Minnesota-based IT management and software powerhouse HelpSystems expanded its year-long cybersecurity shopping spree with a new deal to acquire data loss prevention specialists Digital Guardian. Financial terms of the acquisition were not released. Digital Guardian is a late-stage Massachusetts-based startup that raised $173 million over multiple venture capital funding rounds. The company has gained ..
Tag : Audits
The Microsoft Patch Tuesday freight train for October rolled in with fixes for at least 71 security defects in Windows products and components and an urgent warning about a newly discovered zero-day cyberespionage campaign. The Redmond, Wash. software maker confirmed in-the-wild exploitation of one of the patched bugs — CVE-2021-40449 — in an exploit chain ..
At SecurityWeek’s 2021 CISO Forum, a high-powered panel of experts discussed specific ways an SBOM can improve supply chain security and where expectations may be overblown. The conversation covers edge cases that are turning out to be more troublesome than anticipated and what might come next after SBOM and where there are opportunities for innovation (e.g., new ..
Mondoo, a startup that provides security tools for DevOps teams, has raised $15 million in funding ($12 million in a new Series A round, and $3 million from a previously undisclosed seed round). The Series A funding round was Led by Atomico with participation from a range of high-profile private investors. Mondoo says it will ..
Endpoint security platform Kolide on Thursday announced that it has raised $17 million in Series B funding, for a total of $27 million raised to date. The funding round was led by Boston-based venture capital OpenView Partners. Matrix Partners, who led Kolide’s Series A, also invested in the new round. Kolide sells a Security-as-a-Service (SaaS) ..
Cisco this week released patches for multiple high-severity vulnerabilities in the IOS XR software and warned that attackers could exploit these bugs to reboot devices, elevate privileges, or overwrite and read arbitrary files. The most severe of these issues is CVE-2021-34720 (CVSS score 8.6), a bug that could be exploited remotely without authentication to exhaust ..
GitHub has published documentation on seven vulnerabilities in the Node.js packages and warned that exploitation could expose users to code execution attacks. “These vulnerabilities may result in arbitrary code execution due to file overwrite and creation when tar is used to extract untrusted tar files or when the npm CLI is used to install untrusted ..
The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) this week announced they are seeking public feedback on draft zero-trust strategic and technical documentation. The OMB has drafted a federal strategy to transition the U.S. government towards a zero-trust architecture and is now seeking public feedback to ..
Exabeam, a late-stage startup in the data analytics and SIEM space, has landed a new $200 million funding round that values the company at $2.4 billion. The announcement of Exabeam’s latest Series F funding, described as a “growth round,” coincides with news that co-founder and CEO Nir Polak will be replaced by former ForeScout chief ..
A group of online privacy activists said Monday it is taking action against hundreds of websites over their use of pop-up banners asking users to consent to “cookies”, the files that track users’ activity. The Vienna-based NOYB group (an acronym of “none of your business”) said it would be presenting more than 500 draft complaints ..