Rising Tides: Wendy Nather on Resilience, Leadership, and Building a Stronger Cybersecurity Community
When I ask around about who most consistently exemplifies strength and resilience in our industry, the answer is quite often cybersecurity industry veteran Wendy Nather. While we’ve never worked directly together, I have been so fortunate to cross paths with her often with the many different hats we have both worn in this industry. I’m […]
Read More
400,000 Systems Potentially Exposed to 2023’s Most Exploited Flaws
Hundreds of thousands of internet-accessible hosts are potentially exposed to exploits targeting the top routinely exploited vulnerabilities of 2023, VulnCheck reports. Released last week, the list of 2023’s top exploited vulnerabilities identifies 15 security defects in Apache, Atlassian, Barracuda, Citrix, Cisco, Fortinet, Microsoft, Progress, PaperCut, and Zoho products, and draws attention to 32 other bugs […]
Read More
Microsoft Disrupts ONNX Phishing Service, Names Its Operator
Microsoft on Thursday announced significantly disrupting the ONNX phishing service and made public the name of an Egyptian man who allegedly runs it. According to the tech giant, an individual named Abanoub Nady (aka MRxC0DER) has developed and sold phishing kits under the ONNX brand. Nady was previously unmasked by dark web monitoring platform Dark […]
Read More
Prompt Security Raises $18 Million for Gen-AI Security Platform
Generative AI security startup Prompt Security on Wednesday announced raising $18 million in Series A funding, which brings the total raised by the company to $23 million. The new funding round was led by Jump Capital, with additional support from Hetz Ventures, Ridge Ventures, Okta, and F5. The Tel Aviv, Israel-based firm emerged from stealth […]
Read More
Thai Court Dismisses Activist’s Suit Against Israeli Spyware Producer Over Lack of Evidence
A Thai court on Thursday threw out a lawsuit brought by a pro-democracy activist which alleged spyware produced by an Israeli tech firm had been used to hack his phone. The Civil Court in Bangkok said Jatupat Boonpattararaksa had failed to show sufficient proof that his phone was infected with Pegasus spyware produced by NSO […]
Read More
Trustero Secures $10 Million in Funding to Grow AI-Powered Security and Compliance Platform
Trustero, a provider of AI-powered security and compliance solutions, announced the close of a $10.35 million Series A funding round on Thursday. Founded in 2020, Trustero’s Compliance-as-a-Service (CaaS) platform can streamline audits and leverage artificial intelligence to help organizations establish and manage regulatory compliance, including vulnerability assessment and security risk analysis. The company emerged from […]
Read More
2,000 Palo Alto Firewalls Compromised via New Vulnerabilities
The number of internet-exposed Palo Alto Networks firewalls has been dropping, but roughly 2,000 devices have already been compromised, according to the Shadowserver Foundation. Palo Alto Networks learned about a potential PAN-OS zero-day in early November and confirmed in-the-wild exploitation of a new vulnerability on November 15. On November 18, the security firm announced the […]
Read More
Wiz Buys Dazz for $450 Million
Hotshot cloud security vendor Wiz on Thursday announced a deal to acquire Dazz, adding an AI-powered cloud security remediation engine to its suite of enterprise products. Financial terms of the deal were not released but industry sources confirm the price tag is in the range of $450 million. Dazz, based in Israel, raised about $110 […]
Read More
After CrowdStrike Outage, Microsoft Debuts ‘Quick Machine Recovery’ Tool
Microsoft used the spotlight of its Ignite conference this week to introduce a new Quick Machine Recovery tool to help organizations remotely rebuild computer systems after major crises like the CrowdStrike outage earlier this year. The software maker said the feature will enable IT administrators to execute “targeted fixes” from Windows Update, even when machines […]
Read More
RSA’s Innovation Sandbox: Cybersecurity Startups Must Accept $5 Million Investment
The owner of the RSA Conference wants to buy a slice of every cybersecurity startup that makes it to the final of its annual Innovation Sandbox event. The conference, which is owned by Crosspoint Capital Partners, on Thursday announced it will make a $5 million investment a prerequisite for each of the 10 finalists at […]
Read More