Collaborate Disseminate
Okta warns that hackers broke into its support case management system and stole sensitive data that can be used to impersonate valid users.
The post Okta Support System Hacked, Sensitive Customer Data Stolen appeared first on SecurityWeek.
Continue reading Okta Support System Hacked, Sensitive Customer Data Stolen
British startup is working on software to mitigate against the ‘wild west’ of unregulated AI apps harvesting company data at scale.
The post Harmonic Lands $7M Funding to Secure Generative AI Deployments appeared first on SecurityWeek.
Continue reading Harmonic Lands $7M Funding to Secure Generative AI Deployments
Google says it is still catching government-backed groups linked to China and Russia launching WinRAR exploits in targeted attacks.
The post Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw appeared first on SecurityWeek.
Continue reading Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw
Since launching in 2021, Darwinium has raised $26 million to build a bot and fraud prevention platform running on the perimeter edge.
The post Darwinium Raises $18 Million for Edge-based Fraud Prevention Tech appeared first on SecurityWeek.
Continue reading Darwinium Raises $18 Million for Edge-based Fraud Prevention Tech
Startup with roots in the ecommerce mobile payments space raises $40 million for digital identity verification and authentication technology.
The post Prove Identity Snags $40M Funding for ID Verification Tech appeared first on SecurityWeek.
Continue reading Prove Identity Snags $40M Funding for ID Verification Tech
Privacy-focused messaging firm Signal is pouring cold water on widespread rumors of a zero-day exploit in its popular encrypted chat app.
The post Signal Pours Cold Water on Zero-Day Exploit Rumors appeared first on SecurityWeek.
Continue reading Signal Pours Cold Water on Zero-Day Exploit Rumors
Flaw poses a direct threat to the SOCKS5 proxy handshake process in cURL and can be exploited remotely in some non-standard configurations.
The post Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk appeared first on SecurityWeek.
Continue reading Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk
Microsoft says an APT group tracked as Storm-0062 has been hacking Confluence installations since mid-September, three weeks before Atlassian’s disclosure.
The post Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks appeared fir… Continue reading Microsoft Blames Nation-State Threat Actor for Confluence Zero-Day Attacks
Microsoft patches more than 100 vulnerabilities across the Windows ecosystem and warned that three are already being exploited in the wild.
The post Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business appeared first on SecurityWeek.
Continue reading Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business
Adobe Commerce customers exposed to code execution, privilege escalation, arbitrary file system read, and security feature bypass attacks.
The post Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop appeared first on SecurityWeek.
Continue reading Patch Tuesday: Code Execution Flaws in Adobe Commerce, Photoshop