A known threat actor has launched what appears to be the first Chinese hacking attempts targeting Ukraine digital assets since the Russian invasion a month ago.
Chinese Hackers Seen Targeting Ukraine Post-Invasion
North Korea Gov Hackers Caught Sharing Chrome Zero-Day
Malware hunters at Google have spotted signs that North Korean government hackers are sharing zero-day browser exploits for use in waves of targeted attacks hitting U.S. news media, crypto-banks and IT organizations.
Ransomware, Malware-as-a-Service Dominate Threat Landscape
Ransomware continues to expand with double-extortion now the standard; the malware-as-a-service model is now common; and criminals are increasingly ‘living off the land’, according to data from Red Canary.
‘Serpent’ Backdoor Used in Malware Attacks on French Entities
French organizations in the construction, government, and real estate sectors have been targeted with a new backdoor in a string of malware attacks, according to a warning from Proofpoint.
Todyl Banks $28M Series A Investment
Security and networking platform start-up Todyl on Thursday announced the closing of a $28 million Series A funding round.
The new investment round was led by Anthos Capital with participation from previous investors Blu Ventures, StoneMill Ventures, and Tech Operators.
Software Supply Chain Weakness: Snyk Warns of ‘Deliberate Sabotage’ of NPM Ecosystem
Software supply chain security fears escalated again this week with the discovery of what’s being described as “deliberate sabotage” of code in the open-source npm package manager ecosystem.
Patch Tuesday: Microsoft Fixes Multiple Code Execution Flaws
Microsoft’s Patch Tuesday bundle for this month is a big one: 74 documented vulnerabilities in multiple Windows products and components, some serious enough to lead to remote code execution attacks.
BastionZero Raises $6M Seed for Secure Remote Access Tech
BastionZero, a provider of remote access to backend infrastructure, has raised $6 million in seed investment.
The funding round was led by Dell Technologies Capital, with added investments from participation from Akamai and DG Lab Fund (Japan).
NVIDIA Confirms Employee Credentials Stolen in Cyberattack
NVIDIA this week acknowledged that employee credentials were stolen during a cyberattack on February 23 and confirmed the attackers have started leaking the information online.
The compromise occured on February 23 and impacted certain “IT resources,” an NVIDIA spokesperson told SecurityWeek.
Cyberattacks in Ukraine: New Worm-Spreading Data-Wiper With Ransomware Smokescreen
Cybersecurity researchers tracking destructive data-wiping malware attacks in Ukraine are finding signs of new malware with worm-spreading capabilities and what appears to be a rudimentary ransomware decoy.
