SecurityWeek
Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices
A new Android trojan named Brokewell can steal user’s sensitive information and allows attackers to take over devices.
The post Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices appeared first on SecurityWeek.
Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day
More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published.
The post Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day appeared first on SecurityWeek.
Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses
More than 90,000 unique IPs are still infected with a PlugX worm variant that spreads via infected flash drives.
The post Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses appeared first on SecurityWeek.
In Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPO
Noteworthy stories that might have slipped under the radar: Volkswagen hacked by Chinese threat group, DDoS service shut down, Rubrik IPO.
The post In Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPO appeared first on SecurityWeek.
Darktrace to be Taken Private in $5.3 Billion Sale to Thoma Bravo
UK cybersecurity firm Darktace has agreed to sell itself to private equity giant Thoma Bravo for approximately $5.32 million in cash.
The post Darktrace to be Taken Private in $5.3 Billion Sale to Thoma Bravo appeared first on SecurityWeek.
Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors
A vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites.
The post Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors appeared first on SecurityWeek.
Predictive Security Startup BforeAI Raises $15 Million
Predictive attack intelligence and risk protection startup BforeAI has raised $15 million in a Series A funding round led by SYN Ventures.
The post Predictive Security Startup BforeAI Raises $15 Million appeared first on SecurityWeek.
Palo Alto Networks Shares Remediation Advice for Hacked Firewalls
Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400.
The post Palo Alto Networks Shares Remediation Advice for Hacked Firewalls appeared first on SecurityWeek.
Autodesk Drive Abused in Phishing Attacks
A new phishing campaign abuses compromised email accounts and targets corporate users with PDF files hosted on Autodesk Drive.
The post Autodesk Drive Abused in Phishing Attacks appeared first on SecurityWeek.
FTC Sending $5.6 Million in Refunds to Ring Customers Over Security Failures
The FTC is sending a total of $5.6 million in refunds to over 117,000 Ring customers as result of a 2023 settlement.
The post FTC Sending $5.6 Million in Refunds to Ring Customers Over Security Failures appeared first on SecurityWeek.
Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking
The Brocade SANnav management application is affected by multiple vulnerabilities, including a publicly available root password.
The post Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking appeared first on SecurityWeek.
Endpoint Security Firm ThreatLocker Raises $115 Million in Series D Funding
Zero trust endpoint security company ThreatLocker has announced a $115 million Series D funding round that brings the total to $240 million.
The post Endpoint Security Firm ThreatLocker Raises $115 Million in Series D Funding appeared first on SecurityWeek.
IBM Acquiring HashiCorp for $6.4 Billion
IBM is acquiring HashiCorp for $6.4 billion for its infrastructure lifecycle management and security lifecycle management capabilities.
The post IBM Acquiring HashiCorp for $6.4 Billion appeared first on SecurityWeek.
Cisco Systems Joins Microsoft, IBM in Vatican Pledge to Ensure Ethical Use and Development of AI
Pope Francis has called for an international treaty to ensure AI is developed and used ethically, devoting his annual peace message this year to the topic.
The post Cisco Systems Joins Microsoft, IBM in Vatican Pledge to Ensure Ethical Use and Development of AI appeared first on SecurityWeek.
Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms
Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks.
The post Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms appeared first on SecurityWeek.
KnowBe4 Plans to Acquire Egress for Email Security Tech
KnowBe4 boasts that the merger will create “the largest, advanced AI-driven cybersecurity platform for managing human risk.”
The post KnowBe4 Plans to Acquire Egress for Email Security Tech appeared first on SecurityWeek.
Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon
As a security industry, we need to focus our energies on those professionals among us who know how to walk the walk.
The post Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon appeared first on SecurityWeek.
North Korean Hackers Hijack Antivirus Updates for Malware Delivery
A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners.
The post North Korean Hackers Hijack Antivirus Updates for Malware Delivery appeared first on SecurityWeek.
Tines Bags $50 Million Funding for Security Workflow Automation
Irish startup Tines raises $50 million in new venture capital funding as investors make big bets on automation and orchestration startups.
The post Tines Bags $50 Million Funding for Security Workflow Automation appeared first on SecurityWeek.
Google Patches Critical Chrome Vulnerability
Google patches CVE-2024-4058, a critical Chrome vulnerability for which researchers earned a $16,000 reward.
The post Google Patches Critical Chrome Vulnerability appeared first on SecurityWeek.