In the SolarWinds incident, up to 18,000 companies could have received the malware injected into the SolarWinds software. Not all could have been affected. Many of these ‘victims’ did not install the infected version, and many others did so on servers with no internet connectivity. Of those companies that did receive the Nobelium Sunburst malware,…

Pwn2Own Miami 2022 is scheduled to take place on January 25-27, 2022, and it has four main target categories: control server, OPC UA server, data gateway, and human-machine interface (HMI). In the control server category, participants can earn up to $20,000 for hacking Iconics Genesis64 and Inductive Automation Ignition products. In the OPC UA category,…

Conducted in Tel Aviv, the researcher’s experiment showed just how easy an attacker could hack into home and enterprise networks, by simply walking around a city with the right equipment in hand. For his experiment, CyberArk’s Ido Hoorvitch used an AWUS036ACH ALFA Network card, which costs around $50, and provides both monitoring and packet injection…

A total of 15 cybersecurity-related acquisitions were announced October 11-24, 2021. Ampa acquires CSS Assure Legal and professional services company Ampa has acquired cybersecurity firm CSS Assure, which specializes in data protection and risk management. Both companies are based in the UK. The CSS Assure brand will remain. Cellebrite acquires Digital Intelligence Israel-based digital intelligence…

Specifically, the company wants to acquire exploits that work against the Windows versions of the ExpressVPN, NordVPN and Surfshark applications. These VPN services have millions of users. Zerodium is looking for remote code execution, IP address leak, and other information disclosure exploits. It does not want to acquire local privilege escalation vulnerabilities. The company has…

The new funding round was led by Insight Partners. Mouro Capital, MS&AD Ventures, Canvas Ventures, Foundation Capital, and Coinbase board member Gokul Rajaram also participated. Skyflow says it wants to use the new investment to further grow its sales, marketing, and engineering teams. The company plans to hire 100 new employees by the end of…

CYTRIO was founded by Vijay Basani (chief executive officer), Pankaj Parekh (chief privacy officer), and Darshan Joshi (chief technology officer), who collectively have 50 years of experience in data, privacy and security. Basani previously founded WebManage Technologies (acquired by NetApp), AppIQ (acquired by HP), and Cygilant. The company offers a solution that simplifies and automates…

Extended Detection and Response (XDR) is touted as the security solution for the increasingly complex modern IT ecosphere. The principle is to extend EDR threat hunting beyond the endpoint and across the entire infrastructure. Cybereason has announced a partnership with Google Chronicle – the latter to provide ecosphere data, and the former to provide the…

Duality Technologies says the funds will help it expand go-to-market operations, strengthen its position on the privacy-preserving segment and Privacy Enhancing Technologies (PETs), and to advance partnerships with technology vendors. The funding round was led by LG Technology Ventures. Existing investors Hearst Ventures, Intel Capital, and Team8, along with Euclidean Capital and NAventures, the corporate…