The fundraising software company Blackbaud agreed Thursday to pay $49.5 million to settle claims brought by the attorneys general of 49 states and Washington, D.C., related to a 2020 data breach that exposed sensitive information from 13,000 nonprofits. Health information, Social Security numbers and the financial information of donors or clients of the nonprofits, universities, […]
ESET researchers have uncovered a Lazarus attack against an aerospace company in Spain, where the group deployed several tools, most notably a publicly undocumented backdoor we named LightlessCan. Lazarus operators obtained initial access to the company’s network last year after a successful spearphishing campaign, masquerading as a recruiter for Meta – the company behind Facebook, […]
A spearphishing campaign targeting management teams associated with an Azerbaijanian company exploits the conflict between Azerbaijan and Armenia, using malware disguised as an infected memo to gather basic computer information from its targets.
Cloud detection and response company Gem Security today announced that it has raised a $23 million Series A round led by GGV Capital, with participation from IBM Ventures and Silicon Valley CISO Investments. It was only in February that Gem announced its $11 million seed round led by Team8, which also participated in this new […]
Multinational technology company Sony has allegedly been the victim of a data breach, with various hacking gangs attempting to take credit for the hack. The company has said it is investigating the claims made by multiple malicious groups which saw 3.14GB of data allegedly belonging to Sony posted on dark web hacking sites. Extortion group […]
Multinational technology company Sony has allegedly been the victim of a data breach, with various hacking gangs attempting to take credit for the hack. The company has said it is investigating the claims made by multiple malicious groups which saw 3.14GB of data allegedly belonging to Sony posted on dark web hacking sites. Extortion group […]
Stratascale, an SHI company, announced the acquisition of Vector0, an Attack Surface Management (ASM) provider. Through the acquisition, Stratascale professionals and their customers gain visibility of attack vectors and points of vulnerability, enhancing Stratascale’s ability to deliver proactive cybersecurity services. “Vector0 enables us to offer a comprehensive and proactive approach to Attack Surface Validation (ASV), […]
Telecommunications company T-Mobile has been accused of two data breaches – one caused by a “system glitch” that accidentally exposed the personal information of its customers and the other that allegedly exposed employee personal information. The data breach was recognized by customers on September 20, who noticed that, upon logging into the T-Mobile app, that […]
Legit Security, a cybersecurity company developing a platform to identify app vulnerabilities from code, has raised $40 million in a Series B funding round led by CRV with participation from Cyberstarts, Bessemer Venture Partners and TCV. Co-founder and CEO Roni Fuchs says that the funds, which bring Legit’s total raised to $77 million, will be […]