SecurityWeek
Fortinet Patches Critical RCE Vulnerability in FortiClientLinux
Fortinet has released patches for a dozen vulnerabilities, including a critical-severity remote code execution flaw in FortiClientLinux.
The post Fortinet Patches Critical RCE Vulnerability in FortiClientLinux appeared first on SecurityWeek.
Thousands of LG TVs Possibly Exposed to Remote Hacking
Many LG TVs may be vulnerable to remote hacking due to a series of vulnerabilities found by Bitdefender researchers.
The post Thousands of LG TVs Possibly Exposed to Remote Hacking appeared first on SecurityWeek.
Sprinto Raises $20 Million for Automated Risk and Compliance Platform
Risk and compliance solutions provider Sprinto has raised $20 million in a Series B funding round led by Accel.
The post Sprinto Raises $20 Million for Automated Risk and Compliance Platform appeared first on SecurityWeek.
530k Impacted by Data Breach at Wisconsin Healthcare Organization
The personal information of 500,000 people was compromised in a data breach at Group Health Cooperative of South Central Wisconsin.
The post 530k Impacted by Data Breach at Wisconsin Healthcare Organization appeared first on SecurityWeek.
Microsoft Patches Two Zero-Days Exploited for Malware Delivery
Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware.
The post Microsoft Patches Two Zero-Days Exploited for Malware Delivery appeared first on SecurityWeek.
Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers
Patch Tuesday: Microsoft warns that unauthenticated hackers can take complete control of Azure Kubernetes clusters.
The post Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers appeared first on SecurityWeek.
Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products
Adobe calls attention to a pair of code execution bugs in Adobe Commerce and Magento Open Source, a product used to manage online stories.
The post Patch Tuesday: Code Execution Flaws in Multiple Adobe Software Products appeared first on SecurityWeek.
Data Security Firm Cyera Raises $300 Million at $1.4 Billion Valuation
Data security company Cyera’s latest $300 million funding round brings the total raised by the firm to $460 million, at unicorn valuation.
The post Data Security Firm Cyera Raises $300 Million at $1.4 Billion Valuation appeared first on SecurityWeek.
Asia-Focused Dark Web Threat Intelligence Startup StealthMole Raises $7 Million
Founded in 2022, Singapore-based StealthMole leverages AI to analyze data from the dark web, deep web, and other sources to provide risk assessment and threat monitoring capabilities.
The post Asia-Focused Dark Web Threat Intelligence Startup StealthMole Raises $7 Million appeared first on SecurityWeek.
SAP’s April 2024 Updates Patch High-Severity Vulnerabilities
SAP has released 12 new and updated security notes on April 2024 Security Patch Day, including three notes dealing with high-severity vulnerabilities.
The post SAP’s April 2024 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
ICS Patch Tuesday: Siemens Addresses Palo Alto Networks Product Vulnerabilities
Siemens and Schneider Electric release their ICS Patch Tuesday advisories for April 2024, informing customers about dozens of vulnerabilities.
The post ICS Patch Tuesday: Siemens Addresses Palo Alto Networks Product Vulnerabilities appeared first on SecurityWeek.
CVS Group Restoring Systems Impacted by Cyberattack
Veterinary services provider CVS Group is restoring systems after a cyberattack disrupted its UK operations.
The post CVS Group Restoring Systems Impacted by Cyberattack appeared first on SecurityWeek.
CISO Conversations: Nick McKenzie (Bugcrowd) and Chris Evans (HackerOne)
SecurityWeek discusses cybersecurity leadership with CISOs from crowdsourced hacking organizations Bugcrowd (Nick McKenzie) and HackerOne (Chris Evans)
The post CISO Conversations: Nick McKenzie (Bugcrowd) and Chris Evans (HackerOne) appeared first on SecurityWeek.
DOJ-Collected Information Exposed in Data Breach Affecting 340,000
Economic analysis and litigation support firm GMA says personal and medical information was stolen in a May 2023 data breach.
The post DOJ-Collected Information Exposed in Data Breach Affecting 340,000 appeared first on SecurityWeek.
Second Ransomware Group Extorting Change Healthcare
RansomHub is extorting Change Healthcare, threatening to release data stolen in a February 2024 BlackCat ransomware attack.
The post Second Ransomware Group Extorting Change Healthcare appeared first on SecurityWeek.
StrikeReady Raises $12M to Build AI-Powered Security Command Center
StrikeReady, an early-stage Silicon Valley startup working on technology to modernize cybersecurity command centers, has banked $12 million in new financing from 33N Ventures. The Palo Alto, Calif.-based StrikeReady said the Series A included equity interests for Hitachi Ventures, Monta Vista Capital and a handful of prominent cybersecurity executives. StrikeReady has raised a total of […]
The post StrikeReady Raises $12M to Build AI-Powered Security Command Center appeared first on SecurityWeek.
Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices
Unpatched D-Link NAS device vulnerability CVE-2024-3273, potentially affecting many devices, is being exploited in the wild.
The post Exploitation Attempts Target Unpatched Flaw Affecting Many D-Link NAS Devices appeared first on SecurityWeek.
Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability
Researchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution.
The post Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability appeared first on SecurityWeek.
Healthcare IT Help Desk Employees Targeted in Payment-Hijacking Attacks
The US Department of Health warns of financially motivated social engineering attacks targeting healthcare organizations.
The post Healthcare IT Help Desk Employees Targeted in Payment-Hijacking Attacks appeared first on SecurityWeek.
Key Lawmakers Float New Rules for Personal Data Protection; Bill Would Make Privacy a Consumer Right
The American Privacy Rights Act would preempt most state privacy laws — though it wouldn’t impact certain states’ laws already on the books that protect financial, health or employee data.
The post Key Lawmakers Float New Rules for Personal Data Protection; Bill Would Make Privacy a Consumer Right appeared first on SecurityWeek.