The FIDO authentication standard could eventually bypass passwords, or at least augment them, as government and industry turns to more effective authentication technologies.

The latest financing led by Accel comes a year after Axonius raised $100 million at a valuation of $1.2 billion. Silver Lake Partners and existing investors Bessemer Venture Partners also participated.

The campaigns utilize web bugs to profile the victims before sending a variety of PlugX malware payloads via malicious URLs. TA416 has recently updated its PlugX malware variant.

A new SpyCloud report examined trends related to exposed data. Researchers identified 1.7 billion exposed credentials, a 15% increase from 2020, and 13.8 billion recaptured PII records obtained from breaches in 2021.

Wordfence recorded a whopping 144,000 attacks on February 25, 2022, and a total of 209,624 attacks between February 25 and 27. Most of the attacks were focused on a subset of 376 academic websites.

According to a report by Barracuda, the volume of attacks attempting to exploit the Log4Shell vulnerability remained relatively constant over the past two months. Mirai and its other versions appeared in most of the attacks that made use of the Log4Shell exploit. 

Avanan analyzed more than two million customer email inboxes since February 16. On the 27th, the attacks increased by eight times as compared to the baseline volume. 

Microsoft has addressed a vulnerability in the Azure Automation service that could have allowed attackers to take complete control over the data of other Azure customers.

In a data breach notice, Acro revealed that customers of two of its beauty product websites were impacted as the result of the exploitation of a vulnerability in a third-party payment processing vendor.

The news was reported by Amazon that associates the attacks with state-sponsored hackers and confirmed that it is helping customers impacted by the attacks to adopt security best practices.