LG to Acquire Vehicle Cybersecurity Firm Cybellum
LG said it will initially acquire a 64-percent stake in Cybellum for $140 million and it will acquire the remaining shares in the near future — if the valuation does not change, the remaining shares will be worth nearly $80 million. The Korean tech giant also plans on investing $20 million in the cybersecurity firm…
Nagios XI vulnerabilities open enterprise IT infrastructure to attack
Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to allow remote code execution with root privileges on the underlying system. Attackers are likely to try to exploit vulnerabilities in network management systems like Nagios because their oversee critical network components and…
Apple Confirms New Zero-Day Attacks on Older iPhones
This is the 16th documented in-the-wild zero-day exploitation of security defects in Apple’s iOS and macOS platforms so far this year. “Apple is aware of reports that an exploit for this issue exists in the wild,” the company said without elaborating. No other details of IOCs (indicators of compromise) were provided. The Cupertino, Calif. software…
Breach reporting required for health apps and devices, FTC says
The Federal Trade Commission (FTC) commissioners, in a split-vote (3-2), issued a policy statement on September 15, requiring both health applications and connected devices to comply with the “Health Breach Notification Rule (August 2009).” The commissioners recognized how the applications and devices did not fall within the scope of the Health Insurance Portability and Accountability…
Google Working on Improving Memory Safety in Chrome
Over 70% of the severe bugs identified last year in Chrome were memory safety issues, namely “mistakes with pointers in the C or C++ languages,” and Google decided to tackle the problem before it becomes even more serious. Of the potential solutions, the Internet search giant decided to focus on two, namely introducing runtime checks…
UK Minister Sorry Over Afghan Interpreters’ Data Breach
A Defense Ministry email to more than 250 Afghans who are eligible for relocation and still remain in Afghanistan was mistakenly copied to all applicants Monday instead of blind copied. British media reports said the people whose email addresses were distributed included some individuals who are in hiding from the Taliban. “It is an unacceptable…
Flaws in Nagios Network Management Product Can Pose Risk to Many Companies
The vulnerabilities were discovered by researchers at industrial cybersecurity firm Claroty as part of a research project focusing on the use of network management systems in IT, OT and IoT networks. The security holes have been found to impact Nagios XI, XI Switch Wizard, XI Docker Wizard, and XI WatchGuard. The vendor released patches for…
Identity Solutions Provider Saviynt Raises $130 Million
Saviynt plans to invest the funds in research and development and personnel, to better meet demand for its cloud-based identity solution. Increasingly aware of risks associated with identity-related security breaches, organizations worldwide are shifting toward a Zero Trust approach in which identity management is a central piece. Alongside identity governance (IGA), the company’s Enterprise Identity…
Ransomware Group Demands Millions From U.S. Farmer Cooperative
The attackers are a group that uses the BlackMatter ransomware and the victim is Fort Dodge, Iowa-based New Cooperative, which has 60 members and offers agronomy, grain, feed, energy, and software solutions. New Cooperative has confirmed that it’s dealing with a “cybersecurity incident” that has impacted some of its systems. The company says it has…
Details of 100M Visitors to Thailand Exposed Online: Research Firm
The Southeast Asian nation is a popular tourist destination, drawing nearly 40 million visitors in 2019 before the pandemic shuttered borders and seized up global travel. Britain-based consumer security company Comparitech said in a report that its head of cybersecurity research Bob Diachenko found a database in August containing the personal information of travellers to…
