Fortinet has announced it has acquired Panopta, the SaaS platform innovator that provides full-stack visibility and automated management of the health of an enterprise network.

The Silicon Valley company said nation-state actors, almost certainly Russian, made off with the “Red Team” tools that could be used to mount new attacks around the world.

The Taiwanese vendor QNAP has released security updates to fix eight vulnerabilities, including XSS and command injection bugs, that could be exploited by attackers to over unpatched NAS devices.

Forescout Technologies disclosed 33 new vulnerabilities, including four remote code execution flaws, in four different open-source TCP/IP stacks used by major IoT, OT, and IT device vendors.

A large-scale phishing campaign is targeting 200 million Microsoft 365 users around the world, particularly within the financial services, healthcare, insurance, manufacturing, utilities, and telecom sectors.

Dragos, a Maryland-based industrial cybersecurity company, it raised $110 million, the latest sign that investors are pouring money into securing the critical infrastructure.

This year’s annual defense policy bill, known as the National Defense Authorization Act (NDAA), is loaded with provisions that would reshape the federal bureaucracy on cybersecurity.

Cisco has released security updates to address multiple pre-authentication bugs with public exploits affecting Cisco Security Manager that could allow for RCE attack after successful exploitation.

A phishing scheme discovered by Abnormal Security involved an email impersonating a vendor to bypass the victim’s Proofpoint gateway and set up a trap to steal Office 365 credentials.

With the promise of a widely available COVID-19 vaccine on the horizon, Europol, the European Union’s law-enforcement agency, has issued a warning about the rise of vaccine-related Dark Web activity.