An Israeli startup has raised early-stage funding to build technology to help cybersecurity teams measure, track and simplify security program operations.
SeeMetrics Raises $6M for Portfolio Management Platform
Firmware Flaws Allow Disabling Secure Boot on Lenovo Laptops
Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.
Citizen Lab Documents Israeli Surveillance Spyware Infections in Spain
Security researchers have found fresh evidence linking a pair of mercenary Israeli hacking companies to mobile malware attacks on members of Catalan civil society.
Webex Monitors Microphone Even When Muted, Researchers Say
Cisco’s enterprise-facing Webex video conferencing and messaging utility monitors the microphone at all times, even when the user’s microphone is muted in the software, according to warning from a group of academic researchers.
FBI Warns of ‘Reverse’ Instant Payments Phishing Schemes
The Federal Bureau of Investigation (FBI) has issued an alert on a new phishing scheme aimed at tricking victims into making money transfers to accounts controlled by cybercriminals.
GitHub Warns of Private Repositories Downloaded Using Stolen OAuth Tokens
GitHub has sounded the alarm on a cyberattack that resulted in the private repositories of dozens of organizations being downloaded by an unauthorized party abusing stolen OAuth user tokens.
The incident was identified on April 12, when the code hosting platform observed suspicious activity on its npm production infrastructure.
North Korea APT Lazarus Targeting Chemical Sector
Threat hunters at Symantec have spotted signs that North Korea’s Lazarus APT group is targeting companies in the chemical sector in an ongoing cyberespionage campaign that includes fake job lures and clever social engineering.
U.S. Gov Blames North Korea Hackers for $600M Cryptocurrency Heist
The U.S. government says the recent $600 million Ronin Validator cryptocurrency heist was conducted by Lazarus Group, the notorious hacking outfit linked to the North Korean government.
Critical Code Execution Flaw Haunts VMware Cloud Director
Cloud computing and virtualization technology firm VMWare on Thursday rolled out patches for an extremely critical security flaw in the VMWare Cloud Director product, warning that unpatched systems are at risk of remote code execution attacks.
VMWare Confirms Workspace One Exploits in the Wild
Less than a week after patching critical security defects affecting multiple enterprise-facing products, VMWare is warning that one of the flaws is being exploited in the wild.
