Chinese nation-state threat actor tracked as APT41, security researchers at detection and prevention firm Group-IB say.
read more
Microsoft today announced it disrupted a large-scale business email compromise (BEC) campaign in which the attackers used forwarding rules to access messages related to financial transactions.
read more
Cyber skills development platform provider Immersive Labs today announced that it raised $75 million in Series C funding. The round brings the total raised by the company to $123 million.
read more
Volkswagen Group of America this week revealed that approximately 3.3 million people might have been affected in a data breach that impacted both Audi of America and Volkswagen of America (together VWGoA).
read more
The U.S. Department of Justice this week announced charges against Vikas Singla, the chief operating officer of a metro-Atlanta cybersecurity company, for allegedly targeting the Gwinnett Medical Center in a disruptive cyberattack.
read more
Southeast Asian e-commerce platform Lazada on Thursday announced the launch of a public bug bounty program with YesWeHack.
read more
Law enforcement agencies in the United States, Germany, the Netherlands, and Romania have taken down the stolen login credentials marketplace Slilpp, the U.S. Department of Justice announced on Thursday.
read more
Malicious hackers are exploiting an old VPN security flaw to compromise SonicWall SRC (secure remote access) devices, according to a warning from security vendor CrowdStrike.
read more
GitHub this week announced that it has started scanning code hosted on its platform for package registry credentials, including RubyGems and PyPI secrets.
read more
Google this week released patches for 14 vulnerabilities in the Chrome browser, including a security flaw that has been exploited in the wild.
Ten of the issues were reported by external security researchers: one rated critical severity, seven high sev…
A newly observed malicious campaign is targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine for crypto-currency, according to a warning from security researchers at Microsoft.
read more
Security researchers have discovered a way to leverage Apple’s Find My’s Offline Finding network to upload data from devices, even those that do not have a Wi-Fi or mobile network connection.
read more
Citrix this week announced that it has patched a local privilege escalation vulnerability in the Citrix Workspace app for Windows.
read more
Organizations in the aerospace and travel sectors have been targeted in the past months in a campaign aimed at infecting victims with remote access Trojans (RAT) and other types of malware, Microsoft warns.
read more
Asset and security control management provider Panaseer on Wednesday announced a new $26.5 million round of funding, bringing the total investment in the company up to $43 million.
read more
In 2020, Apple removed or rejected hundreds of thousands of applications from the App Store for engaging in various forms of fraudulent behavior, including spam, mischief, and privacy violations.
read more
Following the ransomware attack that impacted the pipeline operated by Georgia-based Colonial Pipeline, security firms are providing detailed information on the cybercriminal gang behind the attack.
read more