Aqua Security raises $135M at a $1B valuation for its cloud native security service

Aqua Security, a Boston- and Tel Aviv-based security startup that focuses squarely on securing cloud-native services, today announced that it has raised a $135 million Series E funding round at a $1 billion valuation. The round was led by ION Crossover Partners. Existing investors M12 Ventures, Lightspeed Venture Partners, Insight Partners, TLV Partners, Greenspring Associates […] Continue reading Aqua Security raises $135M at a $1B valuation for its cloud native security service

Helping People In The Security Community – Paul’s Security Weekly #588

“Phoneboy” has been helping the security community for over 15 years. We fondly remember Phoneboy as a resource that helped us configure our Check Point firewalls back in the day! Phoneboy comes on the show to discuss how to help people in … Continue reading Helping People In The Security Community – Paul’s Security Weekly #588

Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack

Cloud hosting provider Dataresolution.net is struggling to bring its systems back online after suffering a ransomware infestation on Christmas Eve, KrebsOnSecurity has learned. The company says its systems were hit by the Ryuk ransomware, the same malware strain that crippled printing and delivery operations for multiple major U.S. newspapers over the weekend. Continue reading Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack

Reaper: Calm Before the IoT Security Storm?

It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks.

Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already.

Reaper isn’t attacking anyone yet. For the moment it is apparently content to gather gloom to itself from the darkest reaches of the Internet. But if history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks. Continue reading Reaper: Calm Before the IoT Security Storm?

Reaper: Calm Before the IoT Security Storm?

It’s been just over a year since the world witnessed some of the world’s top online Web sites being taken down for much of the day by “Mirai,” a zombie malware strain that enslaved “Internet of Things” (IoT) devices such as wireless routers, security cameras and digital video recorders for use in large-scale online attacks.

Now, experts are sounding the alarm about the emergence of what appears to be a far more powerful strain of IoT attack malware — variously named “Reaper” and “IoTroop” — that spreads via security holes in IoT software and hardware. And there are indications that over a million organizations may be affected already.

Reaper isn’t attacking anyone yet. For the moment it is apparently content to gather gloom to itself from the darkest reaches of the Internet. But if history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks. Continue reading Reaper: Calm Before the IoT Security Storm?

Microsoft’s October Patch Batch Fixes 62 Flaws

Microsoft on Tuesday released software updates to fix at least 62 security vulnerabilities in Windows, Office and other software. Two of those flaws were detailed publicly before yesterday’s patches were released, and one of them is already being exploited in active attacks, so attackers already have a head start. Continue reading Microsoft’s October Patch Batch Fixes 62 Flaws

One Nigerian man’s simple phishing campaign drains thousands from corporate coffers

One Nigerian man, working alone and using old malware, launched an email-based malware campaign that successfully stole thousands of dollars from manufacturing, banking and construction companies around the world. A new report from CheckPoint Technologies spotlights a low-sophistication campaign of business email compromise (BEC) attacks against 4,000 global companies in the last four months. Security researchers say they traced the attacks back to a single individual in his mid-20s aiming infect target networks, steal data and commit fraud. The thousands of attempts have resulted in 14 companies being infected. Nigerian and international law enforcement were informed a month ago, CheckPoint threat intelligence manager Maya Horowitz told CyberScoop, but it’s not clear if any action has been taken. The attacker uses the phrase “get rich or die trying” on social media accounts, the researchers said, lending that name to the case study. The attacker uses fake emails appearing to come from Saudi Aramco, the second-largest daily oil […]

The post One Nigerian man’s simple phishing campaign drains thousands from corporate coffers appeared first on Cyberscoop.

Continue reading One Nigerian man’s simple phishing campaign drains thousands from corporate coffers