Private equity firm Thoma Bravo announced on Tuesday that it has entered a definitive agreement to acquire identity and access management (IAM) solutions provider ForgeRock (NYSE: FORG) for $2.3 billion in cash.
Industrial giants Siemens and Schneider Electric have released a total of 19 security advisories for the October 2022 Patch Tuesday. The advisories cover 36 vulnerabilities affecting their ICS products.
Siemens
Microsoft on Tuesday released software fixes to address more than 90 security defects affecting products in the Windows ecosystem and warned that one of the vulnerabilities was already being exploited as zero-day in the wild.
Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs to take complete control of vulnerable machines.
Researchers have demonstrated that threat actors could obtain global private keys that protect some of Siemens’ industrial devices, and the vendor says it cannot rule out malicious exploitation in the future.
Identity threat detection and response (ITDR) startup Oort announced that it has raised $15 million in Seed and Series A funding, which brings the total investment in the company to $18.1 million.
The funding round – which included $3.5 million Seed and $11.5 million Series A investments – was co-led by .406 Ventures and Energy Impact Partners (EIP).
A cybercrime group named LofyGang has distributed roughly 200 malicious NPM packages that have been downloaded thousands of times over the past year, according to Checkmarx.
Intel has confirmed that some of its UEFI source code has been leaked, and while some security experts believe the incident could have serious implications the chipmaker says it’s not concerned.
Japanese car manufacturer Toyota has disclosed a security incident that involved source code hosted on GitHub and which may have resulted in unauthorized access to roughly 300,000 customer email addresses.
Fortinet has confirmed that the critical vulnerability whose existence came to light last week is a zero-day flaw that has been exploited in at least one attack.
Privacy Settings
This website uses cookies to improve your experience while you navigate through the website.
