SecurityWeek

Endpoint security provider Morphisec on Thursday announced that it has raised $31 million in a new funding round led by JVP, with participation from existing investors, such as Orange and Deutsche Telekom Capital Partners.

The U.S. Cyber Command conducted more than two dozen operations aimed at thwarting interference in last November’s presidential election, the general who leads the Pentagon’s cyber force said Thursday.

Cisco this week announced the release of software updates that address several vulnerabilities in Jabber for desktop and mobile platforms, the most severe of which could be abused to execute arbitrary code with elevated privileges.

Solarwinds has shipped a major security update to fix at least four documented security vulnerabilities, including a pair of bugs that be exploited for remote code execution attacks.

The idea of a security platform is not new. Neither are the issues related to security and vendor sprawl inside an organization. The original idea behind the Next-Gen Firewall was to blend several products into a single platform to reduce IT overhead and simplify wiring closets that had been overrun with security devices. And it worked. NGFW solutions quickly became the cornerstone for security implementations in virtually every organization in the world.

The U.S. Cyber Command conducted more than two dozen operations aimed at preventing interference in last November’s presidential election, the general who leads the Pentagon’s cyber force said Thursday.

Business communications platform Slack rushed to take action on Wednesday after customers raised security-related concerns regarding a new feature that allows users to send direct messages to any other Slack user.

The Federal Bureau of Investigation (FBI) this week published an alert to warn of the fact that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives, including the operating system.

Feedzai, a late-stage fintech startup, is the latest entrant into cybersecurity’s unicorn club after snagging a new $200 million funding round that values the company at more than $1 billion.

Over 100,000 WordPress websites could be exposed to attacks targeting a couple of recently addressed vulnerabilities affecting Thrive Theme plugins, warns the Wordfence Threat Intelligence Team at WordPress security company Defiant.

Over the past five years of running a managed security service offering, I’ve received no shortage of questions and requests from customers. They run the gamut from the completely outlandish to questions that have legitimately influenced change. Regardless of the question, it’s important for managed security providers to listen to their customers and accept feedback, whether it’s positive or negative. 

Microsoft on Wednesday announced that its bug bounty programs now also cover the desktop client of its Teams business communications platform.

A former CIA employee cannot get espionage charges against him dismissed on the grounds that there weren’t enough Hispanic or Black individuals on the grand jury that indicted him, a judge ruled Wednesday.

Facebook’s threat intelligence team says it has disrupted a sophisticated Chinese spying team that routinely use iPhone and Android malware to hit journalists, dissidents and activists around the world.

Private aviation services provider Solairus Aviation on Tuesday announced that some employee and customer data was compromised in a security incident at third-party vendor Avianis.

A phishing email campaign detailed earlier this month is expanding with the use of additional email services to hide malicious intent, according to a warning from software giant Microsoft.

UK-based industrial automation company Ovarro recently patched a series of vulnerabilities in its TBox remote terminal units (RTUs). Cybersecurity experts say these flaws could pose a serious risk to organizations.

Taking Down Dark Web Sites May Cause Headache for Both the Bad Guys and the Good Guys

Commercial insurer CNA on Tuesday announced that it was recently targeted in what it described as a sophisticated cyberattack.The Chicago, Illinois-based company is one of the largest commercial insurers in the United States, offering cyber insurance policies alongside a broad range of other insurance products.