Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking into IT services shops in India and Israel and using that access to hit the real targets.
Cyber Defenders Should Prepare for Holiday Ransomware Attacks
High days and holidays are prime time for ransomware. This should come as no surprise to anyone – but many companies remain surprisingly unaware or at least unprepared.
New ETW Attacks Can Allow Hackers to ‘Blind’ Security Products
Researchers have described two new attack methods that can be used to “blind” cybersecurity products that rely on a logging mechanism named Event Tracing for Windows (ETW).
MDR Company Expel Raises $140 Million at Unicorn Valuation
Managed detection and response (MDR) provider Expel on Thursday announced raising $140.3 million in a Series E funding round.
Founded in 2016, the company has raised nearly $258 million in total and it’s now valued at more than $1 billion, earning it “unicorn” status.
Israel Defence Minister’s Cleaner Charged With Spying for Iran
A man employed in the home of Israeli Defence Minister Benny Gantz was charged Thursday with attempting to spy for the Black Shadow hackers, who are purportedly linked to Iran.
Cloud Security Firm Lacework Raises Record-Breaking $1.3 Billion
Microsoft Informs Users of High-Severity Vulnerability in Azure AD
Microsoft on Wednesday informed customers about a recently patched information disclosure vulnerability affecting Azure Active Directory (AD).
FBI Warns of Actively Exploited FatPipe Zero-Day Vulnerability
The Federal Bureau of Investigation (FBI) this week sounded the alarm on a zero-day vulnerability in FatPipe products that has been under active exploitation since at least May 2021.
Solving the Right to be Forgotten Problem
The Right to be Forgotten (technically the right to erasure or for users to have personal data removed from service providers’ records) creates a big problem for suppliers. This right is becoming standard across the new global wave of data protection and consumer privacy legislation that has followed GDPR.
Cloud Data Protection Startup Laminar Closes $32M Funding Round
Public cloud data protection provider Laminar on Wednesday emerged from stealth with $32 million in Series A funding. To date, the startup has raised $37 million in venture capital investments.
The new investment round was led by Insight Partners. Meron Capital, SentinelOne, and TLV Partners also participated.