As per a report issued by NASA’s inspector general, “Attacks on NASA networks are not a new phenomenon, although attempts to steal critical information are increasing in both complexity and severity”.
The average total annual financial loss for companies from compromised cloud accounts is more than $500,000, according to new research by Proofpoint and the Ponemon Institute.
Discovered by Hector Martin, a software engineer at Asahi Linux, a project that works on porting Linux for Mac hardware, the vulnerability was codenamed M1RACLES and tracked as CVE-2021-30747.
Salt Security closed a $70 million Series C funding round led by Advent International to scale the company’s sales organization globally and enhance security earlier in the development lifecycle.
Thousands of Google Chrome extensions available on the official Chrome Web Store are tampering with security headers on popular websites, putting users at risk of a wide range of web-based attacks.
Cloud security analytics platform Uptycs today announced it has raised $50 million in a Series C funding round led by Norwest Venture Partners, bringing the company’s total raised to $93 million.
Insecure data storage is the most common security flaw in Android apps. Recently, security analysts listed down 23 Android applications leaking personal data of over 100 million users due to misconfigurations in third-party cloud services.
Pulse Secure issued a workaround for a critical RCE vulnerability in its Pulse Connect Secure VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges.
Decade-old botnets continue to adapt to the current threat landscape, as seen in the case of wide-ranging malicious activities of the resilient Phorpiex botnet. Though, for many years, the Phopiex botnet has had the same internal infrastructure with C2 mechanisms and source code.
The group uses a combination of its own custom toolsets and readily available offensive security software to deploy either a destructive wiper or a custom wiper-turned-ransomware variant.