March 26, 2024 at 11:00AM Bedrock Security, a Silicon Valley startup, has received $10 million in seed-stage funding led by Greylock Partners. The company is developing technology to help companies manage risks associated with cloud and generative-AI products. Their focus is on discovering, managing, and protecting sensitive data using AI Reasoning (AIR) Engine to understand … Read more
March 25, 2024 at 03:00PM Leen Security secures $2.8 million pre-seed funding from 11.2 Capital, Inner Loop Capital, and Preface Ventures. The company aims to streamline cybersecurity by developing a unified data API to address the chaos caused by the use of numerous security tools and vendors. Leen aspires to be the central hub for … Read more
March 25, 2024 at 02:28PM CISA and FBI advised technology manufacturing executives to conduct formal software reviews and implement mitigations to eliminate SQL injection (SQLi) vulnerabilities. SQL injection attacks enable unauthorized access to sensitive data and can lead to data breaches and system takeover. They recommend using parameterized queries with prepared statements as a secure … Read more
March 25, 2024 at 05:33AM The Library of Alexandria is often misunderstood as being burned down by barbarians, but it actually suffered from political and resource-related challenges. Similarly, the recent Rhysida ransomware attack on the British Library highlights the critical importance of effective IT management and the potential consequences of failure to do so. The … Read more
March 22, 2024 at 11:06AM A new side-channel vulnerability, GoFetch, has been discovered in Apple Silicon processors, allowing malicious apps to extract cryptographic keys by exploiting the DMP feature. The vulnerability affects Apple M1, M2, and M3 chips, as well as Intel’s 13th Gen Raptor Lake microarchitecture. Disabling DMP may degrade performance, and third-party cryptographic … Read more
March 21, 2024 at 07:42AM In today’s digital-first business environment, organizations increasingly rely on third-party vendors for cloud services. Nudge Security offers security profiles for over 97,000 SaaS apps, aiding in vendor risk management by accelerating security reviews, providing app directories for employees, expediting evaluations, and offering breach alerts. Nudge Security’s flexible model aims to … Read more
March 20, 2024 at 10:41AM Robert Purbeck, a cyberattacker and extortionist of a medical center, pleaded guilty to federal computer fraud and abuse charges in the US. Using aliases “Lifelock” and “Studmaster,” he stole personal data from over 132,000 people and targeted 18 organizations, including medical clinics, for ransom. He is due to pay $1 … Read more
March 20, 2024 at 07:30AM Join industry experts Elad Schulman and Nir Chervoni in a webinar discussing the opportunities and risks of Generative AI. Learn about its transformative potential, security challenges, and effective strategies for securing GenAI applications. This session is essential for IT professionals, security experts, and business leaders navigating the complexities of Generative … Read more
March 19, 2024 at 09:48PM An Australian IT contractor has been sentenced to 30 months in jail for defrauding the National Maritime Museum of over AU$66,000. Using his role as an IT support worker, he illegally accessed the museum’s accounts payable system, making purchases and changing bank account details to his own. The case was … Read more
March 19, 2024 at 09:57AM BigID, a data security provider, raised $60 million in a growth funding round, totaling $320 million and surpassing a $1 billion valuation. The funding, led by Riverwood Capital, aims to enhance organic and inorganic growth. BigID offers various solutions such as data discovery, security management, and privacy for enterprises. Additionally, … Read more