A U.S. Internal Revenue Service-approved tax filing site called eFile.com has been found to be delivering malware to users for weeks. Suspicions that the site was serving malware first appeared on Reddit on March 18, with confirmation provided by security researcher Johannes Ullrich on April 3. Users reported that while using the site, they were ...

Content delivery network and cloud services provider Akamai Technologies Inc. today introduced an updated managed security service program and introduced a new premium service offering to help protect customers from cyberattacks. The new capabilities help customers protect their businesses round the clock from sophisticated attacks with proactive monitoring and rapid response in the event of a cyberattack. ...

A new report today from big-data analytics company Splunk Inc. reveals that security leaders continue to see an increase in cyberattacks and unplanned outages. According to the Splunk State of Security 2023 report, 52% of organizations say they have suffered a data breach in the past two years, an increase from 49% in 2022 and 39% in 2021. Some 62% ...

Software-as-a-service buying and management solution startup Spendflo Inc. today announced that it has raised $11 million in new funding to fuel product growth and accelerate global expansion with a strong focus on expanding in North America. Founded in 2021, Spendflo offers an all-in-one platform to buy, manage and secure SaaS. Its Buying Hub streamlines the SaaS procurement ...

A new report today from cybersecurity company Netscout Systems Inc. reveals a staggering increase in application-layer and botnet-based direct-path attacks. Netscout’s 5th Anniversary DDoS Threat Intelligence Report found that the number of attacks has jumped by 487% since 2019, with the most significant surge occurring in the second half of 2022. Much of the increase comes from ...

Cybersecurity firm Fortinet Inc. today made several announcements that enhance its offerings in the networking and security markets. The innovations include new products, capabilities and updates to the flagship Network Security Expert Certification program. Leading with unified management and analytics across the entire hybrid network, Fortinet’s latest innovations enable unified management and analytics across its secure networking portfolio. ...

Cybersecurity platform provider Cybereason Inc. today announced that it has raised $100 million in new funding from SoftBank Group Corp. to support its global growth and advance its innovation in extended detection and response, endpoint detection and response and endpoint protection platform solutions. Founded in 2012, Cybereason offers an automated EDR platform that identifies elements of cyber attacks ...

Cloud security startup Obsidian Security Inc. today announced the release of its latest suite of software-as-a-service security solutions. Obsidian’s three new services, Compliance Posture Management, Integration Risk Management and Extend, enable security and government, risk and compliance teams to increase their SaaS security and compliance posture measurably. Leading the releases, Compliance Posture Management is designed to ...

Elastic N.V. today announced expanded capabilities for Elastic Security, including cloud security posture management for Amazon Web Services, container workload security and cloud vulnerability management. The new releases build on Elastic’s previously released Kubernetes security posture management and Cloud Workload Protection Platform capabilities to deliver what the company claims to be the only security analytics ...

A new comprehensive toolset for harvesting credentials across multiple cloud services providers has been spotted in the wild being distributed on Telegram. Detailed today by researchers at SentinelLabs, the “AlienFox” toolset is described as a cloud spammer’s “Swiss Army knife” thanks to its ability to attack multiple services in numerous ways. Attackers use AlienFox to ...