SecurityWeek
Microsoft Warns of ‘Dirty Stream’ Vulnerability in Popular Android Apps
Microsoft has uncovered a new type of attack called Dirty Stream that impacted Android apps with billions of installations.
The post Microsoft Warns of ‘Dirty Stream’ Vulnerability in Popular Android Apps appeared first on SecurityWeek.
White House Issues National Security Memorandum for Critical Infrastructure
The White House has published a national security memorandum focusing on critical infrastructure security and resilience.
The post White House Issues National Security Memorandum for Critical Infrastructure appeared first on SecurityWeek.
Ukrainian REvil Ransomware Affiliate Gets 13 Years in US Prison
Yaroslav Vasinskyi was sentenced to 13 years and seven months in prison for his alleged role in the REvil ransomware operation.
The post Ukrainian REvil Ransomware Affiliate Gets 13 Years in US Prison appeared first on SecurityWeek.
Ransomware Defense Startup Mimic Raises Hefty $27M Seed Round
A new Silicon Valley startup called Mimic is coming out of the shadows with a hefty $27 million seed-stage funding round led by Ballistic Ventures.
The post Ransomware Defense Startup Mimic Raises Hefty $27M Seed Round appeared first on SecurityWeek.
Building the Right Vendor Ecosystem – a Guide to Making the Most of RSA Conference
As you look to navigate RSA Conference, with so many vendors, approaches and solutions, how do you know what solutions you should be investing in?
The post Building the Right Vendor Ecosystem – a Guide to Making the Most of RSA Conference appeared first on SecurityWeek.
AI Security Startup Apex Emerges From Stealth With Funding From OpenAI CEO
Israeli AI security firm Apex has received $7 million in seed funding for its detection, investigation, and response platform.
The post AI Security Startup Apex Emerges From Stealth With Funding From OpenAI CEO appeared first on SecurityWeek.
Startup Dealflow: New Investments at Resonance, RunReveal, StepSecurity, Insane Cyber
Cybersecurity startups Insane Cyber, Resonance Security, RunReveal and StepSecurity announce pre-seed, early-stage, and seed funding rounds.
The post Startup Dealflow: New Investments at Resonance, RunReveal, StepSecurity, Insane Cyber appeared first on SecurityWeek.
Network Security Firm Corelight Raises $150 Million
Network detection and response (NDR) provider Corelight has raised $150 million in a Series D funding round led by Accel.
The post Network Security Firm Corelight Raises $150 Million appeared first on SecurityWeek.
Verizon DBIR 2024 Shows Surge in Vulnerability Exploitation, Confirmed Data Breaches
Verizon’s 2024 DBIR shows that vulnerability exploitation increased three times and confirmed data breaches doubled compared to the previous year.
The post Verizon DBIR 2024 Shows Surge in Vulnerability Exploitation, Confirmed Data Breaches appeared first on SecurityWeek.
Japan’s Kishida Unveils a Framework for Global Regulation of Generative AI
Japan's Prime Minister unveiled an international framework for regulation and use of generative AI, adding to global efforts on governance for the rapidly advancing technology.
The post Japan’s Kishida Unveils a Framework for Global Regulation of Generative AI appeared first on SecurityWeek.
1,400 GitLab Servers Impacted by Exploited Vulnerability
CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched.
The post 1,400 GitLab Servers Impacted by Exploited Vulnerability appeared first on SecurityWeek.
Russian Hackers Target Industrial Systems in North America, Europe
Government agencies are sharing recommendations following attacks claimed by pro-Russian hacktivists on ICS/OT systems.
The post Russian Hackers Target Industrial Systems in North America, Europe appeared first on SecurityWeek.
Dropbox Data Breach Impacts Customer Information
Dropbox says hackers breached its Sign production environment and accessed customer email addresses and hashed passwords.
The post Dropbox Data Breach Impacts Customer Information appeared first on SecurityWeek.
Change Healthcare Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO says
UnitedHealth CEO Andrew Witty said in a U.S. Senate hearing that his company is still trying to understand why the server did not have the additional protection.
The post Change Healthcare Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO says appeared first on SecurityWeek.
Deepfake of Principal’s Voice Is the Latest Case of AI Being Used for Harm
Everyone — not just politicians and celebrities — should be concerned about this increasingly powerful deep-fake technology, experts say.
The post Deepfake of Principal’s Voice Is the Latest Case of AI Being Used for Harm appeared first on SecurityWeek.
Oasis Security Raises $35 Million to Tackle Non-Human Identity Management
New York startup Oasis Security banks $35 million in a Series A extension round led by Accel, Cyberstarts, and Sequoia Capital.
The post Oasis Security Raises $35 Million to Tackle Non-Human Identity Management appeared first on SecurityWeek.
Traceable AI Raises $30 Million to Safeguard Cloud APIs
Traceable AI has raised $110 million since launching in 2018 with ambitious plans in the competitive API security and observability space.
The post Traceable AI Raises $30 Million to Safeguard Cloud APIs appeared first on SecurityWeek.
Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push
Researchers can earn as much as $450,000 for a single vulnerability report as Google boosts its mobile vulnerability rewards program.
The post Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push appeared first on SecurityWeek.
Adobe Adds Content Credentials and Firefly to Bug Bounty Program
Adobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials and Adobe Firefly.
The post Adobe Adds Content Credentials and Firefly to Bug Bounty Program appeared first on SecurityWeek.
Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data
Cuttlefish malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic.
The post Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data appeared first on SecurityWeek.