SecurityWeek

New Zealand's central bank said Sunday it was responding with urgency to a "malicious" breach of one of its data systems, a third-party file sharing service that stored "sensitive information".

Hundreds of protesters stormed the U.S. Capitol on Wednesday just as the House and Senate were certifying the election victory of Joe Biden. While much of the focus was on the physical destruction caused by the protesters, many people have pointed out that rioters gained access to computers in the Capitol, which in some cases were still turned on and logged in, as their users were forced to quickly evacuate.

NVIDIA this week announced the release of software updates for its GPU display drivers and vGPU software, with fixes for a total of 16 vulnerabilities.

Equifax on Friday announced plans to shell out $640 million to acquire Kount, a company that sells e-commerce retail fraud protection.The Atlanta, Ga.-based Equifax said the deal would expand its worldwide footprint in digital identity and fraud prevention solutions.

Researchers have discovered vulnerabilities that expose Rockwell Automation’s FactoryTalk Linx and RSLinx Classic products to denial-of-service (DoS) attacks.

A global cyber espionage campaign has resulted in the networks of many organizations around the world becoming compromised after the attackers managed to breach the systems of Texas-based IT management and monitoring solutions provider SolarWinds. Specifically, the attackers compromised the build system for the company’s Orion monitoring product, which enabled them to deliver trojanized updates […]

SolarWinds Hires New Cybersecurity Firm Founded by Former CISA Director Chris Krebs and Alex Stamos, Former Security Chief at Yahoo and Facebook

Mozilla is strengthening the privacy protections in Firefox with the implementation of Encrypted Client Hello (ECH), an evolutionary step from Encrypted Server Name Indication (ESNI).

United States Secretary of State Mike Pompeo this week approved the creation of the Bureau of Cyberspace Security and Emerging Technologies (CSET).

Offered under a Ransomware-as-a-Service (RaaS) business model, the Egregor ransomware poses a great threat to businesses due to the use of double extortion, a recent private industry notification from the Federal Bureau of Investigation warns.

An investigation has been launched into the impact of the SolarWinds breach on the computer systems used by federal courts in the United States, which reportedly represented a target of interest to the hackers.

A prolific Russian hacker who stole data from over a dozen U.S. companies and information about over 100 million U.S. consumers was sentenced Thursday to 12 years in prison after admitting involvement in one of the biggest thefts of consumer data from a U.S. financial institution.

Red Hat on Thursday snapped up container and Kubernetes security startup StackRox, a deal that speeds up its ambitions in the enterprise cloud market.Financial terms of the deal were not announced.

F5 Networks (NASDAQ: FFIV) announced on Thursday that it has agreed to acquire Volterra, a Santa Clara, Calif.-based provider of tools that help customers deploy applications and build clouds across multiple cloud providers or their own edge locations.

Security researchers at AT&T’s Alien Labs have identified multiple malware attacks leveraging the Ezuri memory loader to execute payloads without writing them to disk. 

Virginia-based managed intelligence company Nisos announced this week that it raised $6 million in a new funding round.The investment comes from Paladin Capital Group, as well as from Columbia Capital and Skylab Capital. Nisos previously raised $6.1 million from Columbia Capital, a funding round that was announced in early 2019.

We Have the Capabilities to Persevere and Reach the Next Level of Security Maturity

Lacework, a five-year-old cybersecurity company that automates security across enterprise cloud deployments, has reached unicorn status with the closing of a $525 million round of Series D financing.

The National Security Agency (NSA) this week issued guidance for National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) cybersecurity decision makers, system admins, and network security analysts to replace obsolete versions of the Transport Layer Security (TLS) protocol.

An update released this week by Google for Chrome 87 patches 16 vulnerabilities, including 14 rated high severity. The company has awarded more than $100,000 for these vulnerabilities.