Security

Hackers are ramping up attacks using year-old ServiceNow security bugs to target unpatched systems

Security /

Hackers are ramping up their attempts to exploit a trio of year-old ServiceNow vulnerabilities to break into unpatched company instances, security researchers warned this week. Threat intelligence startup GreyNoise said in a blog post on Tuesday that it had observed a “notable resurgence of in-the-wild activity” targeting the three ServiceNow vulnerabilities, tracked as CVE-2024-4879, CVE-2024-5178, […]

Hackers are ramping up attacks using year-old ServiceNow security bugs to target unpatched systems Read More »

How a $6M bet on Wiz turned into a massive 200x return for one early backer

Security /

Wiz’s $32 billion all-cash acquisition by Google parent Alphabet promises a colossal payday for the cybersecurity startup’s early-stage investors. The deal is a big win for Sequoia, one of the best-known VC firms, which stands to make $3 billion, about 25x the money it invested in the company, Bloomberg reported. Despite substantial returns for Sequoia’s

How a $6M bet on Wiz turned into a massive 200x return for one early backer Read More »

Hacked, leaked, exposed: Why you should never use stalkerware apps

Security /

There is a whole shady industry for people who want to monitor and spy on their families. Multiple app makers market their software — sometimes referred to as stalkerware — to jealous partners who can use these apps to access their victims’ phones remotely.  Yet, despite how sensitive this data is, an increasing number of

Hacked, leaked, exposed: Why you should never use stalkerware apps Read More »

Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users

Security /

A consumer-grade spyware operation called SpyX was hit by a data breach last year, TechCrunch has learned. The breach reveals that SpyX and two other related mobile apps had records on almost two million people at the time of the breach, including thousands of Apple users. The data breach dates back to June 2024 but

Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users Read More »

US teachers’ union says hackers stole sensitive personal data on over 500,000 members

Security /

The Pennsylvania State Education Association (PSEA), a labor union representing educators across the state, says hackers stole the sensitive personal information of more than half a million of its members.  PSEA is the largest organization for educators in Pennsylvania, representing current and former teachers, counselors, health care workers, and school social workers. In a filing

US teachers’ union says hackers stole sensitive personal data on over 500,000 members Read More »

Cape opens $99/month beta of its privacy-first mobile plan, inks Proton deal, raises $30M

Security /

Mobile networks continue to be a major target for cybersecurity breaches, and Chinese hacking group Salt Typhoon‘s persistent attacks on multiple carriers are only the latest known examples.  The mobile carrier startup Cape is taking a novel approach to addressing the problem: it has built a service it says can provide a more secure, private

Cape opens $99/month beta of its privacy-first mobile plan, inks Proton deal, raises $30M Read More »

Researchers name several countries as potential Paragon spyware customers

Security /

The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of Israeli spyware maker Paragon Solutions, according to a new technical report by a renowned digital security lab. On Wednesday, The Citizen Lab, a group of academics and security researchers housed at the University of Toronto that has investigated the spyware industry

Researchers name several countries as potential Paragon spyware customers Read More »

Here’s why Google pitched its $32B Wiz acquisition as ‘multicloud’

Security /

Tuesday’s big news that Google is acquiring security startup Wiz for a record-breaking $32 billion comes with a very big qualifier. Google says it will position Wiz as a “multicloud” offering, meaning Wiz will not be a Google-only shop.  The reality is that Google had no choice but to do this, and a closer look

Here’s why Google pitched its $32B Wiz acquisition as ‘multicloud’ Read More »

CISA scrambles to contact fired employees after court rules layoffs ‘unlawful’

Security /

The U.S. government’s cybersecurity agency is scrambling to contact more than 130 former employees after a federal court ruled that the Trump administration must reinstate workers it “unlawfully” fired. U.S. District Judge James Bredar last week ordered the Trump administration to reinstate employees laid off across a number of U.S. government agencies, including the Department

CISA scrambles to contact fired employees after court rules layoffs ‘unlawful’ Read More »

Texas man faces prison for activating ‘kill switch’ on former employer’s network

Security /

Texas software developer Davis Lu faces up to 10 years in prison after a federal jury convicted him of “causing intentional damage” to his former employer’s network. According to the Justice Department, Lu, 55, began sabotaging his employer’s systems after a 2018 corporate restructuring left Lu with reduced responsibilities and system access.  Lu is accused

Texas man faces prison for activating ‘kill switch’ on former employer’s network Read More »