SecurityWeek

The CEO of Gab, a social network favored by the US political right, said the platform had been attacked by "demon hackers" after an activist group released user data described as an important resource for research on the far right.

Security researchers at Recorded Future have spotted a suspected Chinese APT actor targeting a wide range of critical infrastructure targets in India, including power plants, electricity distribution centers and Indian seaports.

JFC International, a major distributor and wholesaler of Asian food products, last week revealed that it was recently targeted in a ransomware attack that disrupted some of its IT systems.The attack apparently only impacted JFC International’s Europe Group, which said it had notified authorities, employees and business partners about the incident.

The trouble with ransomware is well known at this point.

Identity-as-a-Service (IDaaS) company Auth0 announced on Monday that Jameeka Green Aaron has joined the company as Chief Information Security Officer (CISO).

TripleBlind, a Kansas City, Missouri-based startup that provides data privacy solutions, on Monday announced raising $8.2 million in seed funding.

French boat maker Groupe Beneteau is working on restoring operations after falling victim to a cyber-attack roughly ten days ago.Founded in 1884, the Vendée, France-based company employs more than 8,000 people in France, the United States, Poland, Italy and China, and focuses on two business lines: boats and leisure homes.

The U.S. National Security Agency (NSA) has published guidance on how security professionals can secure enterprise networks and sensitive data by adopting a Zero Trust security model.

State and local governments will be required to spend a portion of nearly $1.9 billion in annual federal public safety grants on the fight against domestic extremism and improved cybersecurity, the Department of Homeland Security said Thursday.

Many cybersecurity-related mergers and acquisitions were announced in February 2021, including by Akamai, Proofpoint, SentinelOne, Tenable, CrowdStrike and Palo Alto Networks.

A critical vulnerability discovered in a firewall appliance made by Germany-based cybersecurity company Genua could be useful to threat actors once they’ve gained access to an organization’s network, according to Austrian cybersecurity consultancy SEC Consult.

IT asset management company Axonius has raised $100 million in Series D funding, the company told SecurityWeek Sunday. Led by private equity firm Stripes, the latest funding round brings the total amount raised by the New York based company to $195 million at more than $1 billion valuation.

A federal judge on Friday approved a $650 million settlement of a privacy lawsuit against Facebook for allegedly using photo face-tagging and other biometric data without the permission of its users.

HYAS, a Victoria, Canada-based provider of threat intelligence based on adversary infrastructure, announced this week that it has closed a $16 million Series B round of funding led by S3 Ventures. 

Having trouble scoring a COVID-19 vaccine appointment? You’re not alone. To cope, some people are turning to bots that scan overwhelmed websites and send alerts on social media when slots open up.

In early 2021, a Chinese threat actor tracked as TA413 attempted to hack into the Gmail accounts of Tibetan organizations using a malicious browser extension, researchers with cybersecurity firm Proofpoint have discovered.

An analysis of 40 COVID-19 contact tracing applications for Android has led to the discovery of numerous security and privacy issues, according to a new research paper.Contact tracing applications have been created to help authorities automate the process of identifying those who have been in close contact with infected individuals.

Microsoft on Thursday announced the open source availability of CodeQL queries that it used during its investigation into the SolarWinds attack.

Industrial organizations have been warned this week that a critical authentication bypass vulnerability can allow hackers to remotely compromise programmable logic controllers (PLCs) made by industrial automation giant Rockwell Automation.