Researchers have linked Chinese advanced persistent threat group Playful Taurus, also known as Vixen Panda and Nickel, to a series of attacks against Iranian organizations between July and December 2022. The group recently updated its toolkit to include a new variant of the Turian backdoor.
Security ratings provide a strong indication of potential risk, but boards increasingly want to drill into the underlying risk factors, says CEO Steve Harvey. BitSight has invested in both workflows around third-party risk and research and identification of CVEs on behalf of government agencies.
The former head of the U.K.'s National Cyber Security Centre warns that destructive ransomware targeting large enterprises is likely to surge in 2023, adding that recent attacks on Royal Mail and The Guardian newspaper are examples of these early-stage attacks.
Ukraine's top information protection agency says Russian cyberattacks are focusing on destruction of critical information infrastructure, spying and disinformation. Although efforts are underway, it will require $1.79 billion to completely restore the telecommunication sector, it says.
The IntSights deal has allowed Rapid7 to offer more visibility into the threat landscape and target the phishing infrastructure used by hackers. The deal has helped Rapid7 determine the spoofed domains and the employees and social media accounts that adversaries have targeted, CEO Corey Thomas says.
Meta says it is taking legal action against scraping-for-hire service provider Voyager Labs for allegedly using fake accounts to copy accessible data about users when logged into Facebook, Instagram and other websites. The social media firms says it closed 60,000 fake accounts.
TikTok must pay a fine of 5 million euros to the French government after the country's data protection agency said the short-form video app violated national privacy law restricting the monitoring of web browser activity. TikTok is at the center of a number of privacy controversies worldwide.
SailPoint has made its first acquisition since joining Thoma Bravo, scooping up a third-party identity risk startup established by a Massachusetts Air National Guard veteran. Buying SecZetta will give customers more visibility into employee, third-party contractor and temporary worker identities.
Hack The Box has completed a Series B funding round to add more cloud security and a gamification approach to its cybersecurity training platform. The Kent, England-based startup was founded in 2017 to provide pen testers and red teamers with a way to test their offensive security skills.
Senior U.S. and Japanese officials pledged deepened cooperation in cyberspace while signaling readiness to rebuff China through deployment of an upgraded Marine Corps unit to Okinawa. U.S. President Joe Biden is set to meet Friday with Japanese Prime Minister Fumio Kishida at the White House.
Managed security services player Cerberus Sentinel plans to capitalize on cloud migration and strict privacy regulations in South America through its proposed purchase of RAN Security. The deal will bolster Cerberus Sentinel's penetration testing, gap analysis and infrastructure management services.
Hackers are going downstream in their attacks on healthcare sector entities and their third-party business associates because in many cases, these cybercriminals have already hit up the larger players, says Michael Hamilton, CISO of security firm Critical Insight.
Simeio has added SailPoint and IBM to its identity and access management line card through the purchase of identity services provider PathMaker Group. The first acquisition in its 17-year history will give Simeio access to senior-level personnel with deep knowledge in identity governance.
Microsoft fixed an actively exploited zero-day vulnerability in 2023's first Patch Tuesday dump. The Redmond giant also issued fixes for 98 other vulnerabilities, including 11 classified as critical and 87 as important. The zero-day vulnerability could be used as part of a ransomware attack.
Appgate has promoted CISO and Federal President Leo Taddeo to CEO and tasked him with capturing zero trust deployment opportunities with the U.S. Defense Department. Appgate has tapped Taddeo to help the Defense Department grant access to users based on context as part of a new zero trust strategy.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing devicesecurity.io, you agree to our use of cookies.