SecurityWeek

ESET’s security researchers have discovered yet another piece of malware that Russian cyber-espionage group Turla has been using in its attacks.

Like many markets in technology, the fraud detection and prevention category is a crowded one. With different types of solutions approaching the fraud problem space from different angles, it’s worth asking the question: What problem or problems are we actually trying to solve with this class of solutions?  To my knowledge, enterprises are most often interested in reducing fraud losses.

Threat actors are targeting an Oracle WebLogic flaw patched last month in an attempt to install a piece of malware named DarkIRC on vulnerable systems.

UK-based cybersecurity company Glasswall this week announced that it has raised £18 million ($24 million) in equity capital, which it will use to fund its expansion.The funding round was led by IPGL, with participation from Lord Rose, chairman of Ocado, Lance Uggla, chairman and CEO of IHS Markit, and Andy Bell, founder and CEO of AJ Bell.

Container security company Prevasio has analyzed 4 million public Docker container images hosted on Docker Hub and found that over half of them had critical vulnerabilities and thousands of images included malicious or potentially harmful elements.

Google Details iPhone Zero-Click Exploit Allowing Theft of User Data, Including Photos, Emails

Threat actors are continuously targeting United States think tanks, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warn.

Threat intelligence provider EclecticIQ on Tuesday announced that it has closed a €20 million ($24 million) Series C financing round, which brings the total raised by the company to €47 million ($56 million).

Vulnerabilities discovered by researchers in Rockwell Automation’s FactoryTalk Linx product can allow attackers to compromise engineering workstations in industrial environments.

Cybercriminals have been observed targeting a recently disclosed vulnerability in the GO SMS Pro messaging application to steal user data.

School continues to be out for more than 100,000 students in Baltimore County following a ransomware attack on the district’s network.

Brazilian airplane maker Embraer on Monday disclosed a cyberattack that, according to some reports, involved ransomware.

A nation-state threat actor was observed using cryptocurrency miners to avoid attracting too much attention and establish persistence in targeted networks, Microsoft reported on Monday.

A North Carolina man was sentenced to 95 months in federal prison for his involvement in multiple cyber and swatting attacks.

Online learning solutions provider K12 Inc., which recently announced changing its name to Stride Inc., said on Monday that it had decided to pay a ransom to cybercriminals who managed to breach its systems and deploy a piece of ransomware.

Threat actors could target DNA researchers with malware in an effort to modify synthetic DNA orders and create pathogens or toxins, researchers warn.

Wireless carriers in the U.K. won’t be allowed to install Huawei equipment in their high-speed 5G networks after September 2021, the British government said Monday, hardening its line against the Chinese technology company.

The WebKit browser engine is affected by several vulnerabilities, including ones that can be exploited for remote code execution by convincing the targeted user to visit a malicious website.WebKit is an open source engine that has been used by Safari and other Apple products, as well as many other apps for macOS, iOS and Linux.

Reduce Your Risk by Practicing “Cyber Distancing”