SecurityWeek

The Office of the Washington State Auditor (SAO) has disclosed a cybersecurity incident in which the personal information of more than 1 million individuals might have been stolen.

SonicWall on Monday confirmed that its Secure Mobile Access (SMA) 100 series appliances are affected by a zero-day vulnerability that has apparently already been exploited in attacks.

Apple this week released security updates to address multiple vulnerabilities in macOS and Safari, including a flaw that can be exploited for the recently disclosed NAT Slipstreaming 2.0 attack.

Researchers at cybersecurity firm ESET say they have uncovered an espionage campaign that has targeted online gamers in Asia through a compromised software company.

Several U.S. lawmakers sent a letter to the National Security Agency last week in an effort to find out more about its role in the backdoor discovered in Juniper Networks products back in 2015, as well as the steps taken by the agency following the Juniper incident, and why those steps failed to prevent the recent SolarWinds hack.

Two French citizens and a Moroccan went on trial in Paris on Monday charged with planning attacks after their cyber network was successfully infiltrated by a French intelligence agent posing as a jihadist.

The cybercriminals behind the Fonix ransomware have announced plans to shut down their activity, and have already released the master decryption key for the malware.

Collaboration is a Hallmark of Successful Security Teams

Trial lawyer Robert Fisher is handling one of America’s most prominent counterintelligence cases, defending an MIT scientist charged with secretly helping China. But how he’ll handle the logistics of the case could feel old school: Under new court rules, he’ll have to print out any highly sensitive documents and hand-deliver them to the courthouse.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) says many of the victims of the threat group that targeted Texas-based IT management firm SolarWinds were not directly linked to SolarWinds.

Cloud data protection provider OwnBackup has completed a $167.5 million Series D funding round, which helped it reach “unicorn” status, at a valuation close to $1.4 billion. To date, the company has raised a total of more than $267.5 million in funding.

The Perl.com domain, which since 1997 had been serving articles about Perl programming, was hijacked last week.Managed by The Perl Foundation, the site had David Farrell as editor, but received contributions for numerous Perl programming language enthusiasts, including Brian Foy, who also authored several books on Perl.

Mission Secure, a provider of visibility and cybersecurity solutions for industrial environments, announced this week that it has closed a Series B financing round in the amount of $5.6 million. 

Chicago-based wireless carrier UScellular started informing customers last week that their personal information may have been accessed and their phone numbers ported as a result of a cybersecurity breach.

The Covid-19 pandemic has been raging for nearly a year now.  With the pandemic has come a tremendous amount of uncertainty.  Many of us wonder when we will be able to return to normal life, when we will be able to see family and friends, and when we might resume those everyday activities we used to take for granted.

Endpoint management and security solutions provider Tanium this week announced the sale of $150 million in common stock to Ontario Teachers’ Pension Plan Board.Ontario Teachers’ made the funding investment through its Teachers’ Innovation Platform (TIP), which is involved in late-stage venture and growth equity investments in validated technologies.

A threat actor believed to be tied to the Lebanese government has compromised hundreds of servers pertaining to organizations worldwide, while maintaining a low profile, threat intelligence firm ClearSky reveals.

Hackers Are Winning Battles, While Victims are Gaming the Notification Laws

Cybercriminals shifted away from stealing individual consumers’ information in 2020 to focus on bigger, more profitable attacks on businesses, according to a report from the Identity Theft Resource Center.