Data Protection Archives - Page 4 of 28

Attackers Hitting VMWare Horizon Servers With Log4j Exploits

Issued by: Security Week

The warning comes almost exactly one month after the first disclosure of a Log4j remote code execution vulnerability that threatens major damage on the internet and heightens the urgency for enterprise defenders to find and fix the issue. According to an advisory from NHS Digital, attackers are exploiting the critical vulnerability in the Apache Tomcat…

Recorded Future Acquires SecurityTrails in $65M Deal

Issued by: Security Week

With this transaction, Somerville, Mass.-based Recorded Future gets a direct entry into the competitive continuous Attack Surface Management (ASM) business and new technology to help organizations with real-time visibility into networks and servers exposed to malicious actors. The $65 million deal comes less than a year after Recorded Future announced an early-stage investment in SecurityTrails…

Application Security, Cloud Security, Vulnerabilities

VMware Plugs Security Holes in Workstation, Fusion and ESXi

Issued by: Security Week

Tracked as CVE-2021-22045 (CVSS score of 7.7), the security vulnerability exists in the CD-ROM device emulation function of Workstation, Fusion and ESXi. In an advisory, VMWare said the security defect could be exploited by attackers with access to a virtual machine that has CD-ROM device emulation enabled. An attacker capable of combining the security error…

Malware & Threats

Everything You Need To Know About Ransomware Attacks and Gangs In 2022

Issued by: Security Intelligence

Ransomware is a lucrative business for criminals. It is paying off, and it is working. According to a recent Trend Micro report, a staggering 84% of US organizations experienced either a phishing or ransomware attack in the last year. The average ransomware payment was over $500,000. Bad actors want to keep cashing in. So they’re…

Network Security, Software Security

Cybersecurity M&A Roundup for December 13-19, 2021

Issued by: Security Week

ClosingLock acquires SafeWire ClosingLock announced the acquisition of SafeWire. Both companies are based in the United States and they offer wire fraud prevention solutions for the real estate industry. DFIN acquires Guardum Risk and compliance solutions company Donnelley Financial Solutions (DFIN) has acquired Guardum, a data security and privacy firm that can help companies locate,…

Mobile Security

Citizen Lab Exposes Cytrox as Vendor Behind ‘Predator’ iPhone Spyware

Issued by: Security Week

Citizen Lab teamed up with the threat-intel team at Facebook parent company Meta to expose Cytrox alongside a handful of PSOAs (private sector offensive actors) in the murky surveillance-for-hire industry. In a detailed technical report published late Thursday, Citizen Lab said Cytrox is responsible for a piece of iPhone eavesdropping malware that was planted on…

Vulnerabilities

Microsoft Patches 67 Security Flaws, Including Zero-Day Exploited by Emotet

Issued by: Security Week

In the final Patch Tuesday release for 2021, the Redmond, Wash. software giant called special attention to CVE-2021-43890, a spoofing vulnerability in the Microsoft Windows AppX installer and warned that the bug is being exploited in the wild by the Emotet malware operation. “Microsoft is aware of attacks that attempt to exploit this vulnerability by…

Software Security

Hardware Security Firm Axiado Banks $25M Investment

Issued by: Security Week

The company is building a Trusted Control/Compute Unit (TCU) product that is being positioned as a new class of security processors that provide platform root-of-trust for large enterprise customers. Axiado, which employs approximately 40 in Silicon Valley, said the $25 million Series B investment brings the total raised to $40 million. The round was led…

Network Security

IoT Security: Are Personal Devices Dragging Your Work Network Down?

Issued by: Security Intelligence

How many connected devices have you added to your household since March 2020? Be sure to count fitness trackers, speakers, gaming machines and even your Tesla, if there’s one in your driveway. Were you one of the many people who waited months for a Peloton? Don’t overlook your new bike. Now add in all your…

Malware & Threats

6 Potential Long-Term Impacts of a Data Breach

Issued by: Security Intelligence

A data breach can destroy a business. For small- and medium-sized businesses (SMB), this is really especially concerning, as 60% will shut down within six months of the attack. While larger companies and agencies likely won’t have to shut their doors, they, too, suffer serious consequences. There are financial costs, which Ponemon Institute and IBM…