News

Venn Software, a New York startup building an MDM-like solution for laptops, has attracted $29 million in early stage funding as investors continue to bet on cybersecurity companies protecting the remote workforce. Venn said the Series A financing was led by NewSpring and provides capital for the company to make MDM for laptops a reality and provide a less costly new alternative to virtual desktop infrastructure (VDI). Venn is pitching a Secure Enclave product that…

Read More

Cloud infrastructure software firm HashiCorp on Tuesday announced a deal to acquire BluBracket, an early stage startup building technology to help businesses scan for secrets hidden in source code. Financial terms of the acquisition were not released.  BluBracket, based in Silicon Valley, raised $18.5 million in venture capital funding from Evolution Equity Partners, Unusual Ventures, Point72 Ventures, SignalFire and Firebolt Ventures.  In a statement announcing the acquisition, HashiCorp said BluBracket’s code scanning will complement HashiCorp…

Read More

The National Security Agency (NSA) has published technical mitigation guidance to help organizations harden systems against BlackLotus UEFI bootkit infections. The NSA’s recommendations provide a blueprint for defenders to protect systems from BlackLotus, a stealthy malware that emerged on underground forums in late 2022 with capabilities that include user access control (UAC) and secure boot bypass, unsigned driver loading, and prolonged persistence. To disable secure boot, the bootkit exploits a year-old vulnerability in Windows (CVE-2022-21894)…

Read More

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More

The US government’s cybersecurity agency CISA on Thursday added another batch of security flaws to its Known Exploited Vulnerabilities (KEV) catalog and urged federal agencies to patch these issues as a matter of urgency. The already exploited vulnerabilities affect users of the open-source Roundcube webmail server and VMware Aria Operations for Networks. Exploitation of the open-source mail server Roundcube flaws has been linked to Russian state-sponsored attacks against the Ukrainian government and other high-profile entities…

Read More

Free medical clinics and legal aid clinics, where college students and their instructors help their communities while also learning more about their professions, are now commonplace. Google hopes to add cybersecurity clinics to that list. Google CEO Sundar Pichai pledged $20 million in donations on Thursday to support and expand the Consortium of Cybersecurity Clinics to introduce thousands of students to potential careers in cybersecurity, while also helping defend small government offices, rural hospitals and…

Read More

Apple has rolled out a major security-themed iOS update to fix remote code execution vulnerabilities that have already been exploited in the wild. The patches address a pair of vulnerabilities reported by Russian anti-malware vendor Kaspersky and follow the public documentation of ‘Operation Triangulation,’ a digital spy campaign that used zero-click iMessage exploits. The patches – iOS 16.5.1, iPadOS 16.5.1, iOS 15.7.7 and iPadOS15.7.7 – cover security defects in kernel and WebKit and have been…

Read More

Less than two weeks after shipping urgent patches to cover security defects in its Aria Operations for Networks product, VMware says hackers have started launching exploits in the wild. The virtualization technology giant on Tuesday updated a critical-level bulletin with a blunt warning to businesses running the network monitoring software: “VMware has confirmed that exploitation of CVE-2023-20887 has occurred in the wild.” The live exploits, first flagged by GreyNoise, target the CVE-2023-20887 command injection vulnerability…

Read More

Taiwanese computer hardware manufacturer Asus on Monday shipped urgent firmware updates to address vulnerabilities in its WiFi router product lines and warned users of the risk of remote code execution attacks. In an advisory, Asus documented at least nine security defects and multiple security weaknesses that allow code execution, denial-of-service, information disclosure and authentication bypasses. The most serious of the nine vulnerabilities, a highly critical bug with a CVSS severity rating of 9.8/10, dates back…

Read More