Latest Cybersecurity News and Articles
31 January 2025
Broadcom has released security updates to patch five security flaws impacting VMware Aria Operations and Aria Operations for Logs, warning customers that attackers could exploit them to gain elevated access or obtain sensitive information.
The list of identified flaws, which impact versions 8.x of the software, is below -
CVE-2025-22218 (CVSS score: 8.5) - A malicious actor with View Only Admin
31 January 2025
Clutch Security has raised $20 million in a Series A funding round led by SignalFire to secure non-human identities.
The post Clutch Security Raises $20 Million for Non-Human Identity Protection Platform appeared first on SecurityWeek.
30 January 2025
What challenges will the new administration face and what might President Trump’s record on cybersecurity indicate about the likely approach in 2025 and beyond?
The post Trump Administration Faces Security Balancing Act in Borderless Cyber Landscape appeared first on SecurityWeek.
30 January 2025
The lawsuit said that the combination of businesses would eliminate competition, raise prices and reduce innovation.
The post Justice Department Sues to Block $14 Billion Juniper Buyout by Hewlett Packard Enterprise appeared first on SecurityWeek.
30 January 2025
VMWare calls attention to patches for multiple 'high-risk' security defects in its Aria Operations and Aria Operations for Logs products.
The post VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products appeared first on SecurityWeek.
30 January 2025
Backed by SYN Ventures, Conifers.ai plans to use “agentic AI” technology to tackle complex security operations center (SOC) problems.
The post Conifers.ai Scores $25M Investment for Agentic AI SOC Technology appeared first on SecurityWeek.
30 January 2025
Valence Security and Endor Labs have introduced extensions to their existing platforms specifically to tackle the invisibility and wrongful use of Shadow AI.
The post Taming Shadow AI: Valence Security, Endor Labs Unveil New Protections to Counter Hidden AI Threats appeared first on SecurityWeek.
30 January 2025
Backline has emerged from stealth mode with an autonomous security remediation platform and $9 million in seed funding.
The post Backline Emerges From Stealth With $9M in Funding for Vulnerability Remediation Platform appeared first on SecurityWeek.
30 January 2025
In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit -- a sprawling network tied to Chinese organized crime gangs and aptly named "Funnull" -- highlights a persistent whac-a-mole problem facing cloud services.
30 January 2025
Better risk management could lead to reduced premiums on top of value for money, making cyberinsurance a silent driver for improved cybersecurity.
The post Cyber Insights 2025: Cyberinsurance – The Debate Continues appeared first on SecurityWeek.
30 January 2025
Over 57 distinct threat actors with ties to China, Iran, North Korea, and Russia have been observed using artificial intelligence (AI) technology powered by Google to further enable their malicious cyber and information operations.
"Threat actors are experimenting with Gemini to enable their operations, finding productivity gains but not yet developing novel capabilities," Google Threat
30 January 2025
Seraphic Security banks $29 million investment as VCs remain bullish on startups with security-themed browsers for corporate defenders.
The post Seraphic Attracts $29M Investment to Chase Enterprise Browser Business appeared first on SecurityWeek.
30 January 2025
The New York State Department of Financial Services has declared that PayPal will pay $2M in a settlement.
30 January 2025
President Donald Trump has yet to name anyone to lead the U.S. Cybersecurity and Infrastructure Security.
The post US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration appeared first on SecurityWeek.
30 January 2025
An international law enforcement operation has dismantled the domains associated with various online platforms linked to cybercrime such as Cracked, Nulled, Sellix, and StarkRDP.
The effort has targeted the following domains -
www.cracked.io
www.nulled.to
www.mysellix.io
www.sellix.io
www.starkrdp.io
Visitors to these websites are now greeted by a seizure banner that says they were confiscated
30 January 2025
TeamViewer has released patches for a high-severity elevation of privilege vulnerability in its client and host applications for Windows.
The post TeamViewer Patches High-Severity Vulnerability in Windows Applications appeared first on SecurityWeek.
30 January 2025
Several cybercrime websites have been seized in a law enforcement operation, including Nulled, Cracked, Sellix, and StarkRDP.
The post Nulled, Other Cybercrime Websites Seized by Law Enforcement appeared first on SecurityWeek.
30 January 2025
Cybersecurity researchers have disclosed a critical security flaw in the Lightning AI Studio development platform that, if successfully exploited, could allow for remote code execution.
The vulnerability, rated a CVSS score of 9.4, enables "attackers to potentially execute arbitrary commands with root privileges" by exploiting a hidden URL parameter, application security firm Noma said in a
30 January 2025
Maryland healthcare provider Frederick Health has taken some of its systems offline in response to a ransomware attack.
The post Frederick Health Hit by Ransomware Attack appeared first on SecurityWeek.
30 January 2025
Law firm Berman & Rabin says 152,000 people are impacted by a data breach resulting from a July 2024 ransomware attack.
The post 152,000 Impacted by Data Breach at Berman & Rabin appeared first on SecurityWeek.