Information

It’s been said “you cannot control the outcome, but you can control the process.” In today’s world of the “assume-breach” security posture, this has never been more true. Especially when it comes to third-party privilege, one of the most significant attack vectors organizations face.  Watch this webinar from Saviynt and SecurityWeek for advice on how to create more trust in your third party relationships by adding sustainable processes and tools that enable you to control…

Read More

The Royal ransomware gang has targeted at least 350 organizations worldwide, with their ransom demands exceeding $275 million, and the cybercriminals may be preparing to rebrand their operation, the US cybersecurity agency CISA and the FBI say in an updated alert. Active since at least September 2022, Royal has been used in attacks against entities in critical infrastructure, education, healthcare, and manufacturing sectors, making ransom demands ranging between $1 million and $11 million, in Bitcoin.…

Read More

The ransomware and data extortion group RansomedVC announced plans to shut down the project and sell parts of its infrastructure. RansomedVC has only been around for a few months, operating under the ransomware-as-a-service (RaaS) business model. The group has listed more than 40 organizations on its leak site, demanding ransom payments of up to $1 million, depending on the victim’s size. The group mainly focuses on organizations in Europe, but recently claimed responsibility for attacks…

Read More

Canadian attack surface management firm Cavelo has raised CA$5 million (approximately US$3.6 million) in a seed funding round that brings the total raised by the company to CA$6.3 million (roughly US$4.5 million). The new investment round was led by Inovia Capital, with participation from Graphite Ventures and other existing investors. Founded in 2020, the Waterloo-based cybersecurity startup provides organizations with the necessary means to scan their environments for data that might be at risk in…

Read More

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More