Security News > 2021

ThreatQuotient announced it has closed $22.5 million in new financing, including a combination of equity and debt financing. ThreatQuotient plans to leverage this financing to accelerate execution of new innovations currently in development.

Researchers on Tuesday revealed details of a new banking trojan targeting corporate users in Brazil at least since 2019 across various sectors such as engineering, healthcare, retail, manufacturing, finance, transportation, and government. "These pop-ups contain fake forms, aiming to trick the malware's victims into entering their banking credentials and personal information that the malware captures and exfiltrates to its servers," ESET researchers Facundo Muñoz and Matías Porolli said in a write-up.

The funding comes as Cyble graduates from Y Combinator, which accepted Cyble into its Winter 2021 cohort and provided pre-seed funding in January of this year. "As we continue to deliver what modern organizations need, the seed funding reaffirms our strategy and vision. It will enable Cyble to onboard resources and scale our SaaS platform, Cyble Vision, in lock step with our rapidly growing client base," says Manish Chachada, COO and Co-founder of Cyble.

The Dutch Data Protection Authority - the country's data protection regulator - has fined online travel and hotel booking company Booking.com almost half a million Euros over a data breach. The Dutch Data Protection Authority has imposed a €475,000 fine on Booking.com because the company took too long to report a data breach to the DPA. When the breach occurred, criminals obtained the personal data of over 4,000 customers.

Splunk announced the appointment of Teresa Carlson, an executive with more than 25 years of industry experience and expertise in leading complex business transformations for premier SaaS, data management and cloud businesses, to the newly created role of President and Chief Growth Officer, effective April 19, 2021. Reporting to Doug Merritt, President and CEO, Carlson will lead and work closely with Splunk's sales, customer success and marketing leaders to align and drive the Company's ongoing business transformations across Splunk's go-to-market business segments.

Windows XP reached its end of life on April 8th, 2014, and even though it no longer receives security updates, more people use XP than Windows Vista, according to StatCounter and BleepingComputer's website visitor stats. According to StatCounter, Windows XP is used by 0.84% of the people running Windows, doubling Windows Vista's current usag.

Cyber attackers are actively setting their sights on unsecured SAP applications in an attempt to steal information and sabotage critical processes, according to new research. "Observed exploitation could lead in many cases to full control of the unsecured SAP application, bypassing common security and compliance controls, and enabling attackers to steal sensitive information, perform financial fraud or disrupt mission-critical business processes by deploying ransomware or stopping operations," cybersecurity firm Onapsis and SAP said in a joint report published today.

SAP and security analysts Onapsis say cyber-criminals are pretty quick to analyze the enterprise software outfit's patches and develop exploits to get into vulnerable systems. In a joint report issued by the two organizations, Mariano Nunez, CEO of Onapsis, cited "Conclusive evidence that cyberattackers are actively targeting and exploiting unsecured SAP applications," and warned time was of the essence, reporting "SAP vulnerabilities being weaponized in less than 72 hours since the release of patches."

A critical security vulnerability in the VMware Carbon Black Cloud Workload appliance would allow privilege escalation and the ability to take over the administrative rights for the solution. The VMware Carbon Black Cloud Workload platform is designed to provide cybersecurity defense for virtual servers and workloads that are hosted on the VMware's vSphere platform.

Stolen videos captured by tens of thousands of security cameras at private properties throughout China are now for sale across social media, marketed as sex tapes. The stolen security video clips are packaged together and sold as "Home video packages" the Post reported.