SecurityWeek

A new ransomware family packs multiple unique features, including to improve performance and give its operators the option to only target networked SMB shares, VMware-owned Carbon Black reveals.

XM Cyber, an Israel-based company that offers a cyberattack simulation platform, announced on Thursday that it raised $17 million in a Series B funding round.The latest funding round, which brings the total raised by the firm to $49 million, saw participation from Macquarie Capital, Nasdaq Ventures, Our Innovation Fund, and Swarth Group.

Several critical remote code execution vulnerabilities were addressed in Android this week with the release of the July 2020 set of security patches, including three in the media framework and system components.

More than 15 billion username and password pairs have been offered on cybercrime marketplaces, including over 5 billion unique credentials, according to a report published on Wednesday by San Francisco-based risk protection solutions provider Digital Shadows.

Chinese telecoms giant Huawei urged Britain on Wednesday not to rush into taking any costly decision to phase out its equipment from the UK's 5G network because of US sanctions.

Over the past three years, one of the groups operating under the Magecart umbrella has targeted over 570 e-commerce websites and likely made more than $7 million, threat intelligence company Gemini Advisory reports.

Over the past year, a Russian cybercrime group has launched over 200 business email compromise (BEC) campaigns targeting multinational organizations.Referred to as Cosmic Lynx, the threat actor has targeted individuals in 46 countries on six continents, nearly all of whom were employees of Fortune 500 or Global 2000 companies.

Researchers at endpoint security company SentinelOne have created a tool that enables users to recover files encrypted by the Mac malware named ThiefQuest, which poses as ransomware.

A federal judge on Tuesday rejected a challenge by internet service providers and upheld Maine’s “opt-in” web privacy law, one of the strictest in the nation.

Researchers have found a way to bypass one of the mitigations proposed by F5 Networks for the actively exploited BIG-IP vulnerability, but malicious hackers leveraged the bypass method before its public disclosure.

A harmless-looking currency converter application downloaded by more than 10,000 users from Google Play was designed to deliver the Cerberus banking Trojan.

Two weeks after a cyber-security firm released the identity of an alleged hacker from Kazakhstan, federal authorities in Seattle on Tuesday unsealed a 2018 indictment charging the man with an array of computer crimes.

Citrix informed customers on Tuesday that it has patched 11 vulnerabilities in its ADC, Gateway, and SD-WAN networking products, and highlighted that the flaws are not related to CVE-2019-19781, which has been exploited in many attacks.

Microsoft has filed a lawsuit in an effort to seize control of several domains used to launch COVID-19-themed cyberattacks against the company’s customers in 62 countries.

Recent global events have convinced us that digital transformation is here to stay and, in fact, accelerating. Companies that had already begun to embrace digital transformation were able to adapt more quickly to disruption and demonstrate greater resiliency. Now that the initial rush to support a shift to a more distributed model is behind us, we have an opportunity to pause and consider what work still needs to be done to further resiliency.

Renewable energy company EDP Renewables North America (EDPR NA) has started informing customers that its internal systems were breached by cybercriminals.

The developers of the Purple Fox exploit kit (EK) have added two new exploits to their arsenal, including one for a vulnerability addressed in February this year.

Microsoft on Monday unveiled Project Freta, a free service that allows users to find rootkits and other sophisticated malware in operating system memory snapshots.

China's ambassador to Britain on Monday warned that London faced a risk to its international reputation if it blocked Huawei from the nation's 5G network.

A Nigerian national who has more than 2.5 million followers on Instagram, where he flaunts his lavish lifestyle, was extradited from the United Arab Emirates (UAE) and appeared in court in the United States to face cybercrime-related charges.