Funding raised by cybersecurity firms increased to $9.5 billion last year amid a decrease in funding volume, a new report from cybersecurity recruitment firm Pinpoint Search Group shows. The company tracked 304 funding rounds in 2024, 16% fewer compared to the 346 tracked during the previous year, but the raised amount went up 9% year-over-year, […]
The insider threat is a simple term for a mammoth and complex problem. It ranges from national security through theft of corporate intellectual property to malicious harm and accidental incompetence. Here we concentrate on the malicious insider threat. This involves foreign agents, legitimate but malcontent staff, criminally-bribed employees, and more. Just as these threats are […]
The federal government is rolling out a consumer labeling system designed to help Americans pick smart devices that are less vulnerable to hacking. Under the voluntary program, called the US Cyber Trust Mark Initiative, manufacturers can affix the label on their products if they meet federal cybersecurity standards. The types of devices that can seek […]
The US cybersecurity agency CISA on Tuesday warned that two recently disclosed vulnerabilities affecting the Mitel MiCollab enterprise collaboration platform have been exploited in attacks. The two security defects, tracked as CVE-2024-41713 and CVE-2024-55550, are described as path traversal issues that impact versions 9.8 SP1 FP2 (9.8.1.201) and earlier of Mitel MiCollab. CVE-2024-41713 (CVSS score […]
Google and Mozilla on Tuesday announced the release of fresh security updates that patch several high-severity vulnerabilities in their popular browsers. Google has released a Chrome 131 update that resolves four security defects, including a high-severity type confusion flaw in the V8 JavaScript engine reported by an external researcher. Tracked as CVE-2025-0291, the externally reported […]
Google on Monday announced the first set of Android security updates for 2025, which include patches for 36 vulnerabilities, including five critical-severity bugs in the System component. As usual, the update is divided into two parts, with the first arriving on devices as the 2025-01-01 security patch level and containing fixes for 24 vulnerabilities in […]
Software code analysis firm Veracode on Tuesday announced the acquisition of key assets from Phylum, an early stage startup in the software supply chain space. Financial terms of the transaction were not released. The Burlington, Mass.-based Veracode said the deal included certain Phylum assets, including its malicious package analysis, detection, and mitigation technology. Phylum, based in […]
Building on my previous column, I will dive into part deux, going deeper into the application of Generative AI and how we should think about safety and security as a risk management problem. Where do security, privacy and safety intersect? Well, sometimes they are combined into one general overarching function that tries to address everything, […]
Former NSA director Rob Joyce has joined venture capital firm DataTribe as a venture partner to help identify and grow early-stage startups focused on cybersecurity. DataTribe, which describes itself as a cyber startup foundry, said Joyce will be a venture partner tasked with finding entrepreneurs developing new and emerging technologies for cyber defense. Joyce, who […]
The U.S. Defense Department has added dozens of Chinese companies, including games and technology company Tencent, artificial intelligence firm SenseTime and the world’s biggest battery maker CATL, to a list of companies it says have ties to China’s military, prompting some to protest and say they will seek to have the decision reversed. In recent […]