The team behind the open source PrestaShop ecommerce platform has issued a public advisory to warn of zero day SQL injection attacks hitting merchant servers and planting code capable of stealing customer payment information.
SonicWall Warns of Critical GMS SQL Injection Vulnerability
Network security appliance vendor SonicWall late Thursday shipped urgent patches for a critical flaw in its Global Management System (GMS) software, warning that the issue exposes businesses to remote hacker attacks.
Anvilogic Scores $25 Million Series B to Tackle SOC Modernization
Anvilogic, a Silicon Valley startup working on technology to modernize the Security Operations Center (SOC), has deposited $25 million in a new investment round led by Outpost Ventures.
Apple Ships Urgent Security Patches for macOS, iOS
It’s a very busy Patch Wednesday for computer users running Apple’s flagship macOS and iOS devices.
Apple’s security response team has pushed out software fixes for at least 39 software vulnerabilities haunting the macOS Catalina, iOS and iPadOS platforms.
Push Security Banks $4 Million Seed Funding
Push Security, a British startup building technology to help defenders manage cloud software sprawl and shadow IT, has banked $4 million in early-stage venture capital funding.
Huntress Acquires Security Awareness Training Startup Curricula for $22M
Managed detection and response (MDR) platform provider Huntress has shelled out $22 million to acquire Curricula, a startup in the growing security awareness business.
Huntress, based in Ellicott City, Maryland, said the deal adds a fun, story-based security awareness training platform to its stable of cybersecurity offerings.
Moussouris: U.S. Should Resist Urge to Match China Vuln Reporting Mandate
A prominent cybersecurity executive is calling on the U.S. government to resist the urge to match China’s reported mandates around early vulnerability disclosure, warning that such a move would “meaningfully and dramatically increase the risk” of zero-day flaws landing in the wrong hands.
Bishop Fox Lands $75 Million Series B Funding
Arizona-based Bishop Fox raised a massive funding round as venture capital investors continue to bet big on the continuous attack surface management category
Microsoft Releases Open Source Toolkit for Generating SBOMs
Software giant Microsoft has open-sourced its internal tool for generating SBOMs (software bill of materials) as part of a move to help organizations be more transparent about supply chain relationships between components used when building a software product.
Microsoft Patch Tuesday: 84 Windows Vulns, Including Already-Exploited Zero-Day
Microsoft has issued an urgent Patch Tuesday bulletin to warn of in-the-wild zero-day exploitation of a privilege escalation flaw in the Windows operating system.
