Collaborate Disseminate
The Federal Bureau of Investigation (FBI), the Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the US Department of Agriculture (USDA) are raising alarm on business email compromise (BEC) attacks leading to the theft of sh… Continue reading US Food Companies Warned of BEC Attacks Stealing Food Product Shipments
Microsoft-owned code hosting platform GitHub this week announced multiple security improvements, including free secret scanning for public repositories and mandatory two-factor authentication (2FA) for developers and contributors.
read more Continue reading GitHub Announces Free Secret Scanning, Mandatory 2FA
API security startup FireTail this week announced that it has raised $5 million in an early-stage financing round led by Paladin Capital Group, with participation from General Advance, Secure Octane, Zscaler, and angel investors.
read more Continue reading API Security Firm FireTail Raises $5 Million
Google this week announced OSV-Scanner, a free scanner that open source developers can use to receive vulnerability details relevant to their projects.
The high number of dependencies that software projects rely on increases the risk of falling victim … Continue reading Google Announces Vulnerability Scanner for Open Source Developers
Bug bounty platform HackerOne says ethical hackers have identified and reported more than 65,000 software vulnerabilities in 2022.
The popular hacker-powered platform, which hosts bug bounty programs for both private and public organizations, including… Continue reading HackerOne Surpasses $230 Million in Paid Bug Bounties
Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.
The operating system update, released as part of Microsoft’s scheduled Patch Tuesday, addresses a flaw that lets mal… Continue reading Patch Tuesday: Microsoft Plugs Windows Hole Exploited in Ransomware Attacks
After skipping last month, Adobe returned to its scheduled Patch Tuesday cadence with the release of fixes for at least 38 vulnerabilities in multiple enterprise-facing products.
The San Jose, California software maker said the flaws could expose users… Continue reading Adobe Patches 38 Flaws in Enterprise Software Products
Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine escape bug exploited at the GeekPwn 2022 hacking challenge.
read more Continue reading VMware Patches VM Escape Flaw Exploited at Geekpwn Event
Virtualization technology giant Citrix on Tuesday scrambled out an emergency patch to cover a zero-day flaw in its networking product line and warned that a Chinese hacking group has already been caught exploiting the vulnerability.
read more Continue reading NSA Outs Chinese Hackers Exploiting Citrix Zero-Day
Boston-based developer security firm Snyk on Monday announced that it has raised $196.5 million in a Series G funding round, at a $7.4 billion valuation. To date, the company has raised over $1 billion.
read more Continue reading Snyk Raises $196.5 Million at $7.4 Billion Valuation