A pair of German security researchers have publicly documented the discovery of a drive-by code execution vulnerability in Windows 10 and criticized Microsoft for botching its response to the still-unfixed security problem.The security defect is an argument injection in the Windows 10/11 default handler for ‘ms-officecmd:’ URIs and was successfully chained w

Researchers at Positive Security have discovered a drive-by remote code-execution (RCE) bug in Windows 10. The vulnerability can be triggered by an argument injection in the Windows 10 default handler for ms-officecmd: URIs. It is likely that this vulnerability also exists in Windows 11. What’s worrying is that the research team simply decided to find a c

The health care industry is one of the most popular and lucrative targets for cyberattacks and malicious activity. Health care organizations always present as an attractive proposition to hackers as they possess high volumes of sensitive information about patients and rely on highly vulnerable medical devices. Advancements in medical procedures and the grow

LogDNA, a late-stage startup that helps DevOps teams scour logs for signs of problems, has secured a new $50 million investment led by Dave DeWalt’s NightDragon venture capital firm.In addition to NightDragon, Emergence Capital and Initialized Capital also participated in the latest financing.The Series D funding round brings the total raised by the San Fran

Grip Security, an Israeli startup that helps organizations securely adopt software-as-a-service (SaaS), on Tuesday announced the closing of a $19 million Series A funding round led by Intel Capital.Founded in February 2021, the Tel Aviv-based SaaS security provider emerged from stealth in April 2021 with $6 million in seed investment. Existing investor YL Ve

Web traffic protection provider Kasada on Monday announced it has raised $23 million in Series C funding. To date, the company has raised $39 million.The new funding round was led by new investor StepStone Group. Existing investors Main Sequence Ventures, Reinventure, Our Innovation Fund, Ten Eleven Ventures, and Turnbull & Partners also participated.Fou

A total of 226 potential security defects were identified in nine Wi-Fi routers from known manufacturers as part of a study performed by IoT Inspector security researchers and editors with the German IT magazine CHIP.The TP-Link Archer AX6000 router was the most impacted, with a total of 32 security issues identified. Next in line was Synology RT-2600ac, wit

Threat actors have started to exploit the interest in the Omicron COVID-19 variant and are using it as a lure in phishing campaigns. Crooks have already started exploiting the interest in the Omicron COVID-19 variant and are using it as a lure in phishing attacks. People are interested in the spreading of the new variant, the efficiency of the vaccine

Panther Labs, an early stage startup that specializes in detection and response analytics, has raised a whopping $120 million in a new round of funding led by hedge fund Coatue Management.Panther Labs said the Series B investment was raised at a $1.4 billion valuation, putting the company among a growing list of ‘unicorn’ cybersecurity startups.In addition t

The U.S. government’s cybersecurity agency has updated its catalog of “known exploited vulnerabilities” and set deadlines for federal agencies to apply fixes for security defects in software made by Qualcomm, Mikrotik, Zoho and the Apache Software Foundation.Citing evidence of active exploitation against five specific vulnerabilities, the Cybersecurity and I

Finland’s National Cyber Security Centre (NCSC-FI) has issued a warning about malicious SMS messages that have been spammed out to mobile users, directing iPhone owners to phishing sites and Android users to download malware.The messages are written in Finnish but without the customary accented characters. In some instances, the messages pose as a noti

The surge in venture capital bets on startups in the nascent attack surface management business continued apace Wednesday with Israeli risk management firm CyCognito announcing a new $100 million funding round.CyCognito, which maintains headquarters in Tel Aviv and offices in Silicon Valley, has raised a total of $153 million since launching three years ago

Cryptocurrency trading powerhouse Coinbase on Tuesday announced plans to acquire Unbound Security, an Israeli startup that provides protection for cryptographic keys and credentials.Financial terms of the planned acquisition were not released but reports out of Israel peg the price tag in the range of $150 million. Unbound Security raised approximately

Privacy-focused techology startup Soveren on Tuesdfirsay announced it has closed a $6.5 million seed round led by firstminute capital. Northzone also invested in the startup, along with multiple private investors.Soveren is building technology to help companies identify and resolve incidents and risks to ensure they can protect privacy and meet regulatory ob

Axiado Corp, a hardware security firm based in San Jose, Calif., has banked $25 million in what is being described as an “oversubscribed” Series B funding round.The company is building a Trusted Control/Compute Unit (TCU) product that is being positioned as a new class of security processors that provide platform root-of-trust for large enterprise customers.