SecurityWeek

Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400.

The post Palo Alto Networks Shares Remediation Advice for Hacked Firewalls appeared first on SecurityWeek.

A new phishing campaign abuses compromised email accounts and targets corporate users with PDF files hosted on Autodesk Drive.

The post Autodesk Drive Abused in Phishing Attacks  appeared first on SecurityWeek.

The FTC is sending a total of $5.6 million in refunds to over 117,000 Ring customers as result of a 2023 settlement.

The post FTC Sending $5.6 Million in Refunds to Ring Customers Over Security Failures appeared first on SecurityWeek.

The Brocade SANnav management application is affected by multiple vulnerabilities, including a publicly available root password.

The post Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking appeared first on SecurityWeek.

Zero trust endpoint security company ThreatLocker has announced a $115 million Series D funding round that brings the total to $240 million. 

The post Endpoint Security Firm ThreatLocker Raises $115 Million in Series D Funding appeared first on SecurityWeek.

IBM is acquiring HashiCorp for $6.4 billion for its infrastructure lifecycle management and security lifecycle management capabilities.

The post IBM Acquiring HashiCorp for $6.4 Billion appeared first on SecurityWeek.

Pope Francis has called for an international treaty to ensure AI is developed and used ethically, devoting his annual peace message this year to the topic.

The post Cisco Systems Joins Microsoft, IBM in Vatican Pledge to Ensure Ethical Use and Development of AI appeared first on SecurityWeek.

Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks.

The post Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms appeared first on SecurityWeek.

KnowBe4 boasts that the merger will create “the largest, advanced AI-driven cybersecurity platform for managing human risk.”

The post KnowBe4 Plans to Acquire Egress for Email Security Tech appeared first on SecurityWeek.

As a security industry, we need to focus our energies on those professionals among us who know how to walk the walk.

The post Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon appeared first on SecurityWeek.

A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners.

The post North Korean Hackers Hijack Antivirus Updates for Malware Delivery appeared first on SecurityWeek.

Irish startup Tines raises $50 million in new venture capital funding as investors make big bets on automation and orchestration startups.

The post Tines Bags $50 Million Funding for Security Workflow Automation appeared first on SecurityWeek.

Google patches CVE-2024-4058, a critical Chrome vulnerability for which researchers earned a $16,000 reward. 

The post Google Patches Critical Chrome Vulnerability appeared first on SecurityWeek.

Amplifier Security has raised $3.3 million in funding for a solution that includes human-in-the-loop automation and an AI copilot.

The post Amplifier Security Emerges From Stealth With AI Copilot, Human-in-the-Loop Automation appeared first on SecurityWeek.

Nagomi Security, a company that helps customers prevent threats by leveraging existing security tools, emerged from stealth with $30 million in funding. 

The post Nagomi Security Emerges From Stealth With $30 Million in Funding appeared first on SecurityWeek.

CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.

The post CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation appeared first on SecurityWeek.

A threat actor tracked as CoralRaider has been using multiple infostealers to harvest credentials from users worldwide.

The post Threat Actor Uses Multiple Infostealers in Global Campaign appeared first on SecurityWeek.

SD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE. 

The post SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking appeared first on SecurityWeek.

Hive Systems conducts another study on cracking passwords via brute-force attacks, but it’s no longer targeting MD5.

The post New Password Cracking Analysis Targets Bcrypt appeared first on SecurityWeek.

Bain Capital Ventures and angel investors invest $11 million in automated alerts analysis startup Prophet Security.

The post Prophet Security Emerges From Stealth Mode With $11 Million in Funding appeared first on SecurityWeek.