Security – SiliconANGLE

‘Anatsa’ malware targets banking users in US, UK and Central Europe

Duncan Riley — Wed, 28 Jun 2023 00:17:47 +0000

A mobile malware campaign targeting banking apps has been observed targeting users in the U.S., the U.K. and Central Europe. Dubbed “Anatsa” by researchers at ThreatFabric B.V., the banking Trojan is distributed through malicious apps in the Google Play Store and is estimated to have had over 30,000 installations since March. Anatsa has advanced device-takeover […]

The post ‘Anatsa’ malware targets banking users in US, UK and Central Europe appeared first on SiliconANGLE.

Data stolen in hack of spyware provider LetMeSpy

Duncan Riley — Tue, 27 Jun 2023 23:39:28 +0000

LetMeSpy, a provider of spyware for mobile devices, has been hacked, resulting in the theft of data from users and the victims they spied on. The service, as the name suggests, is “stalkerware,” a form of software that can be used to spy on a mobile device. In LetMeSpy’s case, the company pitches itself as […]

The post Data stolen in hack of spyware provider LetMeSpy appeared first on SiliconANGLE.

HashiCorp acquires startup BluBracket for its secrets detection technology

Maria Deutscher — Tue, 27 Jun 2023 19:26:40 +0000

HashiCorp Inc. is buying BluBracket Inc., a venture-backed startup with software that helps developers catch and fix insecure code before it’s released. HashiCorp announced the deal today without disclosing the financial terms. BluBracket previously raised $18.5 million in funding. BluBracket provides a software platform that helps development teams find cybersecurity issues in their code. It […]

The post HashiCorp acquires startup BluBracket for its secrets detection technology appeared first on SiliconANGLE.

Cyera bags $100M to improve cloud data security with large language models

Maria Deutscher — Tue, 27 Jun 2023 17:33:41 +0000

Fast-growing data security startup Cyera US Inc. today announced that it has raised $100 million from a group of prominent backers. The investment, a Series B round, brings the total amount of capital raised by the startup since its launch to $160 million. Accel was the lead investor in the round. Sequoia, Redpoint Ventures and […]

The post Cyera bags $100M to improve cloud data security with large language models appeared first on SiliconANGLE.

Identity fraud prevention provider Socure acquires Berbix for $70M

David Strom — Tue, 27 Jun 2023 16:58:09 +0000

Socure Inc. today announced the acquisition of Berbix, an artificial intelligence-powered document verification startup, for $70 million in cash and stock. Socure has raised copious funds, with 14 different rounds, including one $450 million round in 2021, for a total of $742 million. The companies are in the middle of a trend in this market, as […]

The post Identity fraud prevention provider Socure acquires Berbix for $70M appeared first on SiliconANGLE.

Detectify launches new integrations platform to enhance security operations

Duncan Riley — Tue, 27 Jun 2023 13:00:53 +0000

External Attack Surface Management startup Detectify AB today announced a new integrations platform aimed at empowering and enhancing flexibility for security teams. The new platform opens Detectify to fast and simple integrations, allowing teams to leverage highly accurate data from its hacker-powered EASM platform into the tools of their choice without disrupting their workflows. “Hacker-powered” refers […]

The post Detectify launches new integrations platform to enhance security operations appeared first on SiliconANGLE.

Cequence Security integrates AI automation for rapid API security testing

Duncan Riley — Tue, 27 Jun 2023 13:00:45 +0000

Application programming interface security startup Cequence Security Inc. today announced new updates to its Unified API Protection Platform designed to strengthen customers’ ability to discover, manage risk and protect application programming interfaces. The release introduces enhancements that bolster the platform’s ability to safeguard APIs for organizations by streamlining security workflows and delivering actionable insights. Leading the list of […]

The post Cequence Security integrates AI automation for rapid API security testing appeared first on SiliconANGLE.

CardinalOps report finds broken rules in SIEM systems increase cyberattack risks

Duncan Riley — Tue, 27 Jun 2023 13:00:06 +0000

A new report out today from artificial intelligence-powered security engineering startup CardinalOps Ltd. reveals some disturbing insights into the state of security information and event management detection risk. The CoadinalOps third annual report on the state of SIEM detection risk analyzed real-world data from major production SIEMs such as Splunk, Microsoft Sentinel, IBM QRadar and Sumo Logic to […]

The post CardinalOps report finds broken rules in SIEM systems increase cyberattack risks appeared first on SiliconANGLE.

Bionic unveils news tools to address application security vulnerabilities

Duncan Riley — Tue, 27 Jun 2023 13:00:01 +0000

Application security posture management platform company Bionic Inc. today launched two new features to help customers understand and manage the vulnerabilities and threats to their applications more efficiently. The first release, Bionic Signals, is designed to address the increasingly complex issue of security tool sprawl. According to Gartner, 78% of chief information security officers operate with […]

The post Bionic unveils news tools to address application security vulnerabilities appeared first on SiliconANGLE.

American and Southwest Airlines pilot data breached in hack of third-party provider

Duncan Riley — Tue, 27 Jun 2023 00:25:30 +0000

Pilot data relating to American Airlines Group Inc. and Southwest Airlines Co. has been breached following the hack of a third-party provider of pilot applications and recruitment. The breach involved the compromise of a company called Pilot Credentials between April 30 and May 1, with the airlines informed on May 3. The form of attack […]

The post American and Southwest Airlines pilot data breached in hack of third-party provider appeared first on SiliconANGLE.

A hybrid future: Seamlessness across cloud storage and backup solutions

Victor Dabrinze — Mon, 26 Jun 2023 21:21:35 +0000

The future of cloud is hybrid, where it meets end users wherever they are. As companies race to embrace hybrid cloud, it falls on solutions providers to ensure seamlessness across storage, backup/recovery and compute, etc. — which are often spread across different providers. Danny Allan (pictured), chief technology officer of Veeam Software Group GmbH, weighed […]

The post A hybrid future: Seamlessness across cloud storage and backup solutions appeared first on SiliconANGLE.

Domain Name System is once again front and center for exploits and security policy

David Strom — Mon, 26 Jun 2023 16:41:58 +0000

Two recent events are once again bringing the internet’s foundational Domain Name System into the news, and not in a good way. The first event involving the DNS last week was a warning from the Cybersecurity Infrastructure and Security Agency issued on Friday for version 9 of the Berkeley Internet Name Domain, or BIND. It calls […]

The post Domain Name System is once again front and center for exploits and security policy appeared first on SiliconANGLE.

Millions of GitHub projects found vulnerable to exploit

David Strom — Fri, 23 Jun 2023 16:38:40 +0000

Thousands of open-source code repositories on GitHub could be vulnerable to an old exploit, according to a report from Aqua Security Software Ltd.’s Nautilus research team published this week. Aqua analyzed a sample of more than a million GitHub code repositories and found almost 3% were vulnerable to an attack called repojacking. The bad actors […]

The post Millions of GitHub projects found vulnerable to exploit appeared first on SiliconANGLE.

Deep Instinct uncovers new JavaScript-based malware dropper

Duncan Riley — Thu, 22 Jun 2023 23:54:52 +0000

Threat protection startup Deep Instinct Ltd.’s Threat Research Lab today provided details of a new strain of JavaScript-based dropper that delivers two forms of malware onto victims’ computers. Dubbed PindOS after a user-agent string of the same name in the code, the dropper contains comments in Russian and delivers Bumblebee and IcedID malware. Bumblebee is a malware loader […]

The post Deep Instinct uncovers new JavaScript-based malware dropper appeared first on SiliconANGLE.

UPS Canada discloses data breach following ‘smishing’ campaign

Duncan Riley — Thu, 22 Jun 2023 00:12:46 +0000

United Parcel Service Inc. has alerted Canadian customers that a data breach may have resulted in their personal information getting exposed and used in phishing attacks. The data breach news was first shared today on Twitter by threat analyst Brett Callow, who received a physical letter from UPS advising him of the data breach. The letter […]

The post UPS Canada discloses data breach following ‘smishing’ campaign appeared first on SiliconANGLE.

Orca Security teams with Google Cloud to bolster cloud workload security

Duncan Riley — Wed, 21 Jun 2023 23:32:17 +0000

Cloud cybersecurity startup Orca Security Ltd. today announced an expansion of its partnership with Google Cloud aimed at bolstering the security of cloud workloads. Under the expanded partnership, Orca Security will integrate its Orca Cloud Security platform with various Google security products, including Google Chronicle, Security Command Center and VirusTotal. The integration aims to offer a comprehensive and […]

The post Orca Security teams with Google Cloud to bolster cloud workload security appeared first on SiliconANGLE.

New Russian cyberattacks on Ukraine uncovered

David Strom — Wed, 21 Jun 2023 19:37:38 +0000

The protracted war on Ukraine has been fought on both physical and digital worlds, but after the initial forays last spring, Russian attacks on Ukrainian digital infrastructure have increased lately, according to new reports by three security analyst groups. Since the Russian invasion last spring, there have been a number of cyberattacks. Google LLC said […]

The post New Russian cyberattacks on Ukraine uncovered appeared first on SiliconANGLE.

The top five cloud cybersecurity threats – and what to do about them

David Strom — Wed, 21 Jun 2023 15:36:24 +0000

Cybersecurity threats continue to plague cloud infrastructures, and sadly these threats are still mostly the same from years’ past. But just because these threats continue doesn’t mean that cloud security, taken as a whole tapestry, isn’t as secure as on-premises equipment. That debate — which seems to have spanned a decade or more — should […]

The post The top five cloud cybersecurity threats – and what to do about them appeared first on SiliconANGLE.

Halcyon and Revelstoke integration enhances security operations team efficiency

Duncan Riley — Wed, 21 Jun 2023 13:00:54 +0000

Cybersecurity startup Halcyon Tech Inc. today announced a new integration with security orchestration, automation and response company Revelstoke Security Inc. that enables customers to make their security operations teams more efficient. The integration combines Halcyon’s prevention and resilience mechanisms and Revelstoke’s low-code SOAR capabilities to deliver cyber resilience across organizations and minimize the threat of ransomware. Revelstoke’s low-code automation, combined with the capabilities […]

The post Halcyon and Revelstoke integration enhances security operations team efficiency appeared first on SiliconANGLE.

New Noname Security release aims to help organizations ‘leave no API untested’

Duncan Riley — Wed, 21 Jun 2023 13:00:51 +0000

Enterprise application programming security startup Noname Security today announced the general availability of its Active Testing V2 service designed to help organizations “leave no API untested.” Active Testing is said to be an easy-to-use, advanced and complete application programming interface security testing solution. The new version has been designed to help industry leaders to further “shift left” […]

The post New Noname Security release aims to help organizations ‘leave no API untested’ appeared first on SiliconANGLE.

New Baffle Manager automates data protection across an enterprise

Duncan Riley — Wed, 21 Jun 2023 13:00:41 +0000

Data security platform startup Baffle Inc. today launched an updated version of its platform designed to automate data protection across an enterprise. Baffle Manager 2.0 seeks to address the issue wherein legacy application-level encryption is difficult and time-consuming to implement. With no code or application changes, Baffle cryptographically protects the data as it’s created, used and shared. […]

The post New Baffle Manager automates data protection across an enterprise appeared first on SiliconANGLE.

Kandji and Okta join forces to enhance Apple device security

Duncan Riley — Wed, 21 Jun 2023 13:00:31 +0000

Apple Inc. device management platform startup Kandji Inc. today announced a new integration with identity access management company Okta Inc. to ensure Apple devices comply with access policies before allowing access to Okta-secured software-as-a-service applications. The integration seeks to address the rise of remote working wherein “any device is the new norm” when it comes to connecting to corporate […]

The post Kandji and Okta join forces to enhance Apple device security appeared first on SiliconANGLE.

Checkmarx and Brinqa join forces for enhanced cyber risk management

Duncan Riley — Wed, 21 Jun 2023 11:14:38 +0000

Application security testing firm Checkmarx Ltd. and cybersecurity risk management firm Brinqa Inc. today announced a new strategic partnership to help organizations develop top-tier application security programs suitable for the evolving threat landscape. The partnership is aimed at addressing the increasing security risk of insecure code, which is a prominent source of data breaches. The companies argue that […]

The post Checkmarx and Brinqa join forces for enhanced cyber risk management appeared first on SiliconANGLE.

Justice Department expands cybersecurity efforts with new NatSec Cyber

Duncan Riley — Tue, 20 Jun 2023 23:01:52 +0000

The U.S. Department of Justice today announced the creation of a new litigation section that will focus on prosecuting malicious foreign cyber activity. Called the National Security Cyber Section, or NatSec Cyber for short, the new section was designed in response to the findings in Deputy Attorney General Lisa O. Monaco’s Comprehensive Cyber Review in July […]

The post Justice Department expands cybersecurity efforts with new NatSec Cyber appeared first on SiliconANGLE.

True Anomaly launches new solutions to enhance cybersecurity in space

Duncan Riley — Tue, 20 Jun 2023 13:00:47 +0000

Space security company True Anomaly Inc. has today unveiled two new solutions that provide robust environments for high-precision testing and operator training for cybersecurity in space. The new solutions, Digital Range application and On-Orbit Range, merge digital and live elements to offer a unique, comprehensive training and testing platform. The Digital Range application has been built for efficiency and […]

The post True Anomaly launches new solutions to enhance cybersecurity in space appeared first on SiliconANGLE.

Bitdefender warns of new exfiltration malware targeting remote desktop protocol workloads

Duncan Riley — Tue, 20 Jun 2023 13:00:42 +0000

Researchers at S.C. Bitdefender SRL today warned of new custom malware actively targeting remote desktop protocol clients to steal data. First noticed in its use as part of a state-sponsored East Asian espionage operation called RedClouds, the server-side implant, dubbed “RDStealer,” monitors RDP connections with client drive mapping enabled, infecting connecting RDP clients with a Logutil backdoor and exfiltrating […]

The post Bitdefender warns of new exfiltration malware targeting remote desktop protocol workloads appeared first on SiliconANGLE.

AI meets email security: Ironscales launches ‘Themis Co-pilot’ beta

Duncan Riley — Tue, 20 Jun 2023 13:00:20 +0000

Israeli phishing protection startup Ironscales Ltd. today announced the beta launch of a new artificial intelligence tool for Microsoft Outlook designed to empower end-users in threat detection and reporting. Called Themis Co-pilot, the new service is built upon PhishLLM, a proprietary large language model hosted within Ironscale’s infrastructure. Themis Co-pilot is designed to give end-users the necessary tools to […]

The post AI meets email security: Ironscales launches ‘Themis Co-pilot’ beta appeared first on SiliconANGLE.

BlackCat ransomware gang demands $4.5M, API changes for 80GB leaked Reddit data

Kyt Dotson — Mon, 19 Jun 2023 15:45:19 +0000

Hackers from the BlackCat ransomware gang have contacted Reddit Inc. claiming to be behind a hack that affected the social media forum platform in February that took more than 800 gigabytes of internal documents, code, contracts and employee information. The hacker group, also known as AlphaV, also demanded $4.5 million to not release the stolen […]

The post BlackCat ransomware gang demands $4.5M, API changes for 80GB leaked Reddit data appeared first on SiliconANGLE.

Microsoft discloses detailed analysis of Layer 7 DDoS attacks

Duncan Riley — Mon, 19 Jun 2023 00:51:41 +0000

Microsoft Corp. disclosed Friday that outages that affected its customers earlier this month were caused by a distributed denial-of-service attack launched by a threat actor called Storm-1359. The Layer 7 DDoS attack affected Microsoft services, including Azure, Outlook and OneDrive. A “Layer 7” attack is a form of DDoS that targets the application layer of the internet […]

The post Microsoft discloses detailed analysis of Layer 7 DDoS attacks appeared first on SiliconANGLE.

Russian man arrested for alleged involvement with LockBit ransomware gang

Duncan Riley — Thu, 15 Jun 2023 23:44:43 +0000

A Russian national has been arrested in Arizona on charges alleging that he was involved in multiple LockBit ransomware attacks against victims in the U.S., Asia, Europe and Africa. The LockBit ransomware gang, which first emerged in 2020, operates on a ransomware-as-a-service model where affiliates use already developed ransomware to execute attacks. In its time, LockBit […]

The post Russian man arrested for alleged involvement with LockBit ransomware gang appeared first on SiliconANGLE.