SecurityWeek

Western Digital (WD) on Tuesday confirmed that the recent attacks targeting some of its older network-attached storage (NAS) devices involved the exploitation of a zero-day vulnerability.

API security platform Noname Security today announced that it has raised $60 million in Series B funding. The new round brings the total raised by the company to $85 million.

Governments worldwide are too often playing catch-up against private cyberspace operators in what is poised to become a key arena for defending national interests, the International Institute for Strategic Studies said Tuesday.

A security researcher has disclosed the details of a vulnerability that can be exploited to take over virtual machines (VMs) on Google Cloud Platform.

Colombian officials say they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012.

Multiple large organizations were found to be impacted by an authentication bypass in Adobe Experience Manager CRX Package Manager, according to a warning from security vendor Detectify.

Start-up Helps Combat Analyst Alert Fatigue

Google on Monday announced new security measures for developer accounts on Google Play, meant to ensure that each account is created by a real person.

Germany-based industrial solutions provider Phoenix Contact last week informed customers that a total of 10 vulnerabilities have been identified across several of the company’s products.

Healthcare data management provider HealthVerity this week announced that it has raised $100 million in Series D funding, which brings the total raised by the company to $142 million.

The UN Security Council on Tuesday will hold its first formal public meeting on cybersecurity, addressing the growing threat of hacks to countries' key infrastructure, an issue Joe Biden recently raised with his Russian counterpart Vladimir Putin.

SentinelOne on Monday updated the terms of its initial public offering (IPO), and the endpoint security company is now hoping to raise over $1 billion.SentinelOne filed for an IPO in early June and in an amendment made to its S-1 registration statement on June 21 the company revealed that it’s offering 32 million shares of its Class A common stock.

Microsoft is investigating an incident where a threat actor submitted malicious drivers for certification through the Windows Hardware Compatibility Program.Built by a third-party, the drivers were designed to target gaming environments and could allow the attacker to spoof their location and play from anywhere.

Mozilla has a new privacy-focused data sharing platform that provides users with increased control of their data and also allows them to contribute to a better Internet.

The pivot to remote work forced by the Covid-19 outbreak was sudden, but security stepped up to the challenge. According (ISC)², the association of certified cybersecurity professionals, three out of ten said they had a day or less to secure their employers’ remote workers. 

Mercedes-Benz USA said last week that sensitive personal information pertaining to its customers was inadvertently exposed by a vendor.

Microsoft-owned software development solutions provider GitHub announced on Friday that it has paid out more than $1.5 million through its bug bounty program since 2016, when it started using the HackerOne bug bounty platform.

Microsoft says it has observed new activity associated with Nobelium, the Russia-linked threat actor that compromised IT management and monitoring solutions provider SolarWinds.

A cross-site scripting (XSS) vulnerability patched last year in Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software has reportedly been exploited in the wild.