The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) has added former DNC security chief Bob Lord to its roster of technical advisors.
Former DNC CISO Bob Lord Joins CISA Cybersecurity Division
Strike Security Scores Funding for ‘Perpetual Pentesting’ for SMBs
South American startup Strike Security has secured $5.4 million to fund an ambitious plan to disrupt the penetration testing and attack surface management business.
Google, Mandiant Share Data on Record Pace of Zero-Day Discoveries
Google and Mandiant separately called attention to a dramatic surge in the discovery of in-the-wild zero-day attacks and warned that nation-state APT actors, ransomware gangs and private mercenary exploit firms are burning through zero-days at record pace.
Okta Closes Lapsus$ Breach Probe, Adds New Security Controls
Identity and access management tech firm Okta says it has concluded an investigation into the embarrassing Lapsus$ hacking incident and has severed ties with a third-party company at the center of the breach.
SeeMetrics Raises $6M for Portfolio Management Platform
An Israeli startup has raised early-stage funding to build technology to help cybersecurity teams measure, track and simplify security program operations.
Firmware Flaws Allow Disabling Secure Boot on Lenovo Laptops
Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.
Webex Monitors Microphone Even When Muted, Researchers Say
Cisco’s enterprise-facing Webex video conferencing and messaging utility monitors the microphone at all times, even when the user’s microphone is muted in the software, according to warning from a group of academic researchers.
FBI Warns of ‘Reverse’ Instant Payments Phishing Schemes
The Federal Bureau of Investigation (FBI) has issued an alert on a new phishing scheme aimed at tricking victims into making money transfers to accounts controlled by cybercriminals.
OHSU Apologizes After Phishing Test Draws Complaints
Officials at Oregon Health & Science University have apologized to employees after a fake phishing test drew complaints about raising false hopes.
North Korea APT Lazarus Targeting Chemical Sector
Threat hunters at Symantec have spotted signs that North Korea’s Lazarus APT group is targeting companies in the chemical sector in an ongoing cyberespionage campaign that includes fake job lures and clever social engineering.
