Information Security

Security Validation Firm Picus Security Raises $45 Million https://www.securityweek.com/security-validation-firm-picus-security-raises-45-million/ Attack simulation firm has raised $45 million in growth funding, bringing the total amount raised to $80 million. The post Security Validation Firm Picus Security Raises $45 Million (https://www.securityweek.com/security-validation-firm-picus-security-raises-45-million/) appeared first on SecurityWeek (https://www.securityweek.com/).

Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd https://www.securityweek.com/atlassian-patches-vulnerabilities-in-bamboo-bitbucket-confluence-crowd/ Atlassian’s September 2024 monthly security bulletin details multiple high-severity vulnerabilities in four products. The post Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd (https://www.securityweek.com/atlassian-patches-vulnerabilities-in-bamboo-bitbucket-confluence-crowd/) appeared first on SecurityWeek (https://www.securityweek.com/).

Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate https://www.securityweek.com/microsoft-us-healthcare-sector-targeted-by-inc-ransomware-affiliate/ Microsoft has observed the threat actor Vanilla Tempest targeting US healthcare organizations with INC ransomware. The post Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate (https://www.securityweek.com/microsoft-us-healthcare-sector-targeted-by-inc-ransomware-affiliate/) appeared first on SecurityWeek (https://www.securityweek.com/).

Hackers Demand $6 Million for Files Stolen From Seattle Airport Operator in Cyberattack https://www.securityweek.com/hackers-demand-6-million-for-files-stolen-from-seattle-airport-operator-in-cyberattack/ The Port of Seattle, which owns and runs the airport, has decided not to pay, the official said. The post Hackers Demand $6 Million for Files Stolen From Seattle Airport Operator in Cyberattack (https://www.securityweek.com/hackers-demand-6-million-for-files-stolen-from-seattle-airport-operator-in-cyberattack/) appeared first on SecurityWeek (https://www.securityweek.com/).

Cybersecurity Awareness: Reflecting on 20 Years of Defense Evolution and Preparing for Future Threats https://www.securityweek.com/cybersecurity-awareness-reflecting-on-20-years-of-defense-evolution-and-preparing-for-future-threats/ Threats have become more complex as the threat surface has expanded and it is now about the evolution of protecting a business and its ecosystem. The post Cybersecurity Awareness: Reflecting on 20 Years of Defense Evolution and Preparing for Future Threats (https://www.securityweek.com/cybersecurity-awareness-reflecting-on-20-years-of-defense-evolution-and-preparing-for-future-threats/) appeared first on SecurityWeek (https://www.securityweek.com/).

US Disrupts ‘Raptor Train’ Botnet of Chinese APT Flax Typhoon https://www.securityweek.com/us-disrupts-raptor-train-botnet-of-chinese-apt-flax-typhoon/ The US government has announced the disruption of Raptor Train, a Flax Typhoon botnet powered by hacked consumer devices. The post US Disrupts ‘Raptor Train’ Botnet of Chinese APT Flax Typhoon (https://www.securityweek.com/us-disrupts-raptor-train-botnet-of-chinese-apt-flax-typhoon/) appeared first on SecurityWeek (https://www.securityweek.com/).

GitLab Patches Critical Authentication Bypass Vulnerability https://www.securityweek.com/gitlab-patches-critical-authentication-bypass-vulnerability/ GitLab has patched a critical-severity SAML authentication bypass affecting both Community Edition (CE) and Enterprise Edition (EE) instances. The post GitLab Patches Critical Authentication Bypass Vulnerability (https://www.securityweek.com/gitlab-patches-critical-authentication-bypass-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).

CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities https://www.securityweek.com/cisa-fbi-urge-organizations-to-eliminate-xss-vulnerabilities/ CISA and the FBI have released an alert on XSS vulnerabilities, urging organizations to adopt a secure by design approach and eliminate them. The post CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities (https://www.securityweek.com/cisa-fbi-urge-organizations-to-eliminate-xss-vulnerabilities/) appeared first on SecurityWeek (https://www.securityweek.com/).

Chrome 129 Patches High-Severity Vulnerability in V8 Engine https://www.securityweek.com/chrome-129-patches-high-severity-vulnerability-in-v8-engine/ Google has released Chrome 129 with patches for nine vulnerabilities, including a high-severity bug in the V8 engine. The post Chrome 129 Patches High-Severity Vulnerability in V8 Engine (https://www.securityweek.com/chrome-129-patches-high-severity-vulnerability-in-v8-engine/) appeared first on SecurityWeek (https://www.securityweek.com/).

AT&T to Pay $13 Million in Settlement Over 2023 Data Breach https://www.securityweek.com/att-to-pay-13-million-in-settlement-over-2023-data-breach/ AT&T has agreed to pay $13 million in a settlement with the FCC over a 2023 data breach at a third-party vendor’s cloud environment. The post AT&T to Pay $13 Million in Settlement Over 2023 Data Breach (https://www.securityweek.com/att-to-pay-13-million-in-settlement-over-2023-data-breach/) appeared first on SecurityWeek (https://www.securityweek.com/).