Amazon’s Shuttering of Alexa Ranking Service Hits Cybersecurity Industry
When accessing alexa.com, users are now greeted by an end of service notice that says the site was retired on May 1, 2022. Alexa was founded in 1996 and it was acquired by Amazon in 1999. Amazon announced its decision to retire the service in December 2021. The Alexa Top Sites and Web Information Service…
Zero Trust VPN Company Tailscale Raises $100 Million
The investment round was led by CRV and Insight Partners, with participation from existing investors Accel, Heavybit, Uncork Capital, and angel investors. Founded in 2019, the Toronto-based company offers a WireGuard-based private network connectivity solution with zero-config and end-to-end encryption, which integrates with services such as Google Workspace, Microsoft 365, Okta, Caddy Server, Syncthing, and…
Cybersecurity M&A Activity to Continue; Growth Funding to be More Conservative
Venture capital financing for cybersecurity firms was high throughout 2021, resulting in numerous new unicorns. Last year, and the first quarter of 2022, were also notable for the high number of cybersecurity mergers and acquisitions; and 2022 already looks set to be a new record year for M&A activity. According to Progress Partners’ Market Report:…
‘Hack DHS’ Participants Awarded $125,000 for Over 100 Vulnerabilities
The Hack DHS program was announced in December 2021 and it was launched several years after lawmakers passed a bill to create such a program. In the first phase of Hack DHS, vetted cybersecurity researchers were invited to find vulnerabilities in specific DHS systems. According to the DHS, more than 450 white hat hackers took…
Motorola Launches Cyber Threat Information Sharing Hub for Public Safety
Motorola described the Public Safety Threat Alliance (PSTA) as an information sharing and analysis organization (ISAO) and noted that it’s recognized by the US Cybersecurity and Infrastructure Security Agency (CISA), which serves as its National Coordinator for Critical Infrastructure Security and Resilience. The PSTA is open to all public safety agencies. Its role is to…
Many Industrial Firms Say Cybersecurity Systems Cause Problems to Operations
Kaspersky reported recently that it only saw a small increase in the percentage of industrial control system (ICS) computers targeted in 2021, compared to the previous year. However, of the more than 300 respondents who took part in the latest survey, half reported seeing an increase in security incidents affecting ICS or other operational technology…
Hackuity Emerges From Stealth With $13 Million in Funding
The Series A funding round was led by Sonae IM and received participation from previous investor Caisse des Dépôts. To date, the company has raised $17.2 million. Founded in 2018, the Lyon, France-based Hackuity is focused on helping cybersecurity teams identify, prioritize, and resolve vulnerabilities before threat actors start exploiting them. The company’s approach to…
HelpSystems to Acquire MDR Services Firm Alert Logic
Terms of the agreement were not disclosed The company’s MDR solution augments customers’ existing cybersecurity resources to protect on-premise, cloud, SaaS, and hybrid environments, and meet regulatory requirements, including PCI DSS, HIPAA HITECH, GDPR, Sarbanes-Oxley (SOX), SOC 2, NIST 800-171 and 800-53, ISO 27001, COBIT, and more. Houston, Texas-based Alert Logic, which claims more than…
Shadowserver Starts Conducting Daily Scans to Help Secure ICS
The nonprofit cybersecurity organization is scanning the web for exposed services that use the Modbus industrial communications protocol on TCP port 502, but Shadowserver’s Piotr Kijewski told SecurityWeek that they plan on introducing many other ICS and operational technology (OT) protocol scans in the near future. Shadowserver has been working with national cybersecurity agencies, law…
CISA Urges Organizations to Patch Recent Chrome, Magento Zero-Days
One of these is CVE-2022-24086, a critical-severity (CVSS score 9.8) vulnerability in Adobe Commerce and Magento. Described as an improper input validation bug, the security hole can be exploited to achieve remote code execution, without authentication. On Sunday, Adobe released an emergency advisory to warn that it had observed very limited attacks targeting CVE-2022-24086. The…
