Security researchers at NCC Group have created a new tool capable of launching a new type of Bluetooth Low Energy (BLE) relay attack that bypasses existing protections and mitigations.
Researchers Devise New Type of Bluetooth LE Relay Attacks
Iran-Linked OilRig APT Caught Using New Backdoor
The Iran-linked hacking group OilRig was observed using a new backdoor in an attack against a government official within Jordan’s foreign ministry, according to new research published this week.
Critical Vulnerability Allows Remote Hacking of Zyxel Firewalls
Thousands of Zyxel firewalls could be vulnerable to remote attacks due to a vulnerability discovered recently by cybersecurity firm Rapid7. The vendor was quick to release a patch, but it did not immediately inform customers about it.
Zero Trust Firm Xage Security Adds $6 Million ‘Top-up’ to $30 Million Series B Funding
Palo Alto, Calif-based firm Xage has raised a $6 million top-up to the $30 million Series B funding it secured in January 2022. The new financing comes from SCF Partners, an investor in energy and critical infrastructure services, and Overture Venture Capital, which specializes in startups in government, energy and climate.
Patch Tuesday: Microsoft Warns of New Zero-Day Being Exploited
Microsoft on Tuesday released critical software updates to fix at least 73 documented security flaws in the Windows ecosystem and warned that unknown attackers are already launching zero-day man-in-the-middle attacks.
Adobe Warns of ‘Critical’ Security Flaws in Enterprise Products
Software maker Adobe on Tuesday shipped patches to cover at least 18 serious security defects in multiple enterprise-facing products and warned that unpatched systems are at risk of remote code execution attacks.
YL Ventures Closes $400 Million Cybersecurity Investment Fund
Israeli venture capital outfit plans to invest in seed-stage rounds of approximately 10 cybersecurity startups at a pace of 3 startups per year
Microsoft Flexes Security Vendor Muscles With Managed Services
GitHub Announces Mandatory 2FA for Code Contributors
Code hosting platform GitHub on Wednesday said it would make it mandatory for software developers to use at least one form of two-factor authentication (2FA) by the end of 2023.
US Gov Issues Security Memo on Quantum Computing Risks
National security memo warns that a quantum computing could jeopardize civilian and military communications, and defeat security protocols for most Internet-based financial transactions
