SecurityWeek

Denmark-based data protection company Keepit has raised $50 million, which brings the total investment to $90 million.

ConnectOnCall has disclosed a data breach impacting the personal information of more than 900,000 individuals.

Researchers warn about critical vulnerabilities in Ruijie Networks’ Reyee cloud management platform and Reyee OS network devices.

The new agreement has a narrower scope and additional safeguards to minimize the risk to national security.

Noteworthy stories that might have slipped under the radar: AV brand owner Gen Digital makes a $1 billion acquisition, Microsoft Recall captures sensitive data, MITRE releases ATT&CK evaluations.

Byte Federal says the personal information of 58,000 was compromised after a GitLab flaw allowed attackers to access a server.

The US announced the takedown of Rydox, a marketplace for stolen personal information, and the arrest of three administrators.

Microsoft has patched potentially critical vulnerabilities in Update Catalog and Windows Defender on the server side. 

Germany’s cybersecurity agency BSI has sinkholed a botnet of 30,000 devices shipped with BadBox malware pre-installed.

The Iranian threat group CyberAv3ngers has used custom-built malware named IOCONTROL to target IoT and OT devices in the US and Israel.

The Justice Department announced indictments against 14 North Koreans for involvement in a scheme to pose as remote IT workers to violate sanctions and commit wire fraud, money laundering, and identity theft.

Phishing is more than a mere nuisance—it is a formidable precursor to destructive data breaches.

Threat intel startup Silent Push has raised $10 million in a funding round co-led by Ten Eleven Ventures and Stepstone Group LP.

Sublime said the new capital was provided by IVP, Citi Ventures, Index Ventures, Decibel Partners, and Slow Ventures and brings the total raised to $93.8 million.

Fortinet has acquired Israeli collaboration and email security company Perception Point to expand its offering.

The potential for how AI may change the way we work is endless, but we are still a way off from this and careful planning and consideration is what is needed. 

Lookout details EagleMsgSpy, a surveillance tool used by Chinese law enforcement to collect data from Android devices.

Oasis Security has disclosed AuthQuake, a method for bypassing Microsoft MFA within an hour without user interaction.

Law enforcement agencies in 15 countries cooperated in taking down 27 websites selling DDoS-for-hire services.

Cleo has released patches for the exploited vulnerability and security firms have detailed the malware delivered in attacks.