Did Microsoft Botch the PrintNightmare Patch?
The issue has been a public embarrassment for Microsoft over the last two weeks as security researchers used social media to highlight major problems with Redmond’s mitigation guidance and the effectiveness of its out-of-band update. “We’re aware of claims and are investigating, but at this time we are not aware of any bypasses,” Microsoft said…
Cybersecurity M&A Roundup: 14 Deals Announced July 1-8, 2021
A total of 14 cybersecurity-related acquisitions were announced between July 1 and July 8, 2021. Barracuda Networks acquires SKOUT Cybersecurity Application, cloud, email, data and network security solutions provider Barracuda Networks is acquiring SKOUT Cybersecurity, a company that provides cyber-as-a-service software for MSPs, as well as XDR solutions. The deal enables Barracuda to expand its…
IoT/OT Device Security Firm NanoLock Raises $11 Million
The funding, which brings the total raised by the firm to $21 million, came from OurCrowd, HIVE2040 (by Avnon Group), Atlantica Group, and AWZ Ventures. The money will be used by the company to expand and improve its solutions. NanoLock Security has also announced expanding its executive team and the acquisition of two new patents….
Mac Malware Used in Attacks Targeting Industrial Organizations in Middle East
Dubbed WildPressure, the campaign started in May 2019 and for more than a year it involved only a Windows version of a malware named Milum. Earlier this year, however, the campaign’s operators started using new versions of the Trojan, to target macOS systems as well. In addition to the initially observed C++ iteration of the…
Pro-Trump Social Media Platform GETTR Hacked Shortly After Launch
A Twitter-like platform, GETTR was launched on July 4 by Jason Miller, who served as a spokesperson for former U.S. President Donald Trump. The social media service claims to welcome people from all over the world and to promote freedom of speech. Both the site and the GETTR mobile app highly resemble Twitter, and the…
Continuous Updates: Everything You Need to Know About the Kaseya Ransomware Attack
The attack appears to impact tens of Kaseya customers and hundreds of downstream businesses. The cybercrime group that launched the attack used the ransomware to encrypt files on compromised systems and they are hoping to earn tens of millions of dollars as a result. SecurityWeek is covering all the new information that emerges and here…
Swedish Supermarket Closed by Kaseya Cyberattack
Stressing that the situation was looking “positive compared to a few days ago”, Kevin Bell, press spokesman for Coop, told AFP that “a majority” of their stores were still closed. On Friday, a hacking attack indirectly hit the supermarket chain, paralysing all its cash registers and forcing the company to temporarily close nearly all its…
Researcher Describes Potential Impact of Recently Patched SonicWall NSM Flaw
NSM is a firewall management application that provides the ability to monitor and manage all network security services from a single interface, as well as to automate tasks to improve security operations. The product is available for on-premises deployments or as a SaaS offering. Tracked as CVE-2021-20026 and featuring a CVSS score of 8.8, the…
Director of Cybersecurity at NSA Gets Dedicated Twitter Account
The account, @NSA_CSDirector, is currently being used by Joyce, but it will likely be passed on to future NSA cybersecurity directors, similar to the @POTUS Twitter account used by the president of the United States. Joyce has promised to share “insights and information about what we are up to.” His first tweet after announcing the…
Microsoft Confirms ‘PrintNightmare’ is New Windows Security Flaw
Microsoft’s confirmation of a new, unpatched Windows Print Spooler bug comes days after researchers noticed that published proof-of-concept code for a different vulnerability was reliably exploiting fully patched Windows machines. Microsoft’s own misdiagnosis of a Print Spooler flaw that was just patched in June this year also added to the confusion. In a pre-patch advisory…
