Chinese Government Punishes Alibaba for Not Telling It First About Log4Shell Flaw: Report
China’s Ministry of Industry and Information Technology (MIIT) said it will temporarily suspend its collaboration with Alibaba Cloud as a cyber threat intelligence partner due to the fact that the company did not inform the government first about the discovery of the Log4Shell vulnerability, according to local media reports.
Authorization and IAM Company PlainID Raises $75 Million in Series C Funding
PlainID, a provider of authorization and identity and access management (IAM) solutions, today announced that it has raised $75 million in Series C funding, which brings the total raised to $96 million.
No-Code Security Automation Company ContraForce Emerges From Stealth
McKinney, Texas-based security automation and compliance solutions provider ContraForce on Tuesday announced emerging from stealth mode with $2 million in seed funding from cyber foundry DataTribe.
ZeroFox to Go Public in $1.4 Billion SPAC Deal
Social media threat protection firm ZeroFox, announced on Monday that it would acquire incident response services firm IDX and become a publicly traded company via Merger with L&F Acquisition Corp.
Cybersecurity M&A Roundup for December 13-19, 2021
U.S. Government Launches ‘Hack DHS’ Bug Bounty Program
The United States Department of Homeland Security (DHS) this week announced the launch of a bug bounty program focused on identifying vulnerabilities in its systems.
Industry Reactions to Log4Shell Vulnerability
The widely used Log4j logging tool is affected by a critical remote code execution vulnerability that has been increasingly exploited by malicious actors, including profit-driven cybercriminals and state-sponsored groups.
Facebook Will Reward Researchers for Reporting Scraping Bugs
Facebook Paid Out $2.3 Million in Bug Bounties in 2021
Social media giant Facebook today announced that it is expanding its bug bounty and data bounty programs to reward security researchers for reporting scraping vulnerabilities and databases.
CISA Calls for Improved Critical Infrastructure Security
The United States Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday called on critical infrastructure owners and operators to improve their security stance against malicious cyberattacks.
