The Federal Communications Commission (FCC) has reached a $13 million settlement with AT&T to resolve a probe into whether the telecom giant failed to protect customer data after a vendor’s cloud environment was breached three years ago. […]
CISA urges software devs to weed out XSS vulnerabilities
CISA and the FBI urged tech companies to review their software and eliminate cross-site scripting (XSS) vulnerabilities before shipping. […]
Intezer Raises $33M to Extend AI-Powered SOC Platform
Intezer is looking to tap into booming market for AI-powered tooling to address the severe shortage of skilled cybersecurity professionals.
The post Intezer Raises $33M to Extend AI-Powered SOC Platform appeared first on SecurityWeek.
Ransomware gangs now abuse Microsoft Azure tool for data theft
Ransomware gangs like BianLian and Rhysida increasingly use Microsoft’s Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage. […]
C/side Raises $6 Million to Secure the Browser Supply Chain
C/side has raised $6 million in a seed-stage funding round to help organizations protect against malicious browser third-party scripts.
The post C/side Raises $6 Million to Secure the Browser Supply Chain appeared first on SecurityWeek.
Hundreds Wounded After Pagers Detonate in Lebanon, Media and Security Officials Say
A Hezbollah official speculated that malware may have caused the pagers to heat up and explode.
The post Hundreds Wounded After Pagers Detonate in Lebanon, Media and Security Officials Say appeared first on SecurityWeek.
Software Security Firm RunSafe Raises $12 Million in Series B Funding
RunSafe Security has raised $12 million in a Series B funding round for a solution designed to help companies develop secure software.
The post Software Security Firm RunSafe Raises $12 Million in Series B Funding appeared first on SecurityWeek.
The AI Threat: Deepfake or Deep Fake? Unraveling the True Security Risks
When it comes to adversarial use of AI, the real question is whether the AI threat is a deep fake, or whether the deepfake is the AI threat.
The post The AI Threat: Deepfake or Deep Fake? Unraveling the True Security Risks appeared first on SecurityWeek.
PKfail Secure Boot bypass remains a significant risk two months later
Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit malware attacks. […]
D-Link Patches Critical Router Vulnerabilities
D-Link has released patches for critical vulnerabilities that could allow attackers to execute arbitrary code and commands on routers.
The post D-Link Patches Critical Router Vulnerabilities appeared first on SecurityWeek.