Wultra Raises €3 Million for Post-Quantum Authentication
Authentication solutions startup Wultra on Wednesday announced raising €3 million (~$3.1 million) in seed funding for its post-quantum technology. Tensor Ventures, Elevator Ventures, and J&T Ventures participated in the investment round. Founded in 2014, the Praha, Czech Republic-based startup provides banks and fintech companies with post-quantum authentication that provides secure and seamless access to digital […]
Read More
380,000 Impacted by Data Breach at Cannabis Retailer Stiiizy
California-based cannabis brand Stiiizy is notifying 380,000 individuals that their personal information was compromised in a data breach at one of its vendors. According to Stiiizy, it discovered the incident in late November, after the vendor notified it of a cyber intrusion, but the attackers had access to compromised systems for roughly a month. “On […]
Read More
North Korean Hackers Targeting Freelance Software Developers
North Korean hackers are targeting the software supply chain in a new campaign aimed at developers looking for freelance Web3 and cryptocurrency work, cybersecurity firm SecurityScorecard reports. Dubbed Operation 99 and attributed to the infamous Lazarus Group, the campaign represents an upgrade to previously observed Operation Dream Job attacks, luring developers to clone a malicious […]
Read More
Cyber Insights 2025: Identities
SecurityWeek’s Cyber Insights 2025 examines expert opinions on the expected evolution of more than a dozen areas of cybersecurity interest over the next 12 months. We spoke to hundreds of individual experts to gain their expert opinions. Here we discuss what to expect with Identities. Identities, both human and machine, occupy a unique position: they […]
Read More
Biden Executive Order Aims to Shore Up US Cyber Defenses
President Joe Biden issued an executive order on Thursday aimed at strengthening the nation’s cybersecurity and making it easier to go after foreign adversaries or hacking groups that try to compromise US internet and telecommunication systems. Provisions in the order call for the development of minimum cybersecurity standards for government technology contractors and require that […]
Read More
Data From 15,000 Fortinet Firewalls Leaked by Hackers
A hacker group has leaked data associated with roughly 15,000 Fortinet firewalls and an analysis has shown that it was likely obtained back in 2022 through the exploitation of a vulnerability. The hackers who leaked the data are calling themselves Belsen Group and they claim this is their “first official operation”. They announced on January […]
Read More
2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records
In 2024, organizations informed the US government about more than 580 healthcare data breaches affecting a total of nearly 180 million user records. SecurityWeek has conducted an analysis of the healthcare breach database maintained by the US Department of Health and Human Services Office for Civil Rights (HHS OCR), which stores information on incidents impacting […]
Read More
Head of US Cybersecurity Agency Says She Hopes It Keeps up Election Work Under Trump
Jen Easterly, the outgoing head of the U.S. government’s Cybersecurity and Infrastructure Security Agency, said Wednesday she hopes her agency is allowed to continue its election-related work under new leadership despite “contentiousness” around that part of its mission. “I really, really hope that we can continue to support those state and local election officials,” she […]
Read More
FBI Uses Malware’s Own ‘Self-Delete’ Trick to Erase Chinese PlugX From US Computers
The FBI, working in tandem with law enforcement authorities in France, have turned the PlugX malware’s own self-delete mechanism against it, erasing the China-linked remote access trojan from more than 4,200 infected computers in the United States. Using court-approved access to a command-and-control (C2) server, investigators sent self-delete commands embedded within the malware’s functionality, wiping […]
Read More
DORA’s Deadline Looms: Navigating the EU’s Mandate for Threat Led Penetration Testing
The International Monetary Fund estimates that in the past two decades, nearly one-fifth of reported cyber incidents have affected the global financial sector, causing $12 billion in direct losses to financial firms. Not only has the EU taken notice, but it is also on the verge of taking action. With January 17, 2025 as the […]
Read More