Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the flaw in the wild.
Fortinet Ships Emergency Patch for Already-Exploited VPN Flaw
Proofpoint Buys Deception Tech Startup Illusive Networks
Enterprise security vendor Proofpoint on Monday announced plans to acquire Illusive Networks, a startup that helped pioneer deception technology to help detect data breaches. Financial terms of the planned acquisition were not disclosed.
Google Documents IE Browser Zero-Day Exploited by North Korean Hackers
Google’s Threat Analysis Group (TAG) has shared technical details on an Internet Explorer zero-day vulnerability exploited in attacks by North Korean hacking group APT37.
Big Tech Vendors Object to US Gov SBOM Mandate
The U.S. government’s mandates around the creation and delivery of SBOMs (software bill of materials) to help mitigate supply chain attacks has run into strong objections from big-name technology vendors.
Investors Pour $200M Into Compliance Automation Startup Drata
High-flying security compliance and automation startup Drata continues to attract major venture capital investor interest, banking $200 million in Series C funding that values the company north of $2 billion.
Three Ways to Improve Defense Readiness Using MITRE D3FEND
Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations improve their defensive cybersecurity posture.
Balance Theory Scores Seed Funding for Secure Workspace Collaboration
Balance Theory, a seed-stage startup working on technology to help security teams collaborate and manage data flows securely, has closed a $3 million funding round.
The Columbia, Maryland-based Balance Theory said the early-stage investment was led by DataTribe with participation from TEDCO.
Investors Double Down on Pangea Cyber API Security Bet
Pangea Cyber, an early stage startup working on technology in the API security services space, has banked $26 million in a new funding round led by Google Ventures.
One Year Later: Log4Shell Remediation Slow, Painful Slog
Almost exactly a year after the Log4Shell security crisis sent defenders scrambling to reduce attack surfaces, new data shows that remediation has been a long, slow, painful slog for most organizations around the world.
Investors Bet $31 Million on Sphere for Identity Hygiene Tech
Venture capital investors have invested another $31 million into Sphere Technology Solutions, a New Jersey startup building technology to help defenders manage identities and access to sensitive data.
