Microsoft Corp. President Brad Smith said before a House Committee on Homeland Security hearing today that the company acknowledges its past security shortcomings and detailed new initiatives to bolster defenses. The testimony came as a former employee claimed that Microsoft ignored his warnings about vulnerabilities in Active Directory, which ultimately led to the hack of ...

A new report out today from artificial intelligence-powered security engineering startup CardinalOps Ltd. has found that enterprise security information and event management tools are falling short in detecting cyberthreats. The report, based on the analysis of 3,000 detection rules and 1.2 million log sources from major SIEMs, including Splunk Inc., Microsoft Sentinel, IBM QRadar and ...

A new report released today by the Threat Hunter Team at Symantec warns that attackers linked to the Black Basta ransomware gang may be exploiting a recently patched Windows privilege escalation vulnerability. The vulnerability, designated CVE-2024-26169, is found in the Windows Error Reporting Service and if exploited, can permit attackers to elevate their privileges. The vulnerability was ...

Life360 Inc., the company that owns the Tile location tracking company, has disclosed that it has recently become a victim of a “criminal extortion attempt” relating to stolen data. Similarly to Apple Inc. and its AirTag, Tile produces small Bluetooth-enabled devices that help users locate and track items such as keys, wallets and bags. The ...

Terraform Labs Pte. Ltd. and its co-founder, Do Kwon, have agreed to pay $4.47 billion to settle a lawsuit brought against them by the U.S. Securities and Exchange Commission following the collapse of its TerraUSD and Luna token in 2022. The details of the settlement were listed in a court filing, which states that Terraform ...

The Rust Foundation, which supports the development of the popular open-source Rust programming language, joined with several prominent organizations today to launch of the Safety-Critical Rust Consortium, a new organization that aims to promote the responsible use of Rust in safety-critical software. Along with the Rust Foundation, the Rust Consortium’s founding members include Ada Core Technologies ...

A new report released today by phishing detection and response solutions company Cofense Inc. is warning that a remote access trojan first detected in 2020 is currently running wild and being increasingly used in phishing malware campaigns. The RAT in question is called STR RAT and is mostly delivered directly via email as opposed to an embedded ...

Secure computation platform startup Pyte announced today that it has raised $5 million in new funding to commercialize its technology in new industries, with a primary focus on highly regulated sectors such as financial services and healthcare. Founded in 2020, Pyte offers security data collaboration solutions that allow organizations to collaborate on sensitive data while ...

Multicloud networking sofware company Prosimo Inc. today announced a new integration with Palo Alto Networks Inc. to bring zero trust to application workloads and multicloud environments. The partnership sees Prosimo’s Full Stack Cloud Transit platform now integrating with Palo Alto’s VM-Series Virtual Next-Generation Firewall, allowing enterprises to deploy security as close as possible to the ...

BlackBerry Ltd.-owned cybersecurity company Cylance has suffered a data breach, with the stolen data appearing for sale on the infamous hacking forum BreachForums. First reported June 7 by Dark Web Informer on X Inc., the data is listed for sale by well-known BreachForums hacker “Sp1d3r” for $750,000. The listing on BreachForums claims to include 34 ...