The exploit acquisition firm Zerodium this week showed increased interest in buying zero-day exploits targeting the popular email clients Microsoft Outlook and Mozilla Thunderbird.
Zerodium Offering $400,000 for Microsoft Outlook Zero-Day Exploits
Identity Verification Firm Veriff Raises $100 Million
Veriff, a provider of automated identity verification technology, announced this week that it has raised $100 million in a Series C funding round, bringing the total amount raised by the company to $200 million.
HackerOne Bags $49 Million in Series E Funding
Hacker-powered bug bounty platform HackerOne on Thursday announced that it has received $49 million in Series E investment, which brings the total raised by the company to $160 million.
The funding round was led by GP Bullhound and received participation from Benchmark, Dragoneer Investment Group, NEA, and Valor Equity Partners.
FBI Warns of Hacker Attacks Conducted by Iranian Cyber Firm
The FBI this week issued a private industry notification to warn organizations about the malicious activities conducted by an Iranian cyber company named Emennet Pasargad.
The agency has described their tactics, techniques and procedures (TTPs) and it has shared several recommendations for preventing and detecting attacks.
Xerox Quietly Patched Device-Bricking Flaw Affecting Some Printers
Xerox patched a device-bricking vulnerability in certain printer models more than a year and a half ago, but said nothing until this week, when information on the bug became public.
Web-Tracking ‘Cookies’ Meant to Protect Privacy: Inventor
The data-tracking “cookies” at the heart of concerns over online privacy were meant to shield people, rather than serve as cyber snoops, their inventor told AFP.
California-based engineer and entrepreneur Lou Montulli said the original “cookie” he created decades ago was intended to make life online easier by letting websites remember visitors.
Over 100 Million Android Users Installed ‘Dark Herring’ Scamware
More than 105 million Android users downloaded and installed scamware from Google Play and third-party app stores, according to mobile security firm Zimperium.
Outlook Security Feature Bypass Allowed Sending Malicious Links
A Trustwave researcher has discovered a new technique to completely bypass a security feature of Microsoft Outlook and deliver a malicious link to the recipient.
The new technique, Trustwave SpiderLabs lead threat architect Reegun Richard Jayapaul explains, is a variation of a vulnerability that was initially addressed in February 2020.
Attack Surface Management Play Censys Scores $35M Investment
The jostling for space in the attack surface management space intensified this week with Michigan startup Censys banking a new $35 million funding round to fuel growth and expansion.
French Ministry of Justice Targeted in Ransomware Attack
Cybercriminals claim to have breached systems belonging to France’s Ministry of Justice and they are threatening to make public the files stolen from the government organization.
