Malwarebytes Launches MDR Solution for SMBs
Endpoint detection and response (EDR) specialist provider Malwarebytes has launched a new managed detection and response (MDR) solution to bring threat and incident detection to the SMB market. SMBs are heavily targeted by malicious actors because they are often considered to be the soft underbelly of opportunity. The MDR solution combines the security firm’s EDR…
Intel Confirms UEFI Source Code Leak as Security Experts Raise Concerns
Last week, someone announced leaking source code associated with the Alder Lake BIOS — Alder Lake is Intel’s codename for its 12th generation Core processors. The files total nearly 6 Gb and they were made public on GitHub and other websites. Mark Ermolov, a security researcher who specializes in Intel products, analyzed the leaked code…
LofyGang Cybercrime Group Used 200 Malicious NPM Packages for Supply Chain Attacks
Likely operating out of Brazil, LofyGang appears to be an organized crime group focused on multiple hacking activities, including credit card data theft and Discord premium upgrades, as well as the hacking of games and streaming service accounts. LofyGang has been observed abusing multiple public cloud services for command and control (C&C) purposes, including Discord,…
Oort Raises $15 Million for Identity Threat Detection and Response Platform
The funding round – which included $3.5 million Seed and $11.5 million Series A investments – was co-led by .406 Ventures and Energy Impact Partners (EIP). Founded in 2019, the Boston-based firm provides enterprises with an identity-centric platform that offers visibility and control over the identity attack surface, helping them secure both employees and contractors…
Personal Information of 123K Individuals Exposed in City of Tucson Data Breach
The incident was identified at the end of May 2022, but the city concluded its investigation only last month. In a data breach notice on its website, the city says that the incident was the result of compromised network account credentials that allowed the attackers to access files containing the personal information of some individuals….
Cisco Patches High-Severity Vulnerabilities in Communications, Networking Products
The company has informed customers that its Expressway series and TelePresence Video Communication Server software is affected by two high-severity vulnerabilities. One of them, tracked as CVE-2022-20814 and related to improper certificate validation, can allow a remote, unauthenticated attacker to access sensitive data through a man-in-the-middle attack. Successful exploitation of the flaw can result in…
Insurance Giant Lloyd’s of London Investigating Cybersecurity Incident
The company says it has detected unusual activity and decided to ‘reset’ its network and systems as a precaution. It shut down all external connectivity, including its delegated authority platforms, in response to the incident. “Following the unusual activity detected on Lloyd’s network, our precautionary work to secure systems has been completed overnight,” a Lloyd’s…
US Government Details Tools Used by APTs in Defense Organization Attack
The information was collected when CISA investigated the hacking of a defense industrial base organization’s enterprise network between November 2021 and January 2022. The investigation, conducted in collaboration with a third-party incident response firm, revealed that multiple threat groups had compromised the victim’s network and some of them had access for at least one year….
Canadian NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in US
The man, Sebastien Vachon-Desjardins, 35, of Gatineau, Quebec, pleaded guilty in June 2022 to participating in the ransomware scheme. Initially spotted in 2019, NetWalker was being offered under the ransomware-as-a-service (RaaS) business model and has been used in attacks against tens of organizations worldwide, including private and public entities, hospitals and emergency services, law enforcement,…
RealDefense Raises $30 Million to Acquire More Privacy, Cybersecurity Firms
Founded in 2017, the Pasadena, California-based firm provides organizations with privacy, cybersecurity, and optimization solutions for PC, Mac, and mobile devices. The firm offers software and services tailored for consumers and small businesses and has a global presence in 33 countries, claiming to have more than one million customers. Additionally, RealDefense offers an M&A playbook…
