The U.S. Treasury Department on Friday slapped a fresh round of sanctions against entities in Iran for engaging in destructive cyberattacks against critical infrastructure targets in allied NATO countries.
Microsoft Dives Into Iranian Ransomware APT Attacks
Microsoft has published an analysis of the ransomware attacks associated with a subgroup of the Iran-linked advanced persistent threat (APT) actor Phosphorus.
Microsoft: Multiple Iranian Groups Conducted Cyberattack on Albanian Government
Multiple Iranian hacking groups participated in a recent cyberattack targeting the Albanian government, according to new data from Microsoft’s security research and response teams.
US Gov Issues Guidance for Developers to Secure Software Supply Chain
Three U.S. government agencies — Cybersecurity and Information Security Agency (CISA), the National Security Agency (NAS) and the Office of the Director of National Intelligence (ODNI) — have announced the release of the first part of a three-part joint guidance on securing the software supply chain.
Huntress Scores $40M Funding, Plans International Expansion
Managed detection and response (MDR) platform provider Huntress on Thursday announced the closing of a $40 million debt financing round to speed up global expansion plans.
The latest funding was led by CIBC Innovation Banking and brings the total raised by the Maryland start-up to $100 million.
Data Security Company Open Raven Raises $20 Million
Data security firm Open Raven today announced that it has raised $20 million in a Series B funding round that brings the total amount raised by the company to $40 million.
Cybersecurity M&A Roundup: 41 Deals Announced in August 2022
Forty-one cybersecurity-related M&A deals were announced in August 2022.
Cymulate Closes $70M Series D Funding Round
Cymulate, a late-stage Israeli startup in the breach and attack simulation space, has closed a $70 million Series D funding round led by existing investor One Peak.
Zyxel Patches Critical Vulnerability in NAS Firmware
Networking solutions provider Zyxel has released patches for a critical-severity vulnerability impacting the firmware of multiple network attached storage (NAS) device models.
Hardcoded AWS Credentials in 1,800 Mobile Apps Highlight Supply Chain Issues
Symantec has discovered hardcoded AWS credentials in more than 1,800 mobile applications and warned of the potential risks associated with poor security practices.
While Symantec’s threat hunting team has looked at both Android and iOS apps, nearly all of the applications containing hardcoded credentials were developed for iOS.