Private equity firm Vector Capital invested $100 million in Malwarebytes a month after the antivirus stalwart laid off 125 employees to focus on smaller customers. The funds will help the vendor reduce clients' attack surfaces and accelerate momentum with MSPs and channel partners.
The latest edition of the ISMG Security Report discusses financial giant Morgan Stanley's failure to invest in proper hard drive destruction oversight, the future of ransomware and the gangs that have attacked organizations in recent years, and the methods required to secure new payments systems.
SentinelOne is taking on top rival CrowdStrike in the venture arena, unveiling a $100 million fund to support security and data startups of all sizes. S Ventures will give the company broader reach in adjacent markets and enable high-value integrations that can grow over time.
Federal authorities have issued urgent advisories - and Medtronic a voluntary product recall - about a cybersecurity flaw in some of the company's insulin pumps. If exploited, the flaw could result in patients receiving too little or too much insulin, which in extreme cases could result in death.
School is out for more than 3,000 students of a suburban Detroit district undergoing its second day of forensics analysis following an online attack. Students have been told not to use district-issued Chromebooks. Federal authorities have warned that school districts are targets of ransomware gangs.
CrowdStrike has purchased external attack surface management startup Reposify to help organizations detect and eliminate risk from vulnerable and unknown assets. This deal will allow CrowdStrike to combine its insights on endpoints and IT environments with Reposify's internet-scanning capabilities.
Chinese state-backed cyber spies developed a Linux variant of a Windows backdoor to target a Hong Kong university after Beijing squashed pro-democracy protests in the city. The threat group, called SparklingGoblin, deployed the custom-built implant in February 2021, Eset researchers say.
Apple issued a patch for a zero-day vulnerability likely exploited in the wild that allows a malicious iPhone app to execute arbitrary code with kernel-level privileges, marking the second smartphone kernel code execution bug fixed by the company in as many months.
Security researchers revealed yet another method for stealing a Tesla although the brand is one of the least-stolen cars and among the most recovered once pilfered. The newest example comes from internet of things security company IOActive in an attack involving two people and customized gear.
Netskope has built out a full SASE stack and helped enterprises secure their physical devices through the recent acquisitions of Infiot and WootCloud. Buying SD-WAN provider Infiot in August will boost the convergence of networking and security and help customers quickly on-ramp users in the cloud.
NortonLifeLock and Avast completed their $8.6 billion merger Monday, forming a $3.5 billion consumer cyber protection behemoth with expertise across security, privacy and identity. The fully merged company will have fewer than 4,000 employees and will initially go to market as NortonLifeLock.
The Lazarus Group, a North Korean advanced persistent threat gang, recently targeted energy companies in Canada, the U.S. and Japan to establish long-term access into victim networks to conduct espionage operations by deploying custom-built malware implants VSingle, YamaBot and MagicRAT.
Organizations must think differently about how to detect adversaries in the cloud rather than merely shifting their on-premises controls. Combining Carbon Black's insights into the endpoint with NSX's ability to see network connections has allowed VMware to more effectively spot lateral movement.
Vulnerabilities in certain medication infusion pump products from manufacturer Baxter could compromise a hospital's biomedical network. The flaws highlight the risks involving the acquisition and disposal of medical technology, says researcher Deral Heiland of Rapid7.
Software bills of materials improve the visibility, transparency, security and integrity of proprietary and open-source code in software supply chains. To realize these benefits, software engineering leaders should integrate SBOMs throughout the software delivery life cycle.
Download this report to gain more insights...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.
