The AI-powered cybersecurity vendor is aiming for a 2025 IPO after achieving a $5.1 billion valuation, Abnormal Security CEO Evan Reiser tells CRN. Abnormal Security plans to use its newly announced funding infusion of $250 million to advance its cybersecurity platform powered by behavioral AI technologies and work toward going public late next year, Co-founder…
Read More
Aug 06, 2024The Hacker NewsSaaS Security / Threat Detection Everyone loves the double-agent plot twist in a spy movie, but it’s a different story when it comes to securing company data. Whether intentional or unintentional, insider threats are a legitimate concern. According to CSA research, 26% of companies who reported a SaaS security incident were…
Read More
Aug 06, 2024Ravie LakshmananMalware / Windows Security The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package registry with the aim of infecting Windows systems, underscoring the persistent nature of their campaigns. The packages in question, harthat-api and harthat-hash, were published on July 7, 2024,…
Read More
A massive cyberattack targeting Mobile Guardian, a UK-based mobile device management (MDM) firm, has caused widespread disruption to schools and businesses worldwide, including North America, Europe, and Singapore. The incident has resulted in the loss of data and remote wiping of iOS and ChromeOS devices for thousands of users. Mobile Guardian has acknowledged the global…
Read MoreA Better Investigatory Board for Cyber Incidents When an airplane crashes, impartial investigatory bodies leap into action, empowered by law to unearth what happened and why. But there is no such empowered and impartial body to investigate CrowdStrike’s faulty update that recently unfolded, ensnarling banks, airlines, and emergency services to the tune of billions of…
Read More
Aug 06, 2024Ravie LakshmananAndroid / Malware Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control (C2) communications as a way to avoid…
Read More
In the world of cybersecurity, as everywhere else, AI and generative AI are top of mind. Malicious actors are using AI and genAI to create more insidious malware, more convincing phishing emails, and more realistic deepfakes. At the same time, vendors are fighting back by incorporating AI capabilities into their cybersecurity tools. The goal is…
Read More
Ransomware Response: Best Practices for Businesses Becoming the target of a ransomware attack is something no organization likes to think about, but it’s increasing likely for many firms. According to Statista, almost three-quarters of businesses (72.7 percent) were affected by ransomware last year. This means it’s essential for every company to make a ransomware response…
Read More
Aug 06, 2024Ravie LakshmananMobile Security / Vulnerability Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel. “There are indications that CVE-2024-36971 may be under limited, targeted…
Read More
Aug 06, 2024Ravie LakshmananEnterprise Security / Vulnerability A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve remote code execution on affected instances. Tracked as CVE-2024-38856, the flaw has a CVSS score of 9.8 out of a…
Read More