Container and cloud-native application security provider Aqua Security warns that the existence of private NPM packages can be disclosed by performing timing attacks.
Timing Attacks Can Be Used to Check for Existence of Private NPM Packages
IronVest Emerges From Stealth Mode With $23 Million in Seed Funding
Biometric authentication provider IronVest this week has emerged from stealth mode with $23 million in seed funding.
The investment round was led by Accomplice, with participation from Joule Ventures, OurCrowd, Trust Ventures, Ulysses, and several angel investors.
New ‘Alchimist’ Attack Framework Targets Windows, Linux, macOS
Cisco’s Talos security researchers warn of a newly identified attack framework and its associated remote access trojan (RAT) targeting Windows, Linux, and macOS systems.
Seven ‘Creepy’ Backdoors Used by Lebanese Cyberspy Group in Israel Attacks
ESET has published an analysis of the seven backdoors that Lebanese advanced persistent threat (APT) actor Polonium has been using since September 2021 in attacks targeting Israeli organizations.
BAE Releases New Cybersecurity System for F-16 Fighter Aircraft
Defense giant BAE Systems has unveiled Viper Memory Loader Verifier II (MLV II), a system whose role is to protect F-16 fighter aircraft against potential cyberattacks.
MLV II is the second version of a maintenance capability that should “reduce vulnerability to cyberattacks for F-16 aircraft”.
PoC Published for Fortinet Vulnerability as Mass Exploitation Attempts Begin
Details and a proof-of-concept (PoC) exploit have been published for the recent Fortinet vulnerability tracked as CVE-2022-40684, just as cybersecurity firms are seeing what appears to be the start of mass exploitation attempts.
Austria’s Kurz Sets up Cyber Firm With Ex-NSO Chief
Former Austrian chancellor Sebastian Kurz said Thursday he is launching a cybersecurity company with the ex-head of Israel’s NSO Group, which makes controversial Pegasus spyware.
DataGrail Raises $45 Million for Data Privacy Platform
Data privacy platform DataGrail this week announced that it has raised $45 million in a Series C funding round that brings the total raised by the company to $84.2 million.
Mirai Botnet Launched 2.5 Tbps DDoS Attack Against Minecraft Server
A Mirai botnet variant has launched a distributed denial-of-service (DDoS) attack that peaked at 2.5 terabytes per second (Tbps), according to Cloudflare, which described it as the largest attack it has seen in terms of bitrate.
New Chinese Cyberespionage Group WIP19 Targets Telcos, IT Service Providers
A newly identified cyberespionage group operating out of China has been targeting IT services providers and telecommunications companies with signed malware.
