Microsoft has published an analysis of the ransomware attacks associated with a subgroup of the Iran-linked advanced persistent threat (APT) actor Phosphorus.
Microsoft: Multiple Iranian Groups Conducted Cyberattack on Albanian Government
Multiple Iranian hacking groups participated in a recent cyberattack targeting the Albanian government, according to new data from Microsoft’s security research and response teams.
US Gov Issues Guidance for Developers to Secure Software Supply Chain
Three U.S. government agencies — Cybersecurity and Information Security Agency (CISA), the National Security Agency (NAS) and the Office of the Director of National Intelligence (ODNI) — have announced the release of the first part of a three-part joint guidance on securing the software supply chain.
Huntress Scores $40M Funding, Plans International Expansion
Managed detection and response (MDR) platform provider Huntress on Thursday announced the closing of a $40 million debt financing round to speed up global expansion plans.
The latest funding was led by CIBC Innovation Banking and brings the total raised by the Maryland start-up to $100 million.
Data Security Company Open Raven Raises $20 Million
Data security firm Open Raven today announced that it has raised $20 million in a Series B funding round that brings the total amount raised by the company to $40 million.
Cybersecurity M&A Roundup: 41 Deals Announced in August 2022
Forty-one cybersecurity-related M&A deals were announced in August 2022.
Cymulate Closes $70M Series D Funding Round
Cymulate, a late-stage Israeli startup in the breach and attack simulation space, has closed a $70 million Series D funding round led by existing investor One Peak.
Zyxel Patches Critical Vulnerability in NAS Firmware
Networking solutions provider Zyxel has released patches for a critical-severity vulnerability impacting the firmware of multiple network attached storage (NAS) device models.
Academics Devise Open Source Tool For Hunting Node.js Security Flaws
A group of academic researchers have designed an open source Node.js bug hunting tool that has already identified 180 security vulnerabilities.
Atlassian Ships Urgent Patch for Critical Bitbucket Vulnerability
Atlassian’s security response team has issued an urgent advisory to warn of a critical command injection flaw in its Bitbucket Server and Data Center product.
The vulnerability carries a CVSS severity score of 9.9 out of 10 and can be exploited remotely to launch code execution attacks, Atlassian said.