Thousands of virtual network computing instances have been found exposed online without the need for authentication, potentially allowing attackers to gain access to and take over networks easily. As detailed Friday by researchers at Cyble Inc., the issue is how VNC uses the Remote Frame Buffer protocol to provide control of a remote machine over a ...

Zoom Video Communications Inc. today issued a patch for a vulnerability revealed by security researcher Patrick Wardle at the annual DEF CON Conference last week. The vulnerability, named CVE-2022-28756, was found in Zoom for macOS versions 5.7.3 to 5.11.3 and potentially allowed an attacker to gain access and take over an Apple Inc. computer through Zoom’s ...

Michigan healthcare provider Priority Health has suffered a data breach affecting about 120,000 members. The data breach did not target the health provider directly but a third-party vendor, Warner Norcoss & Judd LLP. The breach occurred in October and is described in a press release as unauthorized activity involving some systems. Priority Health is Michigan’s ...

Cisco Systems Inc. today confirmed that its network was breached in a ransomware attack in May. The attack was undertaken by the Yanluowang ransomware gang, which then attempted to extort Cisco with the threat that if a ransom wasn’t paid, the stolen files would be released. “Cisco experienced a security incident on our corporate network in ...

A new report from PitchBook finds that the median pre-money valuation on early-stage startups is declining amid economic uncertainty and investor caution, with other venture capital sectors showing mixed results. PitchBook venture capital analysts found that there are signs of decline across the board, though the venture capital ecosystem has so far weathered the economic ...

U.K. authorities are investigating distributed denial-of-service attacks that have targeted cryptocurrency exchange Currency Com Global LLC, better known as Currency.com. The attacks started in April after the founder of Currency.com founder Viktor Prokopenya announced the company was pulling out of Russia in protest against the invasion of Ukraine, MSN reports. Prokopenya condemned the invasion as “Russian ...

A prominent Russian hacking group is claiming to have attacked and taken offline websites run by U.S. aerospace manufacturer Lockheed Martin Corp. Killnet, which was previously in the news in June after taking responsibility for a distributed denial-of-service attack targeting organizations in Lithuania, claims that it targeted Lockheed Martin in a similar DDoS attack, knocking ...

Cloud data protection startup Nightfall AI said today it has raised $40 million in new funding to extend its reach, expand its integration and partner ecosystem, and develop new products. WestBridge Capital led the Series B round. Bain Capital Ventures, Venrock, Pear VC and several individual investors, including actor Paul Rudd, also participated. Including the new round, ...

Researchers at S.C. Bitdefender SRL today detailed multiple severe security issues on the Device42 Inc. platform that opens the door to attackers. Device42 offers devices for discovery, asset management and dependency mapping for data centers and the cloud. The vulnerabilities were found in an audit of a Device42 appliance within two instances of the application — ...

Cybersecurity platform provider Cybereason Inc. today launched a new mobile app that allows customers to respond from their phone to potential cyber threats anywhere in the world. The Cybereason Managed Detection and Response Mobile App provides instant access to the Cybereason MDR Dashboard, allowing customers to address possible threats immediately and connect 24X7 with the Cybereason Global ...