March 5, 2024 at 09:48AM Axonius, a leading player in attack surface management, secured $200 million in late-stage funding, bringing its total raised to $600 million. The Series E extension was led by existing investors and aimed to accelerate global expansion. The company provides a cybersecurity asset management product and has achieved $100 million in … Read more
March 5, 2024 at 09:48AM Investment firm Team8 raised $500 million, bringing its total assets to over $1 billion. It specializes in venture creation and venture capital, with a focus on cybersecurity and expanding into data, AI, fintech, and digital health. The new funds will be divided into three separate funds, supporting its unique venture … Read more
March 5, 2024 at 09:39AM North Korean APT group Kimsuky exploits ScreenConnect flaws CVE-2024-1708 and CVE-2024-1709 to spread new malware variant ToddlerShark. The group uses legitimate Microsoft binaries, registry modifications, and scheduled tasks for persistent access and data exfiltration. ToddlerShark, a polymorphic malware, exhibits evasion techniques, making detection and analysis challenging. Kroll plans to share … Read more
March 5, 2024 at 08:19AM Rapid7 accused JetBrains of silently patching two critical vulnerabilities in the TeamCity CI/CD server, despite Rapid7’s policy against such actions. JetBrains’ attempt to release patches before publicly disclosing was met with Rapid7’s refusal. JetBrains later released patches without informing researchers, leading to criticism from the infosec community. From the meeting … Read more
March 5, 2024 at 08:15AM Cybercriminals are conducting widespread attacks across the Middle East, Africa, and Asia using the new GhostLocker 2.0 ransomware. Affected organizations include technology companies, universities, manufacturing, transportation, and government organizations. The attackers demand payment for decryption keys and threaten to release stolen data if their demands are not met. Cisco Talos … Read more
March 5, 2024 at 07:06AM JetBrains has released patches for critical authentication bypass vulnerabilities in its TeamCity build management server. Tracked as CVE-2024-27198 and CVE-2024-27199, these flaws allow unauthenticated attackers to gain full control of the server, execute arbitrary code, and access sensitive information. A security fix is available in TeamCity version 2023.11.4. Customers are … Read more
March 5, 2024 at 06:45AM Startups and mid-market businesses heavily rely on cloud services, leading to a complex and distributed attack surface that’s challenging to monitor and secure. Exposure management in cybersecurity aims to provide visibility and prioritize vulnerabilities to reduce business risks. Intruder offers automated vulnerability management to discover and prioritize weaknesses across the … Read more
March 5, 2024 at 06:45AM Group-IB findings show over 225,000 compromised OpenAI ChatGPT credentials up for sale on underground markets. The credentials were linked to LummaC2, Raccoon, and RedLine malware, with a 36% increase in infiltrated hosts between June and October 2023. Nation-state actors are using AI and large language models for cyber attacks, posing … Read more
March 4, 2024 at 06:09PM TeamCity’s cloud versions are already patched against new critical vulnerabilities, but on-premises deployments require immediate patching, warns the vendor. The platform, used by major organizations including Citibank and Nike, manages the software development CI/CD pipeline. The vulnerabilities (CVE-2024-27198 and CVE-2024-27199) could enable threat actors to bypass authentication and gain admin … Read more
March 4, 2024 at 06:02PM A worm known as “Morris II” exploits generative AI (GenAI) apps to propagate malware, stealing information, spreading spam, and more. Israeli researchers demonstrated how adversarial self-replicating prompts can manipulate AI, infecting systems via email and images. This presents a new threat to AI security, similar to injection attacks in computing’s … Read more