SecurityWeek

High-flying endpoint security vendor SentinelOne plans to spend $155 million to acquire log management startup Scalyr, beefing up a crucial technology piece to drive its ambitions in the  enterprise cybersecurity market.

Polish video game maker CD Projekt RED, the company behind The Witcher and Cyberpunk 2077, said Tuesday hackers had stolen data in a "targeted cyber attack"."An unidentified actor gained unauthorized access to our internal network, collected certain data belonging to CD PROJEKT capital group, and left a ransom note," the company said on Twitter.

Managed security services are undergoing a timely and significant transformation, armed with new hyperscalable technology stacks, hybrid enterprise and cross-cloud protection complexities, and a demand to evolve from 24/7 eyes-on-glass into hands-on customer-integrated early warning and response. If it wasn’t a tired industry cliché we’d probably be adding “next-generation” or NG prefixes to many of these newly transformed managed services.

Following a two-year downtime, an Iran-linked cyberespionage operation has recommenced with new second-stage malware and with an updated variant of the Infy malware, according to joint research conducted by cybersecurity firms SafeBreach and Check Point.

North Korea has modernized its nuclear weapons and ballistic missiles by flaunting United Nations sanctions, using cyberattacks to help finance its programs and continuing to seek material and technology overseas for its arsenal, U.N. experts said.

An update released last week by Mozilla for Firefox 85 patches a critical information disclosure vulnerability that can be chained with other security flaws to achieve arbitrary code execution.

The National Cyber Investigative Joint Task Force (NCIJTF) on Friday released a joint-sealed ransomware factsheet detailing common attack techniques and means to ensure prevention and mitigation.

More than 1,200 Iranian citizens have been targeted in extensive cyber-surveillance operations backed by the Iranian government, researchers with cybersecurity firm Check Point report.

Google last week announced the launch of OSV (Open Source Vulnerabilities), which the internet giant has described as a vulnerability database and triage infrastructure for open source projects.

Web development resources provider SitePoint has notified users of a data breach that resulted in some of their information being stolen.Based in Melbourne, Australia, and established more than two decades ago, SitePoint provides users with access to tutorials and books that can help them learn the basics of web development.

A recently investigated malicious attack was abusing a locally loaded Chrome extension to exfiltrate data and establish communication with the command and control (C&C) server.

Google is weaning itself off user-tracking "cookies" which allow the web giant to deliver personalized ads but which also have raised the hackles of privacy defenders.

Google late Thursday night shipped an emergency patch to close a Chrome browser vulnerability that was being used in mysterious zero-day attacks.

Atlanta-based packaging giant WestRock (NYSE: WRK) on Friday shared an update on the recent ransomware incident that impacted the company’s information technology (IT) and operational technology (OT) systems.

Malicious actors have been abusing Plex Media Server to amplify distributed denial-of-service (DDoS) attacks, according to application and network performance management company Netscout.

Industrial cybersecurity firm OTORIO this week announced the availability of a new open source tool designed to help organizations secure their GE CIMPLICITY systems.

Google this week said it paid out more than $6.7 million in rewards as part of its bug bounty programs in 2020.

In response to speculation that its services may have been leveraged as an initial entry point by the hackers who breached IT management firm SolarWinds, Microsoft said on Thursday there was no evidence to back those claims.