SecurityWeek

Acronis Worth Over $1 Billion After Raising $147 Million

Security Week - 2 hours 50 min ago

Acronis on Wednesday announced that it raised $147 million. With this funding round, led by Goldman Sachs, Acronis becomes a unicorn company with a valuation exceeding $1 billion.

read more

Categories: SecurityWeek

GitHub Becomes CVE Numbering Authority, Acquires Semmle

Security Week - 3 hours 27 min ago

Microsoft-owned GitHub announced on Wednesday that it has acquired code analysis platform provider Semmle and the company is now a Common Vulnerabilities and Exposures (CVE) Numbering Authority.

read more

Categories: SecurityWeek

300 More Chinese Arrested in Philippines Crackdown

Security Week - 6 hours 1 min ago

Philippines immigration agents, backed by troops, have arrested more than 300 Chinese for alleged cyber crimes, a week after a similar number were detained during a raid linked to investment fraud.

The Bureau of Immigration late Tuesday said 324 Chinese nationals were arrested in Puerto Princesa City on Palawan island during Monday's operation.

read more

Categories: SecurityWeek

Emotet Returns, Spreads via Hijacked Email Conversations

Security Week - 6 hours 11 min ago

Following a 4-month vacation, Emotet’s operators are back at it, borrowing a recently introduced spear-phishing technique to deliver their malware: hijacking legitimate email conversations.

read more

Categories: SecurityWeek

Top 10 Tactical Recommendations for SMB Cybersecurity

Security Week - 7 hours 56 min ago

In my previous column I introduced the concept of “Think 360, Demand 360” as it applies to data protection, privacy, and cyber security.

read more

Categories: SecurityWeek

Facebook Takes Down Misleading Campaigns From Iraq, Ukraine

Security Week - 9 hours 26 min ago

Facebook this week announced that it removed multiple pages, groups, and accounts engaged in misleading behavior on the social platform.

read more

Categories: SecurityWeek

Code Execution Vulnerabilities Found in Aspose PDF Processing Product

Security Week - 9 hours 57 min ago

Several critical remote code execution vulnerabilities have been found by Cisco Talos researchers in a PDF file processing product from Aspose.

read more

Categories: SecurityWeek

Supply Chain Likely Target in Attacks by Tortoiseshell Group on Saudi IT Firms

Security Week - 10 hours 57 min ago

A previously undocumented attack group, given the name the Tortoiseshell Group, is targeting middle eastern IT firms in an apparent supply chain move against their customers. Researchers at Symantec have discovered 11 IT firms, mostly in Saudi Arabia, that have been hit by the group.

read more

Categories: SecurityWeek

'Panda' Group Makes Thousands of Dollars Using RATs, Crypto-Miners

Security Week - 14 hours 46 min ago

A new threat actor has generated thousands of dollars in the Monero cryptocurrency using remote access tools (RATs) and illicit cryptocurrency mining malware, Cisco’s Talos threat intelligence and research group revealed on Tuesday.

read more

Categories: SecurityWeek

US Justice Department Sues Snowden Over New Book

Security Week - Tue, 09/17/2019 - 2:45pm

The US Justice Department on Tuesday filed a lawsuit against Edward Snowden seeking to prevent the former CIA employee and National Security Agency contractor from profiting from his new book.

read more

Categories: SecurityWeek

Industry Reactions to Massive Ecuador Data Leak

Security Week - Tue, 09/17/2019 - 2:33pm

Researchers at vpnMentor have discovered an unprotected database apparently storing information on nearly everyone in Ecuador, including children and deceased individuals.

read more

Categories: SecurityWeek

Malware Sandboxing Firm VMRay Raises $10 Million

Security Week - Tue, 09/17/2019 - 1:33pm

Bochum, Germany-based VMRay has closed a $10 million Series B funding round led by Digital+ Partners, bringing the total raised to date to just under $14 million. The money will be used in both marketing and R&D. R&D is based in Germany, while all customer-facing operations are run from Boston, Mass.

read more

Categories: SecurityWeek

Linux Crypto-Miner Uses Kernel-Mode Rootkits for Evasion

Security Week - Tue, 09/17/2019 - 11:13am

A recently discovered cryptocurrency mining malware targeting Linux machines is employing kernel-mode rootkits in an attempt to make detection more difficult, Trend Micro reveals.

read more

Categories: SecurityWeek

AMD Radeon Driver Flaw Leads to VM Escape

Security Week - Tue, 09/17/2019 - 9:37am

A vulnerability in the AMD ATI Radeon ATIDXX64.DLL driver could be triggered from within a VMware guest to execute code on the host, Cisco Talos warns.

read more

Categories: SecurityWeek

Oracle Launches New Services to Secure the Cloud

Security Week - Tue, 09/17/2019 - 7:27am

Oracle this week expanded its portfolio with three new services designed to help automatically protect cloud workloads and data.

read more

Categories: SecurityWeek

Australia Knows China Hacked Its Parliament: Report

Security Week - Tue, 09/17/2019 - 6:53am

Australia is confident that China was behind cyberattacks on its parliament and political parties, but decided not to make public accusations to avoid disrupting trade relations, according to Reuters.

read more

Categories: SecurityWeek

SOHOpelessly Broken 2.0: 125 Vulnerabilities Found in Routers, NAS Devices

Security Week - Tue, 09/17/2019 - 2:41am

Researchers have discovered many vulnerabilities in over a dozen small office/home office (SOHO) routers and network-attached storage (NAS) devices as part of a project dubbed SOHOpelessly Broken 2.0.

read more

Categories: SecurityWeek

Security Firm: Data Breach Exposes Millions of Ecuadorians

Security Week - Mon, 09/16/2019 - 9:02pm

Millions of Ecuadorians are at risk of identity theft because a security breach exposed a trove of data including names, phone numbers and birth dates, a cyber security firm said Monday.

read more

Categories: SecurityWeek

InnfiRAT Targets Personal Data, Cryptocurrency Wallets

Security Week - Mon, 09/16/2019 - 1:57pm

A newly discovered remote access Trojan can steal various types of data from the infected machines, including personal data and cryptocurrency wallet information, Zscaler security researchers warn.

read more

Categories: SecurityWeek

Pages