Microsoft on Thursday announced significantly disrupting the ONNX phishing service and made public the name of an Egyptian man who allegedly runs it.  According to the tech giant, an individual named Abanoub Nady (aka MRxC0DER) has developed and sold phishing kits under the ONNX brand.  Nady was previously unmasked by dark web monitoring platform Dark […]

Generative AI security startup Prompt Security on Wednesday announced raising $18 million in Series A funding, which brings the total raised by the company to $23 million. The new funding round was led by Jump Capital, with additional support from Hetz Ventures, Ridge Ventures, Okta, and F5. The Tel Aviv, Israel-based firm emerged from stealth […]

A Thai court on Thursday threw out a lawsuit brought by a pro-democracy activist which alleged spyware produced by an Israeli tech firm had been used to hack his phone. The Civil Court in Bangkok said Jatupat Boonpattararaksa had failed to show sufficient proof that his phone was infected with Pegasus spyware produced by NSO […]

Trustero, a provider of AI-powered security and compliance solutions, announced the close of a $10.35 million Series A funding round on Thursday. Founded in 2020, Trustero’s Compliance-as-a-Service (CaaS) platform can streamline audits and leverage artificial intelligence to help organizations establish and manage regulatory compliance, including vulnerability assessment and security risk analysis. The company emerged from […]

The number of internet-exposed Palo Alto Networks firewalls has been dropping, but roughly 2,000 devices have already been compromised, according to the Shadowserver Foundation. Palo Alto Networks learned about a potential PAN-OS zero-day in early November and confirmed in-the-wild exploitation of a new vulnerability on November 15. On November 18, the security firm announced the […]

Hotshot cloud security vendor Wiz on Thursday announced a deal to acquire Dazz, adding an AI-powered cloud security remediation engine to its suite of enterprise products. Financial terms of the deal were not released but industry sources confirm the price tag is in the range of $450 million. Dazz, based in Israel, raised about $110 […]

Microsoft used the spotlight of its Ignite conference this week to introduce a new Quick Machine Recovery tool to help organizations remotely rebuild computer systems after major crises like the CrowdStrike outage earlier this year. The software maker said the feature will enable IT administrators to execute “targeted fixes” from Windows Update, even when machines […]

The owner of the RSA Conference wants to buy a slice of every cybersecurity startup that makes it to the final of its annual Innovation Sandbox event. The conference, which is owned by Crosspoint Capital Partners, on Thursday announced it will make a $5 million investment a prerequisite for each of the 10 finalists at […]

The MITRE Corporation has updated its Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses list, which reflects the latest trends in the cyber threat landscape. The list provides information on the most common and impactful weaknesses that threat actors exploit in attacks to take over systems, steal sensitive information, and cause disruptions. Cross-site […]

Worldwide there are more than 145,000 internet-exposed industrial control systems (ICS), according to internet intelligence platform provider Censys.  The company’s latest ‘State of the Internet’ report also reveals that the devices are spread out across 175 countries, with 38% of them located in North America, 35% in Europe and 22% in Asia.  In the United […]