Google late Monday raised the alarm about a “government-backed entity based in North Korea” targeting -- and hacking into -- computer systems belonging to security researchers.Google’s Threat Analysis Group (TAG), a team that monitors global APT activity, said the ongoing campaign is aimed at security researchers working on vulnerability research and develop

Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials.   The browser refresh also drops support for the FTP protocol and for the Adobe Flash plugin.With Microsoft Edge 88.0.705.50 now rolling out, users get a built-in strong password ge

A recently identified malvertising campaign targeting mobile and other connected devices users makes heavy use of obfuscation and cloaking to avoid detection.Dubbed LuckyBoy, the multi-stage, tag-based campaign is focused on iOS, Android, and Xbox users. Since December 2020, it penetrated over 10 Demand Side Platforms (DSP), primarily Europe-based, with obse

The Federal Bureau of Investigation has issued a Private Industry Notification (PIN) to warn of attacks targeting enterprises, in which threat actors attempt to obtain employee credentials through vishing or chat rooms.Taking advantage of the COVID-19 pandemic, which has forced the broad adoption of telework, cyber-criminals and threat actors are attempting

Canadian data security startup Qohash this week announced it raised CAD 8 million (approximately USD $6.3 million) in Series A funding. The financing was led by FINTOP Capital.Founded in 2018, the Quebec-based company provides customers with solutions focused on data discovery and classification, helping enterprises monitor data across their environments. Fu

The ongoing controversies surrounding TikTok hit a new gear on Thursday with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google.According to a Wall Street Journal report, TikTok used a banned tactic to bypass the privacy safeguard in Android to collect unique identifiers from millions of

Microsoft on Tuesday released the first batch of security patches for 2021 with fixes for 83 documented security vulnerabilities, including a "critical" bug in the Defender security product that's being actively exploited.Security experts are urging security response personnel to pay special attention to CVE-2021-1647, which describes a remote code execution

German software maker SAP has published 10 advisories to document flaws and fixes for a range of serious security vulnerabilities.SAP also published a total of 7 other updates for previously released security notes on this month’s Patch Day, for a total of 17 Notes. Five of these carry the highest severity rating of Hot News.Dealing with multiple vulnerabili

At the virtual Consumer Electronics Show (CES) on Monday, chipmaker Intel announced CPU-based ransomware detection capabilities has been fitted directly into the Intel vPro platform.  Increasingly targeting businesses, ransomware has become the most prominent threat to enterprises, requiring advanced solutions to keep their data and the data of the

F5 Networks (NASDAQ: FFIV) announced on Thursday that it has agreed to acquire Volterra, a Santa Clara, Calif.-based provider of tools that help customers deploy applications and build clouds across multiple cloud providers or their own edge locations.Under the terms of the agreement, F5 will pay roughly $440 million in cash and approximately $60 million in

Lacework, a five-year-old cybersecurity company that automates security across enterprise cloud deployments, has reached unicorn status with the closing of a $525 million round of Series D financing.The Silicon Valley company, which automates security across public and private cloud deployments, is now valued north of $1 billion.Driven by post-pandemic digit

Business communications platform Slack is scrambling to recover from an ongoing outage that is proving disruptive to cybersecurity response teams around the world.At 7:15AM PST, the San Francisco, Calif.-based Slack confirmed users were “having trouble loading channels or connecting to Slack.”   No other details were provided on the cause of the ou

The holiday season is upon us. After a difficult year, and facing an even more challenging year ahead, digital defense experts don’t have visions of sugar plums dancing in their heads. Instead, they dream of cybersecurity tools and other resources to help them cope with a wild threat landscape.  Here’s our ultimate holiday wish list. 

Palo-Alto, California-based application intelligence startup Bionic on Thursday announced that it has emerged from stealth mode with $17 million in seed and Series A funding.The company’s platform is designed to help enterprises perform an inventory of their applications (including cloud, Kubernetes and on-premises), identify their entire architecture, APIs

The Open Source Security Foundation (OpenSSF) announced on Wednesday at the Black Hat Europe conference the availability of an open source tool designed for evaluating the ability of static analysis security testing (SAST) products to detect vulnerabilities.The new tool, named OpenSSF CVE Benchmark, provides vulnerable code and metadata related to 218 known