Security Week
DeepKeep Launches AI-Native Security Platform With $10 Million in Seed Funding
AI-Native Trust, Risk, and Security Management (TRiSM) startup DeepKeep raises $10 million in seed funding.
The post DeepKeep Launches AI-Native Security Platform With $10 Million in Seed Funding appeared first on SecurityWeek.
CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen
SecurityWeek interviews Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta.
The post CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen appeared first on SecurityWeek.
Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server
The new Wpeeper Android trojan ceased operations after a week and has zero detections in VirusTotal.
The post Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server appeared first on SecurityWeek.
UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike
UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee set for May 1, 2024.
The post UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike appeared first on SecurityWeek.
Finnish Hacker Gets Prison for Accessing Thousands of Psychotherapy Records and Demanding Ransoms
In February 2023, French police arrested well-known Finnish hacker Aleksanteri Kivimäki, who was living under a false identity near Paris. He was deported to Finland. His trial ended last month.
The post Finnish Hacker Gets Prison for Accessing Thousands of Psychotherapy Records and Demanding Ransoms appeared first on SecurityWeek.
Docker Hub Users Targeted With Imageless, Malicious Repositories
JFrog raises an alarm after finding three large-scale malware campaigns targeting Docker Hub with imageless repositories.
The post Docker Hub Users Targeted With Imageless, Malicious Repositories appeared first on SecurityWeek.
Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover
Three vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host.
The post Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover appeared first on SecurityWeek.
Apptega Raises $15 Million for Cybersecurity Compliance Platform
Mainsail Partners leads a $15 million financing round for end-to-end cybersecurity compliance platform company Apptega.
The post Apptega Raises $15 Million for Cybersecurity Compliance Platform appeared first on SecurityWeek.
Island Secures $175M Investment as Enterprise Browser Startups Defy Tech Giants
Despite competitive pressures from industry behemoths like Microsoft and Google, investors are still betting big on startups in the specialized enterprise browser space.
The post Island Secures $175M Investment as Enterprise Browser Startups Defy Tech Giants appeared first on SecurityWeek.
Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report
While China-linked Muddling Meerkat’s operations look like DNS DDoS attacks, it seems unlikely that denial of service is their goal, at least in the near term.
The post Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report appeared first on SecurityWeek.
FCC Fines Wireless Carriers for Sharing User Locations Without Consent
The Federal Communications Commission leveraged nearly $200 million in fines against wireless carriers AT&T, Sprint, T-Mobile and Verizon for illegally sharing customers’ location data.
The post FCC Fines Wireless Carriers for Sharing User Locations Without Consent appeared first on SecurityWeek.
SafeBase Scores $33M Series B Investment
SafeBase has raised north of $50 million since launching in 2020 with plans to simplify vendor risk assessment disclosures.
The post SafeBase Scores $33M Series B Investment appeared first on SecurityWeek.
Vulnerability in R Programming Language Could Fuel Supply Chain Attacks
A vulnerability (CVE-2024-27322) in the R programming language implementation can be exploited to execute arbitrary and be used as part of a supply chain attack.
The post Vulnerability in R Programming Language Could Fuel Supply Chain Attacks appeared first on SecurityWeek.
Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues
Microsoft provides an easy and logical first step into GenAI for many organizations, but beware of the pitfalls.
The post Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues appeared first on SecurityWeek.
Tech CEOs Altman, Nadella, Pichai and Others Join Government AI Safety Board Led by DHS’ Mayorkas
CEOs of major tech companies are joining a new artificial intelligence safety board to advise the federal government on how to protect the nation’s critical services from “AI-related disruptions.”
The post Tech CEOs Altman, Nadella, Pichai and Others Join Government AI Safety Board Led by DHS’ Mayorkas appeared first on SecurityWeek.
CISA Rolls Out New Guidelines to Mitigate AI Risks to US Critical Infrastructure
New CISA guidelines categorize AI risks into three significant types and pushes a four-part mitigation strategy.
The post CISA Rolls Out New Guidelines to Mitigate AI Risks to US Critical Infrastructure appeared first on SecurityWeek.
How TikTok Grew From a Fun App for Teens Into a Potential National Security Threat
History of TikTok and how it many view it as a national security threat.
The post How TikTok Grew From a Fun App for Teens Into a Potential National Security Threat appeared first on SecurityWeek.
Google Says it Blocked 2.28 Million Apps from Google Play Store
In 2023, Google said it blocked 2.28 million bad applications from being published on Google Play and banned 333,000 developer accounts.
The post Google Says it Blocked 2.28 Million Apps from Google Play Store appeared first on SecurityWeek.
Should Cybersecurity Leadership Finally be Professionalized?
The majority opinion is that a cybersecurity professional body is long overdue and would benefit cybersecurity and cybersecurity practitioners.
The post Should Cybersecurity Leadership Finally be Professionalized? appeared first on SecurityWeek.
Kaiser Permanente Data Breach Impacts 13.4 Million Patients
US healthcare giant is warning millions of current and former patients that their personal information was exposed to third-party advertisers.
The post Kaiser Permanente Data Breach Impacts 13.4 Million Patients appeared first on SecurityWeek.