featured

Software Security

Issued by: CIO Security

Business planning SaaS (software-as-a-service) software maker Anaplan is being acquired by private equity firm Thoma Bravo for $10.7 billion. Founded in the UK and now based in San Francisco, Anaplan offers cloud-based finance and planning software and counts almost 2,000 customers worldwide, including Coca-Cola, Shell, Thomas Cook and VMware. The company went public in 2018,…

Network Security

Issued by: Security Week

The Austin, Texas-based Rumble on Monday announced it had banked a new $15 million in Series A financing from Decibel Partners and a laundry-list of boldface cybersecurity practitioners. Rumble, created by HD Moore (of Metasploit fame), sells technology to help defenders monitor exposed attack surfaces. The company said the new money will help accelerate go-to-market…

Network Security

Issued by: Security Week

SecurityWeek will host its 2022 Attack Surface Management Summit, Presented by Randori, as a fully immersive virtual event today. With the pandemic-induced digital transformation underway, security teams are turning to Attack Surface Management (ASM) tools to continuously discover, inventory, classify, prioritize, and monitor digital assets for signs of weaknesses. In this special virtual summit and…

Vulnerabilities

Issued by: Security Week

One of these is CVE-2022-24086, a critical-severity (CVSS score 9.8) vulnerability in Adobe Commerce and Magento. Described as an improper input validation bug, the security hole can be exploited to achieve remote code execution, without authentication. On Sunday, Adobe released an emergency advisory to warn that it had observed very limited attacks targeting CVE-2022-24086. The…

Malware & Threats

Issued by: Dark Reading

You might have the luxury of time when planning for a vacation, but cybersecurity teams do not have the time to hunt in the wrong haystack when responding to security incidents. Every second matters in the wake of an intrusion detection, as threat actors move quickly from the first breach point to various other points…

Application Security

Issued by: Dark Reading

Multifactor authentication (MFA) became mainstream in 2021. Google began pushing to make MFA its default for all users. The Biden administration even required all federal agencies and contractors to implement MFA in its Executive Order on Improving the Nation’s Cybersecurity. MFA adds in extra layers of verifying a user’s identity so that attackers cannot compromise…

Malware & Threats

Issued by: Security Week

For years, Russian advanced persistent threat (APT) actors have been observed launching various cyberattacks against Ukrainian targets, with some of these groups believed to be part of or under the direct supervision of Moscow’s secret service. Over the past months, at least two Russian state-sponsored groups have been observed launching cyberattacks against Ukraine, namely Gamaredon,…