OpenSSL Patches Remote Code Execution Vulnerability

OpenSSL has issued an urgent advisory to warn of a memory corruption vulnerability that exposes servers to remote code execution attacks.
The vulnerability, tracked as CVE-2022-2274, was introduced in OpenSSL 3.0.4 and could potentially allow malicious… Continue reading OpenSSL Patches Remote Code Execution Vulnerability

DoD Launches ‘Hack US’ Bounties for Major Flaws in Publicly Exposed Assets

The United States Department of Defense (DoD) has launched a one-week bug bounty program to reward researchers who find high- and critical-severity vulnerabilities in publicly accessible assets owned by the DoD.
read more

Continue reading DoD Launches ‘Hack US’ Bounties for Major Flaws in Publicly Exposed Assets

Security Automation Firm Swimlane Closes $70 Million Funding Round

Security automation startup Swimlane on Wednesday announced it has raised $70 million in a Series C funding round that brings the total investment in the company to $170 million.
read more

Continue reading Security Automation Firm Swimlane Closes $70 Million Funding Round

North Korea Lazarus Hackers Blamed for $100 Million Horizon Bridge Heist

The infamous North Korean Lazarus hacking group is the prime suspect in the $100 million hack of Harmony’s Horizon Bridge, according to new data and research from blockchain analytics firm Elliptic.
read more

Continue reading North Korea Lazarus Hackers Blamed for $100 Million Horizon Bridge Heist

Normalyze Announces $22 Million for DSPM Technology

Bay Area startup Normalyze on Monday announced a $22 million in Series A funding as venture capital investors rush to place bets on the newly coined Data Security Posture Management (DSPM) space.
read more

Continue reading Normalyze Announces $22 Million for DSPM Technology

Cyolo Banks $60M Series B for ZTNA Technology

Cyolo, an Israeli startup building technology for zero trust networking, on Monday announced a new $60 million investment led by the venture investing arm of National Grid.
In addition to National Grid Partners, Cyolo said it scored investments from Gl… Continue reading Cyolo Banks $60M Series B for ZTNA Technology

FTC Takes Action Against CafePress Over Massive Data Breach, Cover-Up

The Federal Trade Commission (FTC) on Friday announced that it has finalized an order against CafePress, requiring it to improve its security posture following a cybersecurity incident that the company attempted to cover up.
read more

Continue reading FTC Takes Action Against CafePress Over Massive Data Breach, Cover-Up

CrowdStrike: Ransomware Actor Caught Exploiting Mitel VOIP Zero-Day

Security researchers at CrowdStrike have stumbled upon ransomware actors deploying zero-day exploits against Mitel VOIP appliances sitting on the network perimeter.
read more

Continue reading CrowdStrike: Ransomware Actor Caught Exploiting Mitel VOIP Zero-Day

Top Cryptographers Flag ‘Devastating’ Flaws in MEGA Cloud Storage

Cryptographers at Swiss university ETH Zurich have found at least five exploitable security flaws in the privacy-themed MEGA cloud storage service and warned that the issues could lead to “devastating attacks on the confidentiality and integrity of use… Continue reading Top Cryptographers Flag ‘Devastating’ Flaws in MEGA Cloud Storage