Secure enterprise microservices development startup Codezero this week announced that it has raised $3.5 million in a seed funding round led by Ballistic Ventures, with additional funding from angel investors.

The Vancouver, Canada-based company aims to streamline Kubernetes software development workflows by providing an identity-aware overlay network for managing access and control over staging and production systems.…

Read More

Thousands of WordPress websites are potentially at risk of takeover due to a critical-severity vulnerability in two MiniOrange plugins that were discontinued recently, the Wordfence team at WordPress security company Defiant warns.

The two plugins, Malware Scanner and Web Application Firewall from MiniOrange, were closed on March 7, two days after the critical flaw was reported to the maintainers.…

Read More

The Federal Trade Commission has announced a $26 million settlement with two tech support firms that duped consumers into paying for unnecessary antivirus and computer repair services.

According to an FTC complaint (PDF), the Cyprus-based Restoro and Reimage, which previously operated out of Isle of Man, used fake Microsoft Windows pop-ups to scare consumers into believing that their computers were infected with viruses.…

Read More

A recent data breach at France’s government unemployment agency could impact as many as 43 million people, authorities announced this week.

The affected agency, France Travail, formerly known as Pole Emploi, was targeted in a cyberattack that resulted in the theft of personal information between February 6 and March 5, 2024, according to the country’s Cybermalveillance cybercrime prevention initiative.…

Read More

Cloud account attacks, increasing Mac malware, malvertising morphing from the distribution of adware to more dangerous malware, and more, are all discussed by Red Canary in its 2024 Threat Detection Report.

Released this week, the Report (PDF) is based on the analysis of almost 60,000 threats drawn from 216 petabytes of telemetry from more than 1,000 customers’ endpoints, identities, clouds, and SaaS applications throughout 2023.…

Read More

Google today announced that the standard Safe Browsing protections in the Chrome browser can now identify bad sites in real time.

The real-time protection was previously available if the Enhanced protection mode was enabled in Safe Browsing, while the standard settings checked the visited sites against a list stored on the device that was refreshed every 30 to 60 minutes.…

Read More

The exploitation of a high-severity Kubernetes vulnerability can lead to arbitrary code execution with System privileges on all Windows endpoints in a cluster, Akamai warns.

The issue, tracked as CVE-2023-5528 and impacting default Kubernetes installations, exists in the way the open source container orchestration system processes YAML files, which it uses for virtually every function.…

Read More

The US Department of Health and Human Services’ Office for Civil Rights (OCR) is launching an investigation to determine whether protected health information was compromised in the recent Change Healthcare data breach.

The incident occurred on February 21, when Change Healthcare’s claims and payment infrastructure was disrupted as result of a ransomware attack, impacting the ability of over 7,000 pharmacies and hospitals to process prescriptions.…

Read More

Chipmakers Intel and AMD have published 10 new security advisories this Patch Tuesday to inform customers about vulnerabilities impacting their products. 

Intel published eight new advisories, including two that describe high-severity vulnerabilities. One of the high-severity issues is a local privilege escalation impacting BIOS firmware for some Intel processors. …

Read More

Healthcare has long been a primary target for ransomware attacks. This is not changing and is not likely to change. Claroty/Team82’s State of CPS Security – Healthcare 2023 discusses the reasons.

Healthcare comprises a critical industry combining a large-scale use of converged IT and OT with a huge quantity of disparate OT devices dependent on IT control delivered over WiFi – and a very low tolerance for disruption.…

Read More

API security firm Salt Security has conducted an analysis of ChatGPT plugins and found several types of vulnerabilities that could have been exploited to obtain potentially sensitive data and take over accounts on third-party websites.

ChatGPT plugins enable users to access up-to-date information (rather than the relatively old data the chatbot was trained on), as well as to integrate ChatGPT with third-party services.…

Read More

Stanford University has started notifying 27,000 individuals that their personal information was stolen in a ransomware attack on its Department of Public Safety (DPS).

The incident was discovered on September 27, 2023, but the attackers had access to the Stanford DPS network beginning May 12. The hackers were evicted from the environment and the network was secured shortly after the attack was discovered, the university says.…

Read More

The United States is spearheading the first United Nations resolution on artificial intelligence, aimed at ensuring the new technology is “safe, secure and trustworthy” and that all countries, especially those in the developing world, have equal access.

The draft General Assembly resolution aims to close the digital divide between countries and make sure they are all at the table in discussions on AI — and that they have the technology and capabilities to take advantage of its benefits, including detecting diseases, predicting floods and training the next generation of workers.…

Read More

Enterprise software maker SAP on Tuesday released 10 new and two updated security notes as part of its March 2024 Security Patch Day, calling attention to serious bugs in business-facing products.

Three of the notes are marked ‘hot news’ — the highest severity rating in SAP’s playbook — and resolve critical vulnerabilities in the Chromium browser in Business Client, Build Apps, and NetWeaver AS Java.…

Read More

Siemens and Schneider Electric have published their March 2024 Patch Tuesday security advisories, which cover more than 200 vulnerabilities affecting their products. 

Siemens

Siemens has published 11 new advisories describing a total of 214 vulnerabilities. A majority of these, 157 flaws, are covered in a single advisory describing flaws in the Simatic RF160B mobile reader.…

Read More

The US Government Accountability Office (GAO) has conducted a study focusing on the operational technology (OT) cybersecurity products and services offered by CISA and found that some of the security agency’s teams are understaffed.

OT environments continue to be targeted by sophisticated threat actors and CISA has been designated as the lead agency in helping critical infrastructure organizations address risks associated with industrial control systems (ICS) and other OT systems. …

Read More

Vulnerabilities affecting Linear building access control products, including a security flaw that has been exploited in the wild, have been patched nearly five years after their initial disclosure.

In May 2019, at SecurityWeek’s ICS Cyber Security Conference, Gjoko Krstic, a researcher who at the time worked for industrial cybersecurity firm Applied Risk, disclosed information on more than 100 vulnerabilities found in building management and access control systems from Nortek, Prima Systems, Optergy, and Computrols.…

Read More

The Justice Department is stepping up its focus on artificial intelligence, with officials warning Thursday that companies and people who deliberately misuse the technology to advance a white-collar crime like price fixing, fraud or market manipulation will be at risk for a harsher sentence.

Deputy Attorney General Lisa Monaco said the Justice Department will take into account how well a company is managing the risks of AI technology each time it assesses a corporate compliance program.…

Read More

A TeamCity vulnerability disclosed recently in controversial circumstances is being exploited in ransomware attacks, according to the product’s developer and cybersecurity companies. 

On March 4, JetBrains, the developer of the TeamCity build management and continuous integration server, announced fixes for CVE-2024-27198 and CVE-2024-27199, two serious authentication bypass vulnerabilities. …

Read More

Microsoft says the Russian government-backed hacking team that broke into its corporate network and spied on senior executives also stole source code and may still be poking around its internal computer systems.

In what is being described as an “ongoing attack,” the world’s largest software maker says it has evidence the hacking group “is using information initially exfiltrated from our corporate email systems to gain, or attempt to gain, unauthorized access.”…

Read More

The US cybersecurity agency CISA has laid out key actions for securing open source software (OSS) following a two-day OSS security summit where it has convened with community leaders.

Steps that CISA will take in partnership with the community include promoting the Principles for Package Repository Security, a framework outlining security maturity levels for package repositories and a new effort to enable collaboration and information sharing with open source software infrastructure operators.…

Read More

Reach Security, a California startup promising technology to help businesses manage the maze of security tools and products, has raised $20 million in early stage venture capital funding.

The company said the Series A financing was provided by new investors Ballistic Ventures and Artisanal Ventures. Existing backers Webb Investment Network, Ridge Ventures, and TechOperators also expanded equity stakes.…

Read More

Software startup Defense Unicorns on Thursday announced that it has raised $35 million in a Series A funding round led by Sapphire Ventures and Ansa Capital, which brings the total raised by the company to $35.5 million.

Founded in 2021, the Colorado Springs-based firm provides open source software and AI capabilities that support continuous delivery in national security systems, and which can be deployed in any environment, including air-gapped systems.…

Read More

A Chinese advanced persistent threat (ATP) actor tracked as Evasive Panda has been observed targeting Tibetans in watering hole and supply chain attacks, cybersecurity firm ESET reports.

Also referred to as Bronze Highland and Daggerfly, Evasive Panda has been active since at least 2012, historically targeting government entities in China, India, and various Asian countries to conduct cyberespionage operations.…

Read More

Multiple vulnerabilities in Sceiner firmware allow attackers to manipulate smart locks and open doors, Aleph Research reveals.

Based in China, Sceiner is a technology company that manufactures various smart locks that are sold worldwide both under its name and under other brands, to which Sceiner supplies the smart lock designs, firmware, and associated applications.…

Read More

A group of 40 state attorneys general have sent a letter to Instagram and Facebook parent company Meta expressing “deep concern” over what they say is dramatic uptick of consumer complaints about account takeovers and lockouts.

The attorneys general called on Meta to do a better job preventing account takeovers — when malicious actors take a users’ accounts, lock them out by changing their passwords, and post their own material, read private messages, scam contacts and engage in other harmful or illegal behavior.…

Read More

France-based Zama, which describes itself as an open source cryptography company, on Thursday announced raising $73 million in a Series A funding round.

The investment, which Zama says is one of the largest venture rounds in France’s history, was led by Multicoin Capital and Protocol Labs, with participation from Metaplanet, Blockchange, VSquared, Stake Capital, Portal Ventures, and several angel investors.…

Read More

The FBI’s Internet Crime Complaint Center (IC3) has published its annual report for 2023, which reveals that the number of cybercrime complaints received by the agency increased by nearly 10% compared to the previous year.

Cybercrime victims in the United States filed more than 880,000 complaints with the FBI in 2023, with reported losses totaling over $12.5 billion, which represents a 22% increase from 2022. …

Read More

Cisco on Wednesday announced patches for two high-severity vulnerabilities in Secure Client, the enterprise VPN application that also incorporates security and monitoring capabilities.

The first issue, tracked as CVE-2024-20337, impacts the Linux, macOS, and Windows versions of Secure Client and could be exploited remotely, without authentication, in carriage return line feed (CRLF) injection attacks.…

Read More

Organizations in the US have been targeted since at least 2021 in various phishing and business email compromise (BEC) campaigns spoofing government and private businesses, Proofpoint reports.

The attacks, attributed to a threat actor tracked as TA4903, were focused on harvesting corporate credentials to enable BEC activities such as invoice fraud or payroll redirect.…

Read More

Threat actors started targeting a critical TeamCity vulnerability almost immediately after patches were announced and its details were made public due to what appears to be poor communication during the responsible disclosure process.

On March 4, JetBrains announced patches for two authentication bypass vulnerabilities affecting its TeamCity build management and continuous integration server.…

Read More

Fidelity Investments Life Insurance Company is informing roughly 28,000 individuals that their personal information was compromised in a data breach at third-party services provider Infosys McCamish System (IMS).

The data breach, Fidelity says, was the result of a cyberattack on IMS’ systems, which occurred in October 2023 and led to unauthorized access to data that IMS was holding on behalf of its customers.…

Read More