SecurityWeek

The creators of the Mooltipass hardware password manager have unveiled the Mooltipass Mini BLE, a Bluetooth-enabled version of the device that includes many new and useful features.

Digital banking service Dave announced over the weekend that user data was compromised in a third-party security incident.

The Federal Bureau of Investigation has issued an alert to inform organizations in the United States of the risk associated with the use of Chinese tax software.

Australia’s consumer watchdog launched court action against Google on Monday alleging the technology giant misled account holders about its use of their personal data.The Australian Competition and Consumer Commission’s action in the Federal Court is the latest litigation Google has faced around the world over allegations of privacy breaches.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Friday to warn organizations about the risk posed by a recently patched vulnerability affecting F5 Networks’ BIG-IP application delivery controller (ADC).

Microsoft announced last week that it has added scenario-based rewards to the Windows Insider Preview (WIP) Bounty Program, with a top bounty of $100,000.

US officials and scientists have begun laying the groundwork for a more secure "virtually unhackable" internet based on quantum computing technology.

Computer networks of smartwatch and electronics firm Garmin were offline Friday in an incident which raised concerns of a ransomware attack affecting both its aviation and fitness app services.

CalypsoAI, a California-based company that specializes in artificial intelligence and machine learning cybersecurity, announced this week that it has raised $13 million in a Series A funding round.

Twitter says an elected Dutch official was among 36 account holders whose direct message inboxes were accessed in a recent high-profile hack.

The U.S. National Security Agency and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have issued a joint alert urging critical infrastructure operators to take immediate measures to reduce the exposure of operational technology (OT) systems to cyberattacks.

Chinese drone giant Da Jiang Innovations (DJI) on Thursday responded to the disclosure of security issues discovered by researchers in one of its Android applications.

A genealogy website used to catch one of California’s most wanted serial killers remained shut down Thursday after a security breach exposed the DNA profiles of more than a million people to law enforcement agencies.

Cisco this week informed customers that it has patched a high-severity path traversal vulnerability in its firewalls that can be exploited remotely to obtain potentially sensitive files from the targeted system. The first attempts to exploit the flaw were observed shortly after disclosure.

Cloud communications platform as a service (CPaaS) company Twilio this week disclosed a security incident that resulted in hackers uploading a modified version of the TaskRouter JS SDK to its site.The incident happened on July 19 and was discovered several hours later, with the modified file being replaced within an hour.

CyCognito, a company that focuses on identifying and eliminating shadow risks in business environments, has closed a $30 million Series B funding round. To date, the company raised $53 million.

Apple this week kicked off another initiative meant to improve the security of iPhones, by offering hackable phones to security researchers.

Facebook on Wednesday unveiled new privacy and security features for its Messenger application.

The global pandemic has highlighted the importance of being prepared for the unexpected. Opportunistic attackers are taking advantage of rapidly changing work environments and stretched security teams to launch a surge in attacks. While there was no way to fully anticipate the impact to our organizations and be prepared from day-one with a detailed plan, there is a lot we can learn to strengthen our resilience to emerging threats. 

Kaspersky’s security researchers have identified a multi-platform malware framework that they believe North Korea-linked hackers have been leveraging in attacks over the past couple of years.