The Series B funding was led by Critical Ventures and SineWave Venture Partners, with other key investors joining in to support RunSafe’s mission to protect critical systems from global threats.
Approximately nine percent of tested firmware images use non-production cryptographic keys that are publicly known, making Secure Boot devices vulnerable to UEFI bootkit malware attacks.
Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant’s threat intelligence team is tracking the activity under the name Vanilla Tempest (formerly DEV-0832). “Vanilla Tempest receives hand-offs from GootLoader infections by […]
GitLab has released a critical security patch for the CVE-2024-45409 vulnerability (CVSS 10). It impacts both GitLab Community Edition (CE) and Enterprise Edition (EE) and originates from the Ruby-SAML library used for SAML authentication.
Security researcher Sina Kheirkhah has published a PoC exploit for CVE-2024-40711 in Veeam Backup & Replication, a critical vulnerability with a CVSS score of 9.8. The flaw allows unauthenticated RCE, posing a threat to enterprise environments.
Ransomware groups such as BianLian and Rhysida are now exploiting Microsoft Azure tools like Storage Explorer and AzCopy to steal data from compromised networks and store it in Azure Blob storage.
GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user within the vulnerable system. It was addressed […]