SecurityWeek

The FTC is sending a total of $5.6 million in refunds to over 117,000 Ring customers as result of a 2023 settlement.

The Brocade SANnav management application is affected by multiple vulnerabilities, including a publicly available root password.

Zero trust endpoint security company ThreatLocker has announced a $115 million Series D funding round that brings the total to $240 million. 

IBM is acquiring HashiCorp for $6.4 billion for its infrastructure lifecycle management and security lifecycle management capabilities.

Pope Francis has called for an international treaty to ensure AI is developed and used ethically, devoting his annual peace message this year to the topic.

Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks.

KnowBe4 boasts that the merger will create “the largest, advanced AI-driven cybersecurity platform for managing human risk.”

As a security industry, we need to focus our energies on those professionals among us who know how to walk the walk.

A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners.

Irish startup Tines raises $50 million in new venture capital funding as investors make big bets on automation and orchestration startups.

Google patches CVE-2024-4058, a critical Chrome vulnerability for which researchers earned a $16,000 reward. 

Amplifier Security has raised $3.3 million in funding for a solution that includes human-in-the-loop automation and an AI copilot.

Nagomi Security, a company that helps customers prevent threats by leveraging existing security tools, emerged from stealth with $30 million in funding. 

CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.

A threat actor tracked as CoralRaider has been using multiple infostealers to harvest credentials from users worldwide.

SD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE. 

Hive Systems conducts another study on cracking passwords via brute-force attacks, but it’s no longer targeting MD5.

Bain Capital Ventures and angel investors invest $11 million in automated alerts analysis startup Prophet Security.

Four Iranians are accused of hacking into critical systems at the Departments of Treasury and State and dozens of private US companies.

The judge with Spain’s National Court said there is reason to believe that the new information provided by France can “allow the investigations to advance.”