Bearer, a San Francisco-based company founded in 2018, has received a $4 million investment from Kima Ventures, Partech and Point Nine, bringing the total raised by the company to $8 million. The startup’s data security SaaS solution helps organizations identify technical and business logic flaws in code during the development cycle, and ensure data security…

The Cupertino device maker confirmed the active exploitation of CVE-2022-42827, warning in a barebones advisory that the flaw exposes iPhones and iPads to arbitrary code execution attacks. “An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited,” Apple said…

Founded in 2012, the New York-based company offers Data Embassy, a software platform that aims to protect data in use by applying pseudonymization and other techniques to transform the data into ‘Variant Twins’, representing non-identifiable but fully accurate assets. Courtesy of multi-level data privacy and security controls, the company says, Variant Twins can be used…

The vulnerability, which carries a CVSS severity score of 7.3/10, is documented as a debugging port misconfiguration that is opened by the Zoom client on macOS machines. Details from Zoom’s advisory: Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When…

The investment round was led by Accomplice, with participation from Joule Ventures, OurCrowd, Trust Ventures, Ulysses, and several angel investors. Founded in December 2021, the New York-based company provides a biometric security and privacy application for protecting digital accounts across banking, email, investing, and healthcare services. IronVest says its solution takes a decentralized approach to…

Issues with ECB are not unknown. In its Announcement of Proposal to Revise Special Publication 800-38A, NIST wrote, “The ECB mode encrypts plaintext blocks independently, without randomization; therefore, the inspection of any two ciphertext blocks reveals whether or not the corresponding plaintext blocks are equal… the use of ECB to encrypt confidential information constitutes a…

The new investment round was led by Third Point Ventures, with participation from Cloud Apps Capital, Felicis Ventures, Next47, Operator Collective, Sixty Degree Capital, and Thomson Reuters Ventures. Founded in 2018, the San Francisco-based firm provides a data privacy solution that creates an automated map of all business systems within an organization, to provide visibility…

On July 15, 2022, threat actors working on behalf of the government of Iran launched a destructive attack targeting the Albanian government’s websites and public services, taking them offline. The attack had less than 10% total impact on the customer environment. The campaign consisted of four different stages, with different actors responsible for every one…

The new investment round was led by Pelion Venture Partners, with existing investors Kleiner Perkins and Upfront Ventures also participating. Founded in 2019 by Crowdstrike and Microsoft alums, the Los Angeles-based company emerged from stealth in February 2020 to provide data security tools designed to prevent leaks, breaches, and compliance issues. Open Raven says its…