The U.S. Department of Homeland Security is offering payments of up to $5,000 under a bug bounty program called “Hack DHS.” The bug bounty program is designed to identify potential cybersecurity vulnerabilities within certain DHS systems and to increase the department’s cybersecurity resilience. The bug bounty program is not a free-for-all, however, with only vetted ...

Attacks exploiting the Apache Log4j vulnerability are continuing to expand, as multiple state-sponsored advance threat groups are now believed to be using the vulnerability and fears emerge that a worm could exploit the vulnerability. The Log4j vulnerability emerged last week and has been described by Jen Easterly, the head of the U.S. Department of Homeland ...

Meta Platforms Inc. today announced a new enhancement to its bug bounty program with the launch of an industry-first bug bounty program for data “scraping” as well as offering further education opportunities for researchers. The Meta bug bounty program will now award valid reports about scraping methods, even if the data they target is public. The program ...

Enterprise application programming security startup Noname Security today announced it has raised $135 million in new funding to fund the global expansion of its go-to-market and research and development teams. Georgian and Lightspeed led the Series C round. Also participating in the round were Insight Partners, Cyberstarts, Next47, Forgepoint and The Syndicate Group. The round was raised on a ...

Application programming interface security startup Cequence Security Inc. announced today that it has raised $60 million in new funding to support enhancements to its solutions expand its product offerings. Menlo Ventures led the Series C round. Also participating in the round were ICON Ventures, Telstra Ventures, HarbourVest Partners, Shasta Ventures, Dell Technologies Capital and T-Mobile ...

LogMeIn Inc. today announced that it plans to spin off its password manager LastPass as a separate company. The decision, coming two years after LogMeIn was acquired by Francisco Partners Management and Elliott Management’s Evergreen affiliate for $4.3 billion, is said to allow LastPass to increase focus, investment and support for its business. LastPass was previously acquired by LogMeIn ...

Criminal groups and even suspected state-sponsored hacking groups continue to exploit a serious vulnerability in Apache Log4j with ransomware and other forms of malware. According to research from Check Point Software Technologies Ltd., the number of attacks seeking to take advantage of the vulnerability continues to rise, from 40,000 attacks on Dec. 11 through to more than ...

Browser cybersecurity startup Guardio Ltd. has raised $47 million in new funding to accelerate the company’s vision of creating a secure digital world. Tiger Global led the round, announced today, with Vintage, Cerca Partners, Union and Samsung Next also participating. Founded in 2018 by Israeli cybersecurity industry veterans Amos Peled, Daniel Sirota and Michael Weinstein, ...

A ransomware attack has struck workflow management solutions provider Kronos Inc. and knocked services offline. UKG Inc., the parent company of Kronos, said today that the ransomware attack could result in its services being out for “several weeks.” The company even suggested that its customers should seek other ways to facilitate payroll payments and human ...

Cable television provider Cox Communications Inc. has been hit by a data breach after a hacker impersonated a support agent to gain access to customer information. After the breach, first reported today by Bleeping Computer, customers started receiving letters from the company this week that warned them of it. The letter stated that on Oct.11, “unknown person(s) ...