The new division provides clients with an integrated offering that combines cyber insurance with vulnerability scanning, email and endpoint security, and backup and recovery services. Headed by Bill Meara, who joins the company from private equity giant Abry Partners, Acrisure Cyber Services expands on the company’s existing products, including insurance, reinsurance, asset management, and real…

The warning comes almost exactly one month after the first disclosure of a Log4j remote code execution vulnerability that threatens major damage on the internet and heightens the urgency for enterprise defenders to find and fix the issue. According to an advisory from NHS Digital, attackers are exploiting the critical vulnerability in the Apache Tomcat…

With this transaction, Somerville, Mass.-based Recorded Future gets a direct entry into the competitive continuous Attack Surface Management (ASM) business and new technology to help organizations with real-time visibility into networks and servers exposed to malicious actors. The $65 million deal comes less than a year after Recorded Future announced an early-stage investment in SecurityTrails…

Citizen Lab teamed up with the threat-intel team at Facebook parent company Meta to expose Cytrox alongside a handful of PSOAs (private sector offensive actors) in the murky surveillance-for-hire industry. In a detailed technical report published late Thursday, Citizen Lab said Cytrox is responsible for a piece of iPhone eavesdropping malware that was planted on…

Eighteen cybersecurity-related acquisitions were announced December 1-12, 2021. Acclaim Technical Services acquires Entegra Systems Acclaim Technical Services (ATS), which specializes in operational support, language, and technology services, has acquired cyber technology solutions provider Entegra Systems. Both companies are US-based government contractors, and the acquisition of Entegra, which provides services to defense and intelligence agencies, will…

The Taiwan-based company, which is well known for its NAS and professional network video recorder (NVR) solutions, on Tuesday urged users to take immediate action to keep their devices protected against the new threat. QNAP says it is currently investigating reports where attackers infect NAS appliances with a Bitcoin miner that can be identified by…

The number of cybersecurity-related mergers and acquisitions announced in the past months has remained constant, with 40 deals announced in November 2021. November 1-7 Appsian Security acquires Q Software ERP data security and compliance firm Appsian Security acquired Q Software, which specializes in security and compliance solutions for JD Edwards EnterpriseOne, JD Edwards World, and…

Tracked as CVE-2021-30892 and named “Shrootless” by Microsoft, the vulnerability exists in the method used to install Apple-signed packages with post-install scripts. To successfully exploit the vulnerability, an attacker needs to create a specially crafted file that would allow them to hijack the installation process of said packages. Apple introduced SIP in macOS Yosemite to…

Specifically, the company wants to acquire exploits that work against the Windows versions of the ExpressVPN, NordVPN and Surfshark applications. These VPN services have millions of users. Zerodium is looking for remote code execution, IP address leak, and other information disclosure exploits. It does not want to acquire local privilege escalation vulnerabilities. The company has…