Endpoint Security Archives - Page 5 of 10

SASE Provider Versa Networks Raises $86 Million

Issued by: Security Week

The funding round was led by Princeville Capital and RPS Ventures, with additional participation from existing investors, including Sequoia Capital. Based in San Jose, California, Versa Networks platform is available via both the cloud and on-premises, helping enterprises keep branches, teleworkers, and users securely connected to cloud applications and data centers. A software-only offering, Versa…

Application Security

Sevco Security Banks $15 Million Series A Funding

Issued by: Security Week

Sevco Security, based in Austin, Texas, has raised $15 million in Series A funding led by SYN Ventures. The company said .406 Ventures, Accomplice, Bill Wood Ventures and fama Ventures also joined as investors. In a statement, Sevco Security said its platform delivers two values to customers: continuous converged visibility of all assets across siloed…

Application Security

Google Rolling Out Security Update for Google Drive

Issued by: Security Week

With this update, the search advertising giant is adding a resource key to sharing links, which will impact access to the files for those users who haven’t yet viewed the files. “Once the update has been applied to a file, users who haven’t viewed the file before will have to use a URL containing the…

Application Security

Google Intros SLSA Framework to Enforce Supply Chain Integrity

Issued by: Security Week

The U.S. tech giant this week unveiled SLSA (Supply chain Levels for Software Artifacts), a new end-to-end framework the company hopes will drive the enforcement of standards and guidelines to ensuring the integrity of software artifacts throughout the software supply chain. The framework, released as part of the OpenSSF Foundation, is essentially a set of…

Mobile Security

Google Rolls out E2EE For Android Messages App

Issued by: Security Week

Google announced end-to-end encryption is now available in Android, but only for one-on-one conversations between users of the Messages app. “No matter who you’re messaging with, the information you share is personal. End-to-end encryption in Messages helps keep your conversations more secure while sending. It ensures that no one can read the content of your…

Network Security

Half-Double: Google Researchers Find New Rowhammer Attack Technique

Issued by: Security Week

Rowhammer attacks — first discussed in 2014 — involve repeatedly accessing a row of memory in an effort to cause bit flips in adjacent rows, which can be useful for by passing memory protections. A malicious actor could use Rowhammer to escalate privileges and for other purposes, and researchers have demonstrated over the past years…

Software Security

Diplomatic Entities Targeted with New ‘Moriya’ Windows Rootkit

Issued by: Security Week

Dubbed Moriya, the rootkit provides the threat actor with the ability to intercept network traffic and hide commands sent to the infected machines, thus allowing the attackers to stay hidden within the compromised networks for months. The rootkit is part of the toolkit used by TunnelSnake, an unknown actor that deploys backdoors onto public servers…

Malware & Threats

APT Group Using Voice Changing Software in Spear-Phishing Campaign

Issued by: Security Week

The Molerats hacking group, also tagged as Gaza Hackers Team, Gaza Cybergang, DustySky, Extreme Jackal, and Moonlight, has been active since at least 2012, mainly targeting entities in the Middle East, but also launching attacks against targets in Europe and the United States. Cado Security says that APT-C-23, believed to be part of Molerats, typically…

Vulnerabilities

VMware Patches Critical Flaw in Carbon Black Cloud Workload

Issued by: Security Week

Tracked as CVE-2021-21982 and featuring a CVSS score of 9.1, the recently addressed vulnerability resides in the administrative interface for the appliance and exists because attackers could bypass authentication through manipulation of a URL on the interface. “A malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance…