Security – SiliconANGLE

Qualys warns of OpenSSH vulnerability researchers are calling ‘extremely dangerous’

Duncan Riley — Mon, 01 Jul 2024 22:56:49 +0000

Researchers at cybersecurity software provider Qualys Inc. are warning of an OpenSSH vulnerability affecting more than 14 million servers that some security researchers are calling “extremely dangerous” and “about as bad as they come.” Ray Kelly, a fellow at the Synopsys Software Integrity Group, said the “trifecta of remote code execution, root access and a widespread distribution across […]

The post Qualys warns of OpenSSH vulnerability researchers are calling ‘extremely dangerous’ appeared first on SiliconANGLE.

LogRhythm boosts security with data intelligence, AWS integration and compliance updates

Duncan Riley — Mon, 01 Jul 2024 11:00:08 +0000

Security intelligence firm LogRhythm Inc. today announced enhancements to its security solutions. They include improvements to its Machine Data Intelligence Fabric, simplified data retention via Amazon Web Services Inc.’s S3, compliance frameworks for National Institute of Standards and Technology standards, and a JSON normalization wizard as part of security information and events management updates. JSON, short for JavaScript Object […]

The post LogRhythm boosts security with data intelligence, AWS integration and compliance updates appeared first on SiliconANGLE.

SentinelLabs uncovers new CapraRAT spyware targeting Android users

Duncan Riley — Mon, 01 Jul 2024 10:00:29 +0000

A new report released today by SentinelLabs, the research arm of listed cybersecurity company SentinelOne Inc., warns of a resurgence of CapraRAT spyware targeting mobile gamers and weapons enthusiasts through malicious Android applications. CapraRAT is an Android remote-access trojan virus used by a Pakistan-linked threat actor called Transparent Tribe, also known as APT36, which first emerged around […]

The post SentinelLabs uncovers new CapraRAT spyware targeting Android users appeared first on SiliconANGLE.

Remote access provider TeamViewer discloses breach attributed to Russian hackers

Maria Deutscher — Fri, 28 Jun 2024 18:36:13 +0000

TeamViewer SE, the developer of a widely-used application for remotely accessing computers, has experienced a network breach. The company disclosed the incident on Thursday. In a follow-up update published today, TeamViewer attributed the cyberattack to APT29, a Russian state-backed hacking group. The group was responsible for the 2020 hacking campaign that targeted SolarWinds Corp. customers through malicious software […]

The post Remote access provider TeamViewer discloses breach attributed to Russian hackers appeared first on SiliconANGLE.

CISA joint guidance warns of memory safety vulnerabilities in open-source projects

Duncan Riley — Thu, 27 Jun 2024 23:28:42 +0000

A new joint guidance released by the U.S. Cybersecurity and Infrastructure Security Agency at partners is warning of the widespread and costly prevalence of memory safety vulnerabilities in critical open-source projects and an urgent need for software manufacturers to adopt memory-safe programming practices. The Exploring Memory Safety in Critical Open Source Projects guidance, created by CISA […]

The post CISA joint guidance warns of memory safety vulnerabilities in open-source projects appeared first on SiliconANGLE.

Progress Software discloses critical vulnerability in MOVEit file transfer service

Maria Deutscher — Thu, 27 Jun 2024 22:33:53 +0000

Progress Software Corp. has disclosed a critical vulnerability in its MOVEit service, which organizations use to share files with one another. The company detailed the flaw on Tuesday. It also disclosed an exploit in MOVEit Gateway, a cybersecurity product that some organizations use together with the file transfer service. The day after Progress made the […]

The post Progress Software discloses critical vulnerability in MOVEit file transfer service appeared first on SiliconANGLE.

Odaseva nabs $54M for its Salesforce data protection platform

Maria Deutscher — Thu, 27 Jun 2024 20:44:18 +0000

Odaseva Technologies SAS, a startup with a platform that helps enterprises encrypt and back up the data they keep in Salesforce, has closed a $54 million funding round. The company detailed in its announcement of the raise today that Silver Lake Waterman was the lead investor. F-Prime, Eight Roads, Serena Capital, Eurazeo and Crescent Cove […]

The post Odaseva nabs $54M for its Salesforce data protection platform appeared first on SiliconANGLE.

Vulnerability detection provider PortSwigger raises $112M

Maria Deutscher — Thu, 27 Jun 2024 18:32:58 +0000

PortSwigger Ltd., the company behind one of the industry’s most popular cybersecurity testing tools, today disclosed that it has raised $112 million in funding. The capital was provided by private equity firm Brighton Park Capital. It marks the first time that U.K.-based PortSwigger has raised funding since launch. The company was founded in 2008 by […]

The post Vulnerability detection provider PortSwigger raises $112M appeared first on SiliconANGLE.

Permissions management startup AuthZed raises $12M to accelerate its strategic expansion

Duncan Riley — Thu, 27 Jun 2024 13:00:47 +0000

Permissions management startup AuthZed Inc. today announced that it has raised $12 million in new funding to accelerate its strategic expansion, particularly targeting small to midsized organizations. Founded in 2020 by Jake Moshenko, Joey Schorr and Jimmy Zelinskie, veterans of CoreOS and RedHat, AuthZed provides a secure and scalable permissions management system for modern applications. […]

The post Permissions management startup AuthZed raises $12M to accelerate its strategic expansion appeared first on SiliconANGLE.

Cisco Talos warns of wider security implications following Snowflake breach

Duncan Riley — Thu, 27 Jun 2024 12:00:19 +0000

A new report released today by Cisco Talos is warning of the implications of the recent Snowflake Inc.-related cloud data platform breach and how the comprised accounts highlight the vulnerabilities inherent in cloud environments. The Snowflake breach involved attackers using stolen login credentials to infiltrate customer accounts. The credentials were not protected by multifactor authentication, […]

The post Cisco Talos warns of wider security implications following Snowflake breach appeared first on SiliconANGLE.

Background check firm KarmaCheck raises $45M to fuel development and growth

Duncan Riley — Thu, 27 Jun 2024 12:00:11 +0000

Background checks, credentialing and compliance software company KarmaCheck Inc. today announced that it has raised $45 million in new funding to accelerate the development of its technology platform and expand into new industry segments. Founded in 2019 by Eric Ly, one of the co-founders of LinkedIn, KarmaCheck pitches its offering as reimagining background checks and […]

The post Background check firm KarmaCheck raises $45M to fuel development and growth appeared first on SiliconANGLE.

Jana Partners acquires stake in Rapid7, reportedly pushes for sale of company

Duncan Riley — Wed, 26 Jun 2024 23:13:44 +0000

Activist investor Jana Partners LLC has taken a stake in cybersecurity solutions provider Rapid7 Inc. and is reportly planning to push the company to sell itself. Jana’s managing partner, Scott Ostfelf, unveiled the investment today and, while not saying how many shares the investment firm had acquired, described Jana’s shareholding as “significant.” The Wall Street […]

The post Jana Partners acquires stake in Rapid7, reportedly pushes for sale of company appeared first on SiliconANGLE.

Supply chain attack compromises 100,000 websites via polyfill.io domain takeover

Duncan Riley — Wed, 26 Jun 2024 22:34:00 +0000

About 100,000 sites have potentially been compromised in a supply chain attack following an alleged Chinese firm’s takeover of a popular open-source library. The compromise involved the acquisition of polyfill.io, a domain name linked to the open-source Polyfill project, in February. Polyfill.io is a service that automatically provides the necessary polyfills — pieces of code […]

The post Supply chain attack compromises 100,000 websites via polyfill.io domain takeover appeared first on SiliconANGLE.

Arctic Wolf report reveals 70% of organizations targeted by BEC attacks in past year

Duncan Riley — Wed, 26 Jun 2024 13:00:18 +0000

A new report out today from managed cybersecurity services company Arctic Wolf Networks Inc. finds a significant increase in business email compromise attacks, with 70% of all organizations reportedly targeted by BEC attacks in the last 12 months. The 2024 Arctic Wolf Trends report, based on a survey of its customers and internal data, found […]

The post Arctic Wolf report reveals 70% of organizations targeted by BEC attacks in past year appeared first on SiliconANGLE.

Google intensifies efforts against wide-reaching China-linked influence operation

Duncan Riley — Wed, 26 Jun 2024 10:00:56 +0000

Google LLC’s Threat Analysis Group today shared insights into how it is taking on prolific influence operation actor DRAGONBRIDGE, a “spammy influence network” allegedly linked to China with a presence across multiple platforms. DRAGONBRIDGE, also known as “Spamouflage Dragon,” was first highlighted by Google TAG in January 2023. The group is known for producing a high […]

The post Google intensifies efforts against wide-reaching China-linked influence operation appeared first on SiliconANGLE.

Cloudflare AppSec report finds denial-of-service and bot attacks dominate web threat landscape

Duncan Riley — Tue, 25 Jun 2024 13:00:00 +0000

A new report from content delivery network provider Cloudflare Inc. today warns of a rapid rise in web threats dominated by distributed denial-of-service attacks, bot traffic and rapid zero-day vulnerability exploitation. The State of Application Security 2024 report is based on the analysis of HTTP traffic patterns observed between April 1, 2023, and March 31 this year. […]

The post Cloudflare AppSec report finds denial-of-service and bot attacks dominate web threat landscape appeared first on SiliconANGLE.

BlackBerry reports 40% increase in unique malware samples in first quarter

Duncan Riley — Tue, 25 Jun 2024 10:00:42 +0000

A new report out today from BlackBerry Ltd. details a significant increase in new malware used in cyberattacks in the first quarter of this year as overall attacks continue to surge. The latest BlackBerry Global Threat Intelligence Report reveals that BlackBerry cybersecurity solutions detected and stopped 3.1 million cyberattacks in the first quarter, or 37,000 […]

The post BlackBerry reports 40% increase in unique malware samples in first quarter appeared first on SiliconANGLE.

LockBit claims Federal Reserve breach, demands ransom not to release stolen data

Duncan Riley — Mon, 24 Jun 2024 23:44:09 +0000

Infamous ransomware gang LockBit is claiming to have breached the U.S. Federal Reserve and is threatening to release stolen banking information if a ransom payment is not made. According to a listing on its dark web leaks site, LockBit claims to have “33 terabytes of juicy banking information containing Americans’ banking secrets” before going on […]

The post LockBit claims Federal Reserve breach, demands ransom not to release stolen data appeared first on SiliconANGLE.

Ollama addresses remote execution flaw following Wiz discovery

Duncan Riley — Mon, 24 Jun 2024 13:00:49 +0000

As generative artificial intelligence continues to grow in popularity and become mainstream, so do security issues surrounding large language models and their support services. A new report today from Wiz Inc. details one such vulnerability discovered in Ollama, the open-source infrastructure project designed to simplify the packaging and deployment of AI models. However, in a welcome […]

The post Ollama addresses remote execution flaw following Wiz discovery appeared first on SiliconANGLE.

US Treasury sanctions 12 Kaspersky executives

Maria Deutscher — Fri, 21 Jun 2024 21:04:12 +0000

The U.S. Treasury Department today announced sanctions against 12 executives at Kaspersky Lab Inc., a Russian antivirus maker. The sanctions are being rolled out by the Treasury Department’s Office of Foreign Assets Control, or OFAC. A day earlier, the Commerce Department banned Kaspersky from selling its antivirus software and other products in the U.S. The […]

The post US Treasury sanctions 12 Kaspersky executives appeared first on SiliconANGLE.

Hacking group Qilin leaks data stolen from UK medical testing provider Synnovis

Maria Deutscher — Fri, 21 Jun 2024 18:52:02 +0000

A ransomware gang has reportedly published 400 gigabytes of data stolen from Synnovis, a UK-based provider of medical testing services. The U.K.’s healthcare system, the National Health Service, said today that law enforcement agencies are working to verify the data. “The National Crime Agency and National Cyber Security Centre are working to verify the data […]

The post Hacking group Qilin leaks data stolen from UK medical testing provider Synnovis appeared first on SiliconANGLE.

EchoMark says it has the definitive answer to data exfiltration

Paul Gillin — Fri, 21 Jun 2024 00:16:58 +0000

EchoMark Inc., a Seattle startup focused on protecting private information, is launching a software-as-a-service offering that uses forensic watermarking to prevent the unauthorized disclosure of internal communications. SecureView protects against information leaks caused by such hard-to-track elements as email attachments, downloads, image captures and untraceable emails, the company says. It allows for the trusted sharing and […]

The post EchoMark says it has the definitive answer to data exfiltration appeared first on SiliconANGLE.

Zscaler-Google strategic alliance forged to enhance enterprise security and access

Shelly Kramer — Thu, 20 Jun 2024 21:54:07 +0000

One of the announcements coming out of Zscaler Inc.’s Zenith Live 2024 event held in Vegas this past week that I was most excited about was an extended and formalized Zscaler-Google alliance. This partnership aims to deliver enhanced secure application access, data protection and insights for enterprise customers using Chrome Enterprise, Google Workspace and Google […]

The post Zscaler-Google strategic alliance forged to enhance enterprise security and access appeared first on SiliconANGLE.

Post-quantum cryptography startup PQShield raises $37M

Maria Deutscher — Thu, 20 Jun 2024 18:47:41 +0000

Post-quantum cryptography startup PQShield Ltd. today announced that it has closed a $37 million funding round led by Addition. Chevron Technology Ventures, Legal & General, Braavos Capital and Oxford Science Enterprises contributed as well. The Series B investment brings PQShield’s total outside funding to more than $57 million. “We’re already getting our technology into the […]

The post Post-quantum cryptography startup PQShield raises $37M appeared first on SiliconANGLE.

Navigating hybrid cloud: Zerto’s integration with HPE’s virtualization platforms

Mark Albertson — Thu, 20 Jun 2024 14:42:40 +0000

When Hewlett Packard Enterprise Co. acquired Zerto Ltd. for $374 million in 2021, the expectation was that the venture-backed startup would help enterprise customers implement speedy data recovery solutions and protect workloads against lengthy outages in a data-driven world. “Where we really fit is in the resume and recoverability,” said Matt Boris (pictured, right), vice […]

The post Navigating hybrid cloud: Zerto’s integration with HPE’s virtualization platforms appeared first on SiliconANGLE.

Cato Networks introduces new partner program to simplify managed SASE services

Duncan Riley — Thu, 20 Jun 2024 12:30:45 +0000

Cloud networking company Cato Networks Ltd. today announced a new partner platform that eliminates the complexity of delivering managed Secure Access Service Edge services. Called the Cato MSASE Partner Platform, the new platform is been designed to allow channel partners to rapidly deliver and profit from management SASE services. The platform gives partners vendor-level insight, control and […]

The post Cato Networks introduces new partner program to simplify managed SASE services appeared first on SiliconANGLE.

Cyber resilience startup Semperis raises $125M for enterprise identity protection expansion

Duncan Riley — Thu, 20 Jun 2024 12:00:54 +0000

Enterprise identity protection and cyber resilience startup Semperis Ltd. today announced that it has secured $125 million in growth financing, which will allow it to invest in product innovation and support its expanding global customer base. Founded in 2014, Semperis offers cybersecurity services that specialize in protecting Active Directory and Azure AD from cyberthreats, as well as […]

The post Cyber resilience startup Semperis raises $125M for enterprise identity protection expansion appeared first on SiliconANGLE.

LockBit resurgence sees ransomware attacks reach record high in May

Duncan Riley — Thu, 20 Jun 2024 07:00:46 +0000

A new report released today by NCC Group plc has found that ransomware attacks hit a record high in May, driven by a massive resurgence in LockBit ransomware attacks. The NCC Group 2024 Threat Intel report found that global ransomware attacks rose by 32% month-over-month in May, to 470 recorded ransomware attacks, up from 356 […]

The post LockBit resurgence sees ransomware attacks reach record high in May appeared first on SiliconANGLE.

Cyberattack on CDK Global disrupts car sales in North America

Duncan Riley — Wed, 19 Jun 2024 23:43:01 +0000

Data technology company CDK Global Inc., a major supplier of software to car dealerships in North America, has been hit by a cyberattack that has resulted in the company being forced to take its systems offline and clients being unable to process regular business transactions. The attack occurred today as systems going offline at around […]

The post Cyberattack on CDK Global disrupts car sales in North America appeared first on SiliconANGLE.

Zscaler Zenith Live ‘24 touts breach predictions, zero trust and expanded partnership with Google

Zeus Kerravala — Wed, 19 Jun 2024 19:55:46 +0000

Zscaler Inc.‘s Las Vegas Zenith Live ‘24 event in Las Vegas last week featured a wide range of news, from zero-trust security to a new breach detector. Most of the news was unveiled during the keynotes, which featured several executives, including Chief Executive Jay Chaudhry (pictured), Deepen Desai, chief security officer and head of security […]

The post Zscaler Zenith Live ‘24 touts breach predictions, zero trust and expanded partnership with Google appeared first on SiliconANGLE.