Code security company Contrast Security this week announced that it has closed $150 million Series E funding round at a billion-dollar valuation, making the company the latest cybersecurity unicorn. The company offers a platform that helps developers create more secure applications by discovering vulnerabilities in code, detecting what libraries are being used, and goes as ..
Tag : NEWS&INDUSTRY
Cybersecurity vendor Palo Alto Networks is calling urgent attention to a remote code execution vulnerability in its GlobalProtect portal and gateway interfaces, warning that it’s easy to launch network-based exploits with root privileges. The Santa Clara, Calif.-based Palo Alto Networks said the security defect can be exploited to allow an unauthenticated network-based attacker to disrupt ..
VMware announced on Wednesday that it’s working on patches for a potentially serious privilege escalation vulnerability affecting vCenter Server. The vulnerability is tracked as CVE-2021-22048 and it has been assigned an “important” severity rating, which is equivalent to “high severity” based on its CVSS score of 7.1. “The vCenter Server contains a privilege escalation vulnerability ..
A major security vulnerability in the WP Reset PRO WordPress plugin could be exploited by an authenticated user to wipe the entire database of a website, according to a warning from researchers at Packstack (formerly WebARX). The issue can be exploited by any authenticated user, regardless of their authorization, to wipe all tables in a ..
More than 1,000 mobile phone users in South Korea have been targeted with a powerful piece of Android spyware as part of an ongoing campaign, according to a new report from Zimperium zLabs. Dubbed PhoneSpy, the malware was designed with extensive spyware capabilities inside, such including data theft, audio and video capture, and location monitoring. ..
Today at Black Hat London, Zero Networks announced the release of its RPC firewall – also dubbed the ‘ransomware kill switch’ – into open source. The tool provides granular control over RPC, capable of blocking the use of lateral movement hacker tools and stopping almost all ransomware in its tracks. Microsoft’s Remote Procedure Call (MS-RPCE) ..
Citrix this week released patches for a couple of vulnerabilities affecting Citrix ADC, Gateway, and SD-WAN, including a critical bug leading to denial of service (DoS). The most severe of the two bugs is CVE-2021-22955, a critical security hole that could lead to a DoS condition on appliances that have been configured as a VPN ..
A report published on Wednesday by the Ponemon Institute and industrial cybersecurity firm Dragos shows that the average cost of a security incident impacting industrial control systems (ICS) or other operational technology (OT) systems is roughly $3 million, and some companies reported costs of over $100 million. The report is based on data from a ..
Digital identity verification provider Socure on Tuesday announced that it has closed a $450 million Series E funding round, at a $4.5 billion valuation. To date, the company has raised nearly $650 million. The new funding round was announced roughly half a year after Socure closed a $100 million Series D round, at a $1.3 ..
Identity sprawl in the age of remote working and business transformation is a threat to cybersecurity The identity sprawl generated by remote working and business digitization is out of control. This is the clear message from a global survey of more than 1,000 IT professionals. The survey was undertaken by Dimensional Research for One Identity, ..