Month: October 2021

Network Security

Issued by: Security Week

Specifically, the company wants to acquire exploits that work against the Windows versions of the ExpressVPN, NordVPN and Surfshark applications. These VPN services have millions of users. Zerodium is looking for remote code execution, IP address leak, and other information disclosure exploits. It does not want to acquire local privilege escalation vulnerabilities. The company has…

Malware & Threats

Issued by: Security Week

Acer initially confirmed that some of its servers in India had been hacked after a group called Desorden claimed to have stolen more than 60 gigabytes of data from Acer India. The hackers claimed to have obtained information on millions of customers, login credentials used by thousands of retailers and distributors, and various corporate and…

Malware & Threats

Issued by: Security Week

The new capital, the company says, will help it accelerate the adoption of its marketplace, which allows security researchers to monetize their content to help others fend off cyberattacks. On the company’s Content-as-a-Service (CaaS) platform, security teams can find curated up-to-date Sigma-based threat detection content from roughly 400 researchers. More than 6,000 enterprises, governments and…

Network Security

Issued by: Security Week

The new funding round was led by Insight Partners. Mouro Capital, MS&AD Ventures, Canvas Ventures, Foundation Capital, and Coinbase board member Gokul Rajaram also participated. Skyflow says it wants to use the new investment to further grow its sales, marketing, and engineering teams. The company plans to hire 100 new employees by the end of…

Software Security

Issued by: Security Week

Designed to harvest real-time metrics from various endpoints, Prometheus enables organizations to keep a close eye on systems’ state, network usage, and the like. Close to 800 cloud-native platforms, including Slack and Uber, leverage the solution. In January 2021, Prometheus added support for Transport Layer Security (TLS) and basic authentication, to prevent access to the…

Application Security

Issued by: Security Week

First released in 1997, L0phtCrack can be used to test password strength and recover lost Windows passwords via dictionary, brute-force, and other types of attacks. L0phtCrack was originally developed by Peiter Zatko, also known as Mudge, of the L0pht hacker think tank. L0pth then merged with @stake, which was acquired by Symantec in 2004. It…

Application Security

Issued by: Security Week

The latest funding round was led by General Catalyst, with participation from Mayo Clinic, AVG Basecamp Fund, Accenture Ventures, Clocktower Technology Ventures, Dolby Family Ventures, Flyover Capital, KCRise Fund, NextGen Venture Partners, and Wavemaker Three-Sixty Health. The Kansas City, Missouri-based company provides a private data sharing solution designed to enable enterprises to collaborate with others…

Malware & Threats

Issued by: Security Week

The alert was issued by the FBI, CISA, the EPA and the NSA. The agencies are aware of attacks — launched by both known and unknown threat actors — against the IT and OT (operational technology) networks of water facilities. The agencies noted that while cyber threats are increasing across critical infrastructure sectors, the latest…