Tenable is set to acquire cloud security firm Ermetic for $240 million as it looks to expand the capabilities of its exposure management platform. The post Tenable to Acquire Cloud Security Firm Ermetic for $240 Million appeared first on SecurityWeek.…
IBM Reports Patient Data Breach at Johnson & Johnson Subsidiary
The attackers may have accessed sensitive patient information, such as health insurance and medication details This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: IBM Reports Patient Data Breach at Johnson & Johnson Subsidiary
More than half of UK organisations know they aren’t well protected against cyber threats
Just 49% of business leaders report that their organisation is well or very well protected against cyber threats, according to a new survey from cyber security expert, Red Helix. The research, conducted in partnership with independent Business Development company Larato,…
Payment diversion fraud poses significant threat to businesses
Nearly a quarter (24%) of businesses across the UK experienced payment diversion fraud in 2022 according to data from the Hiscox Cyber Readiness Report*. Payment diversion fraud (PDF) involves cyber criminals posing as a trusted supplier and manipulating individuals within…
Pynt introduces API security platform and raises $6 million
Pynt released its autopilot platform for API security used by developers and security experts, as well as $6 million in Seed funding led by Joule Ventures with the participation of Dallas VC and Honeystone VC. The use of APIs is…
MacOS malware has a new trick up its sleeve
A newer version of the Atomic Stealer macOS malware has a new trick that allows it to bypass the operating system’s Gatekeeper, Malwarebytes researchers have discovered. Mac malware delivered through Google ads The malware, which was first advertised in April…
Tenable to acquire Ermetic for $240 million in cash and $25 million in restricted stock and RSUs
Tenable Holdings has signed a definitive agreement to acquire Ermetic. Tenable intends to integrate Ermetic’s capabilities into its Tenable One Exposure Management Platform to deliver contextual risk visibility, prioritization, and remediation across infrastructure and identities, both on-premise and in the…
Minneapolis School District Reveals Full Extent of Data Breach
Minneapolis Public Schools (MPS) recently disclosed the full extent of a data breach from earlier this year, affecting more than 105,000 individuals. The breach, initially attributed to the Medusa ransomware group, compromised a wide range of personal information. The Breach…
AI In Cybersecurity – Risks and Rewards
By Aimei Wei, Co-Founder and CTO, Stellar Cyber The global cybersecurity workforce grew to a record 4.7 million people in 2022, according to an (ISC)2 2022 workforce study, but the same […] The post AI In Cybersecurity – Risks and Rewards…
Electoral Commission Fails Cyber-Security Test Amidst Major Data Breach
The Electoral Commission has acknowledged its failure in a fundamental cyber-security assessment, which coincided with a breach by hackers gaining unauthorized access to the organization’s systems. A whistleblower disclosed that the Commission received an automatic failure during a Cyber…
ProtonMail Code Vulnerabilities Leaked Emails
By Waqas Key Findings ProtonMail, a popular Swiss-based email service that markets itself as a secure and private alternative to… This is a post from HackRead.com Read the original post: ProtonMail Code Vulnerabilities Leaked Emails This article has been indexed…
Facebook Trains Its AI on Your Data. Opting Out May Be Futile
Here’s how to request that your personal information not be used to train Meta’s AI model. “Request” is the operative word here. This article has been indexed from Security Latest Read the original article: Facebook Trains Its AI on Your…
The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2024
By the end of 2024, the number of MSPs and MSSPs offering vCISO services is expected to grow by almost 5 fold, as can be seen in figure 1. This incredible surge reflects the growing business demand for specialized cybersecurity…
If you like to play along with the illusion of privacy, smart devices are a dumb idea
You’re just giving manufacturers carte blanche to profit off personal data Depressingly predictable research from Which? serves as another reminder, if one was needed, that furnishing your home with internet-connected “smart” devices could be a dumb idea if you’d rather…
BT Halts Sale Of New Copper Lines On Openreach Network
As UK full fibre rollout continues, BT announces halt to sales of new copper telephones lines, after more than a century This article has been indexed from Silicon UK Read the original article: BT Halts Sale Of New Copper Lines…
Chinese Hacker Steals Microsoft Signing Key, Spies on US Government
The threat actor used the stolen key to breach 25 organizations, including US government agencies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Hacker Steals Microsoft Signing Key, Spies on US Government
IBM Discloses Data Breach Impacting Janssen Healthcare Platform
IBM has disclosed a data breach involving a Janssen healthcare platform that last year helped more than 1 million patients. The post IBM Discloses Data Breach Impacting Janssen Healthcare Platform appeared first on SecurityWeek. This article has been indexed from…
Cisco Finds 8 Vulnerabilities in OAS Industrial IoT Data Platform
Vulnerabilities identified in the OAS Platform could be exploited to bypass authentication, leak sensitive information, and overwrite files. The post Cisco Finds 8 Vulnerabilities in OAS Industrial IoT Data Platform appeared first on SecurityWeek. This article has been indexed from…
Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks
Patches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems. The update (version 2.1.1) plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious…
The Hacker Tool to Get Personal Data from Credit Bureaus
The new site 404 Media has a good article on how hackers are cheaply getting personal information from credit bureaus: This is the result of a secret weapon criminals are selling access to online that appears to tap into an…
GAM3S.GG Raises $2M to Grow Web3 Gaming Superapp
By Owais Sultan GAM3S.GG Secures $2M Seed Funding Led by Mechanism Capital to Grow Web3 Gaming Superapp. This is a post from HackRead.com Read the original post: GAM3S.GG Raises $2M to Grow Web3 Gaming Superapp This article has been indexed…
Chinese Hack of Microsoft Consumer Key Stemmed From its Engineer’s Corporate Account
Storm-0558, a threat actor based in China, has recently gained access to a Microsoft account consumer key. This has allowed them to infiltrate and compromise 25 organizations, including those within government agencies. Since May 15, 2023, they have been using…
SafeBase acquires Stacksi to automate responses to security questionnaires
SafeBase announced that it is acquiring Stacksi, the A.I.-powered security questionnaire automation platform. The acquisition advances the two companies’ shared vision to eliminate the time-consuming, cumbersome task of responding to security questionnaires in the B2B buying process. With a SafeBase…
Microsoft Account Compromise Led To Chinese Hack Of US Officials
Chinese hack of senior US officials came after the corporate account of a Microsoft engineer was compromised This article has been indexed from Silicon UK Read the original article: Microsoft Account Compromise Led To Chinese Hack Of US Officials