network security

Network Security

Issued by: Security Week

The Austin, Texas-based Rumble on Monday announced it had banked a new $15 million in Series A financing from Decibel Partners and a laundry-list of boldface cybersecurity practitioners. Rumble, created by HD Moore (of Metasploit fame), sells technology to help defenders monitor exposed attack surfaces. The company said the new money will help accelerate go-to-market…

Cloud Security, Network Security

Issued by: Security Week

The Addison, TX-based company offers a SaaS-based, multi-tenant security analytics, operations and response platform that provides visibility and advanced detection and response. According to Securonix, the massive funding will allow it to make significant investments in talent acquisition across engineering, cloud operations, threats labs, and sales and marketing. “We solve a very tough problem that…

Malware & Threats

Issued by: Security Week

Edge computing is eminently practical in that it solves several important problems, many of which are related to the latency created when data must travel long distances. The edge offers significant functional and economic benefits, such as the emergence of a new breed of real-time applications. And the need for more edges has increased due…

Malware & Threats

Issued by: Security Week

Because of the vulnerability – which was addressed in November 2021 – an attacker only needed stolen credentials to access an organization’s Box account and steal sensitive data, provided that the account has SMS-based MFA enabled (which has long been proven insecure). Box, which claims that close to 100,000 companies use its platform, allows users…

Network Security

Issued by: Security Week

Of the newly patched security flaws, nine are rated high-severity while six carry a “medium-severity” rating. The most important of these issues is CVE-2022-22746, a race condition leading to the bypass of full-screen notification on Windows machines. Next in line is CVE-2022-22743, another fullscreen spoof, this time affecting the browser window. The bug could allow…

Software Security

Issued by: Security Week

“[The] community is defined by those who show up and do the work. Companies that build open source into their products rarely participate in their continued maintenance,” the ASF said in a position paper published ahead of a high-level White House meeting on open-source software security. “Only a tiny percentage of downstream companies (reusing the…

Malware & Threats

Issued by: Security Week

The warning comes almost exactly one month after the first disclosure of a Log4j remote code execution vulnerability that threatens major damage on the internet and heightens the urgency for enterprise defenders to find and fix the issue. According to an advisory from NHS Digital, attackers are exploiting the critical vulnerability in the Apache Tomcat…

Application Security, Cloud Security, Network Security

Issued by: Security Week

With this transaction, Somerville, Mass.-based Recorded Future gets a direct entry into the competitive continuous Attack Surface Management (ASM) business and new technology to help organizations with real-time visibility into networks and servers exposed to malicious actors. The $65 million deal comes less than a year after Recorded Future announced an early-stage investment in SecurityTrails…

Application Security, Cloud Security, Vulnerabilities

Issued by: Security Week

Tracked as CVE-2021-22045 (CVSS score of 7.7), the security vulnerability exists in the CD-ROM device emulation function of Workstation, Fusion and ESXi. In an advisory, VMWare said the security defect could be exploited by attackers with access to a virtual machine that has CD-ROM device emulation enabled. An attacker capable of combining the security error…

Cloud Security

Issued by: Security Week

Financial terms of the transaction were not released but reports out of Israel peg the price tag in the range of $500 million. Google plans to pair Siemplify’s SOAR technology with its own home-built Chronicle security analytics platform to “change the rules on how organizations hunt, detect, and respond to threats,” according to Sunil Potti,…