Secure enterprise microservices development startup Codezero this week announced that it has raised $3.5 million in a seed funding round led by Ballistic Ventures, with additional funding from angel investors.
The Vancouver, Canada-based company aims to streamline Kubernetes software development workflows by providing an identity-aware overlay network for managing access and control over staging and production systems.…
Thousands of WordPress websites are potentially at risk of takeover due to a critical-severity vulnerability in two MiniOrange plugins that were discontinued recently, the Wordfence team at WordPress security company Defiant warns.
The two plugins, Malware Scanner and Web Application Firewall from MiniOrange, were closed on March 7, two days after the critical flaw was reported to the maintainers.…
The Federal Trade Commission has announced a $26 million settlement with two tech support firms that duped consumers into paying for unnecessary antivirus and computer repair services.
According to an FTC complaint (PDF), the Cyprus-based Restoro and Reimage, which previously operated out of Isle of Man, used fake Microsoft Windows pop-ups to scare consumers into believing that their computers were infected with viruses.…
A recent data breach at France’s government unemployment agency could impact as many as 43 million people, authorities announced this week.
The affected agency, France Travail, formerly known as Pole Emploi, was targeted in a cyberattack that resulted in the theft of personal information between February 6 and March 5, 2024, according to the country’s Cybermalveillance cybercrime prevention initiative.…
Cloud account attacks, increasing Mac malware, malvertising morphing from the distribution of adware to more dangerous malware, and more, are all discussed by Red Canary in its 2024 Threat Detection Report.
Released this week, the Report (PDF) is based on the analysis of almost 60,000 threats drawn from 216 petabytes of telemetry from more than 1,000 customers’ endpoints, identities, clouds, and SaaS applications throughout 2023.…
Google today announced that the standard Safe Browsing protections in the Chrome browser can now identify bad sites in real time.
The real-time protection was previously available if the Enhanced protection mode was enabled in Safe Browsing, while the standard settings checked the visited sites against a list stored on the device that was refreshed every 30 to 60 minutes.…
Web traffic management firm BotGuard OU on Wednesday announced raising €12 million (~$13.1 million) in a Series A funding round that brings the total investment to approximately $13.7 million.
The new funding round was led by MMC Ventures, with additional investment from Tera Ventures, Expeditions Fund, and angel investors.…
Microsoft announced on Wednesday that its Copilot for Security solution will become generally available worldwide on April 1, 2024.
Microsoft Copilot for Security, which has been available to some users as part of an invite-only early access program, is a generative AI-powered solution designed to help defenders by enhancing their efficiency and capabilities. …
Cisco on Wednesday announced patches for multiple vulnerabilities in IOS RX software, including three high-severity flaws leading to denial-of-service (DoS) and elevation of privilege.
The most severe of the high-severity bugs is CVE-2024-20320, an issue in the SSH feature of IOS RX that could allow attackers to elevate privileges to root by sending crafted SSH commands to the CLI.…
Since OpenAI’s release of ChatGPT in November 2022, the number of products using Generative AI has skyrocketed. Right now there are some 12,000 AI tools available promising to help with over 16,000 job tasks and we’re seeing this number grow at around 1,000 every month.
The growth of these tools is fast outpacing the capability of employers to control them.…
TikTok once again finds itself in a precarious position as lawmakers in Washington move forward with a bill that could lead to a nationwide ban on the platform.
The House on Wednesday passed legislation that would ban TikTok if its China-based owner ByteDance doesn’t sell its stakes in the popular social media platform within six months of the bill’s enactment.…
The exploitation of a high-severity Kubernetes vulnerability can lead to arbitrary code execution with System privileges on all Windows endpoints in a cluster, Akamai warns.
The issue, tracked as CVE-2023-5528 and impacting default Kubernetes installations, exists in the way the open source container orchestration system processes YAML files, which it uses for virtually every function.…
The US Department of Health and Human Services’ Office for Civil Rights (OCR) is launching an investigation to determine whether protected health information was compromised in the recent Change Healthcare data breach.
The incident occurred on February 21, when Change Healthcare’s claims and payment infrastructure was disrupted as result of a ransomware attack, impacting the ability of over 7,000 pharmacies and hospitals to process prescriptions.…
European Union lawmakers gave final approval to the 27-nation bloc’s artificial intelligence law Wednesday, putting the world-leading rules on track to take effect later this year.
Lawmakers in the European Parliament voted overwhelmingly in favor of the Artificial Intelligence Act, five years after regulations were first proposed.…
Chipmakers Intel and AMD have published 10 new security advisories this Patch Tuesday to inform customers about vulnerabilities impacting their products.
Intel published eight new advisories, including two that describe high-severity vulnerabilities. One of the high-severity issues is a local privilege escalation impacting BIOS firmware for some Intel processors. …
Healthcare has long been a primary target for ransomware attacks. This is not changing and is not likely to change. Claroty/Team82’s State of CPS Security – Healthcare 2023 discusses the reasons.
Healthcare comprises a critical industry combining a large-scale use of converged IT and OT with a huge quantity of disparate OT devices dependent on IT control delivered over WiFi – and a very low tolerance for disruption.…
The White House has published its $7.3 trillion budget proposal for fiscal year 2025 and the administration again wants to increase cybersecurity spending.
Several sections of President Biden’s budget plan for 2025 mention cybersecurity spending. This includes $13 billion in cybersecurity funding across civilian departments and agencies. …
API security firm Salt Security has conducted an analysis of ChatGPT plugins and found several types of vulnerabilities that could have been exploited to obtain potentially sensitive data and take over accounts on third-party websites.
ChatGPT plugins enable users to access up-to-date information (rather than the relatively old data the chatbot was trained on), as well as to integrate ChatGPT with third-party services.…
Stanford University has started notifying 27,000 individuals that their personal information was stolen in a ransomware attack on its Department of Public Safety (DPS).
The incident was discovered on September 27, 2023, but the attackers had access to the Stanford DPS network beginning May 12. The hackers were evicted from the environment and the network was secured shortly after the attack was discovered, the university says.…
A team of researchers from IBM and the VU Amsterdam university in the Netherlands on Tuesday disclosed the details of a new type of data leakage attack impacting all major CPU makers, as well as some widely used software.
The new attack, dubbed GhostRace, is related to what the researchers describe as speculative race conditions (SRCs). …
Fortinet on Tuesday announced patches for multiple vulnerabilities in its network security and management products, including critical-severity flaws leading to code execution.
The first critical bug is CVE-2023-42789, an out-of-bounds write issue in FortiOS and FortiProxy that could allow attackers to execute code or commands via crafted HTTP requests.…
The United States is spearheading the first United Nations resolution on artificial intelligence, aimed at ensuring the new technology is “safe, secure and trustworthy” and that all countries, especially those in the developing world, have equal access.
The draft General Assembly resolution aims to close the digital divide between countries and make sure they are all at the table in discussions on AI — and that they have the technology and capabilities to take advantage of its benefits, including detecting diseases, predicting floods and training the next generation of workers.…
Enterprise software maker SAP on Tuesday released 10 new and two updated security notes as part of its March 2024 Security Patch Day, calling attention to serious bugs in business-facing products.
Three of the notes are marked ‘hot news’ — the highest severity rating in SAP’s playbook — and resolve critical vulnerabilities in the Chromium browser in Business Client, Build Apps, and NetWeaver AS Java.…
Siemens and Schneider Electric have published their March 2024 Patch Tuesday security advisories, which cover more than 200 vulnerabilities affecting their products.
Siemens
Siemens has published 11 new advisories describing a total of 214 vulnerabilities. A majority of these, 157 flaws, are covered in a single advisory describing flaws in the Simatic RF160B mobile reader.…
The US Government Accountability Office (GAO) has conducted a study focusing on the operational technology (OT) cybersecurity products and services offered by CISA and found that some of the security agency’s teams are understaffed.
OT environments continue to be targeted by sophisticated threat actors and CISA has been designated as the lead agency in helping critical infrastructure organizations address risks associated with industrial control systems (ICS) and other OT systems. …
Vulnerabilities affecting Linear building access control products, including a security flaw that has been exploited in the wild, have been patched nearly five years after their initial disclosure.
In May 2019, at SecurityWeek’s ICS Cyber Security Conference, Gjoko Krstic, a researcher who at the time worked for industrial cybersecurity firm Applied Risk, disclosed information on more than 100 vulnerabilities found in building management and access control systems from Nortek, Prima Systems, Optergy, and Computrols.…
The Justice Department is stepping up its focus on artificial intelligence, with officials warning Thursday that companies and people who deliberately misuse the technology to advance a white-collar crime like price fixing, fraud or market manipulation will be at risk for a harsher sentence.
Deputy Attorney General Lisa Monaco said the Justice Department will take into account how well a company is managing the risks of AI technology each time it assesses a corporate compliance program.…
A TeamCity vulnerability disclosed recently in controversial circumstances is being exploited in ransomware attacks, according to the product’s developer and cybersecurity companies.
On March 4, JetBrains, the developer of the TeamCity build management and continuous integration server, announced fixes for CVE-2024-27198 and CVE-2024-27199, two serious authentication bypass vulnerabilities. …
A financially motivated threat actor has been targeting one-day vulnerabilities in public-facing services to deploy Linux backdoors, Check Point reports.
Tracked as Magnet Goblin, the adversary was seen quickly adopting one-day vulnerabilities, often in edge devices, and relying on the Nerbian custom malware family to perform nefarious activities.…
Microsoft says the Russian government-backed hacking team that broke into its corporate network and spied on senior executives also stole source code and may still be poking around its internal computer systems.
In what is being described as an “ongoing attack,” the world’s largest software maker says it has evidence the hacking group “is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access.”…
The US cybersecurity agency CISA has laid out key actions for securing open source software (OSS) following a two-day OSS security summit where it has convened with community leaders.
Steps that CISA will take in partnership with the community include promoting the Principles for Package Repository Security, a framework outlining security maturity levels for package repositories and a new effort to enable collaboration and information sharing with open source software infrastructure operators.…
Reach Security, a California startup promising technology to help businesses manage the maze of security tools and products, has raised $20 million in early stage venture capital funding.
The company said the Series A financing was provided by new investors Ballistic Ventures and Artisanal Ventures. Existing backers Webb Investment Network, Ridge Ventures, and TechOperators also expanded equity stakes.…
Software startup Defense Unicorns on Thursday announced that it has raised $35 million in a Series A funding round led by Sapphire Ventures and Ansa Capital, which brings the total raised by the company to $35.5 million.
Founded in 2021, the Colorado Springs-based firm provides open source software and AI capabilities that support continuous delivery in national security systems, and which can be deployed in any environment, including air-gapped systems.…
Change Healthcare parent company UnitedHealth Group says it has restored pharmacy services disrupted by a BlackCat ransomware attack more than two weeks ago.
In an incident update on Thursday, the company revealed that it continues to work aggressively on restoring its systems and services and that key functionality is coming back online.…
A Chinese advanced persistent threat (ATP) actor tracked as Evasive Panda has been observed targeting Tibetans in watering hole and supply chain attacks, cybersecurity firm ESET reports.
Also referred to as Bronze Highland and Daggerfly, Evasive Panda has been active since at least 2012, historically targeting government entities in China, India, and various Asian countries to conduct cyberespionage operations.…
Multiple vulnerabilities in Sceiner firmware allow attackers to manipulate smart locks and open doors, Aleph Research reveals.
Based in China, Sceiner is a technology company that manufactures various smart locks that are sold worldwide both under its name and under other brands, to which Sceiner supplies the smart lock designs, firmware, and associated applications.…
A group of 40 state attorneys general have sent a letter to Instagram and Facebook parent company Meta expressing “deep concern” over what they say is dramatic uptick of consumer complaints about account takeovers and lockouts.
The attorneys general called on Meta to do a better job preventing account takeovers — when malicious actors take a users’ accounts, lock them out by changing their passwords, and post their own material, read private messages, scam contacts and engage in other harmful or illegal behavior.…
HP announced on Thursday that several of its business PCs now benefit from protection against quantum computer attacks thanks to a new security chip.
The tech giant said the 5th generation of its Endpoint Security Controller (ESC) chip, which is built into some of its computers, can protect the integrity of the device’s firmware using quantum-resistant cryptography. …
France-based Zama, which describes itself as an open source cryptography company, on Thursday announced raising $73 million in a Series A funding round.
The investment, which Zama says is one of the largest venture rounds in France’s history, was led by Multicoin Capital and Protocol Labs, with participation from Metaplanet, Blockchange, VSquared, Stake Capital, Portal Ventures, and several angel investors.…
The FBI’s Internet Crime Complaint Center (IC3) has published its annual report for 2023, which reveals that the number of cybercrime complaints received by the agency increased by nearly 10% compared to the previous year.
Cybercrime victims in the United States filed more than 880,000 complaints with the FBI in 2023, with reported losses totaling over $12.5 billion, which represents a 22% increase from 2022. …
A Nigerian national has pleaded guilty in a US court to his role in a business email compromise (BEC) fraud scheme that caused roughly $200,000 in losses.
Henry Echefu, 32, a resident of South Africa at the time the nefarious operation was conducted, was extradited from Canada on November 30.…
Cisco on Wednesday announced patches for two high-severity vulnerabilities in Secure Client, the enterprise VPN application that also incorporates security and monitoring capabilities.
The first issue, tracked as CVE-2024-20337, impacts the Linux, macOS, and Windows versions of Secure Client and could be exploited remotely, without authentication, in carriage return line feed (CRLF) injection attacks.…
Organizations in the US have been targeted since at least 2021 in various phishing and business email compromise (BEC) campaigns spoofing government and private businesses, Proofpoint reports.
The attacks, attributed to a threat actor tracked as TA4903, were focused on harvesting corporate credentials to enable BEC activities such as invoice fraud or payroll redirect.…
Apple is opening small cracks in the iPhone’s digital fortress as part of a regulatory clampdown in Europe that is striving to give consumers more choices — at the risk of creating new avenues for hackers to steal personal and financial information stored on the devices.…
Threat actors started targeting a critical TeamCity vulnerability almost immediately after patches were announced and its details were made public due to what appears to be poor communication during the responsible disclosure process.
On March 4, JetBrains announced patches for two authentication bypass vulnerabilities affecting its TeamCity build management and continuous integration server.…
Fidelity Investments Life Insurance Company is informing roughly 28,000 individuals that their personal information was compromised in a data breach at third-party services provider Infosys McCamish System (IMS).
The data breach, Fidelity says, was the result of a cyberattack on IMS’ systems, which occurred in October 2023 and led to unauthorized access to data that IMS was holding on behalf of its customers.…