Security News > 2021 > March

Axonius announced it has raised $100 million in Series D funding, led by Stripes, a leading New York-based growth equity firm, as well as participation from existing investors Bessemer Venture Partners, OpenView, Lightspeed, and Vertex. "With its commitment to solving a fundamental challenge with a simple, powerful platform that collects and correlates data from hundreds of products its customers already use, Axonius has built one of the most beloved products in security."

An artificial intelligence commission led by former Google CEO Eric Schmidt is urging the U.S. to boost its AI skills to counter China, including by pursuing "AI-enabled" weapons - something that Google itself has shied away from on ethical grounds. "We have to develop technology that preserves our Western values, but we have to be prepared for a world in which not everyone is doing that," said Andrew Moore, a commissioner and the head of Google Cloud AI. The group has the ear of top lawmakers from both parties, but has attracted criticism for including many members who work for tech companies with big government contracts, and who thus have a lot at stake in federal rules on emerging technology.

Trulioo announced the appointment of Hal Lonas as its chief technology officer. Lonas joins Trulioo's senior leadership team to help accelerate the company's next stage of growth and innovation.

GyanSys has hired Anand Aboti as the company's first Chief Business Officer. Aboti will be responsible for driving global business growth, expanding referenceable customer success, and strengthening alliances with strategic partners including SAP, Salesforce, and Microsoft.

Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal. Voisin found the two working Linux and Windows exploits on the online VirusTotal malware analysis platform.

In its' Mobile Malware Evolution 2020, Kaspersky documents the current mobile threat landscape and identifies 2021 mobile security trends. "We saw a decrease in the number of attacks in the first half of the year, which can be attributed to the confusion of the first months of the pandemic," wrote Victor Chebyshev, a mobile security researcher at Kaspersky and author of the report.

A Dutch e-Ticketing platform has suffered a data breach after a user database containing 1.9 million unique email addresses was stolen from an unsecured staging server. Ticketcounter has confirmed the data breach to both BleepingComputer and Troy Hunt of Have I Been Pwned, who spoke to the company's owner after receiving the database.

The CEO of Gab, a social network favored by the US political right, said the platform had been attacked by "Demon hackers" after an activist group released user data described as an important resource for research on the far right. The activist group called DDoSecrets Collective released the data over the weekend to Wired magazine, claiming it offered "a record of the culture" related to the violent siege of the US Capitol on January 6.

The Gootloader malware loader, previously used for distributing the Gootkit malware family, has undergone what researchers call a "Renaissance" when it comes to payload delivery. New research released this week paints Gootloader as an increasingly sophisticated loader framework, which has now expanded the number of payloads its delivers beyond Gootkit, to include the Kronos trojan and the Cobalt Strike commodity malware.

Security researchers at Recorded Future have spotted a suspected Chinese APT actor targeting a wide range of critical infrastructure targets in India, including power plants, electricity distribution centers and Indian seaports. Despite these overlaps with known APT actors, Recorded Future said it will contrinue to track the group as a distinct actor because there isn't enough evidence to firmly attribute the activity to a singular group.