Fidelity says data breach exposed personal data of 77,000 customers

/in

Fidelity Investments, one of the world’s largest asset managers, has confirmed that 77,000 customers had personal information compromised during an August data breach. The Boston, Mass.-based investment firm said in a filing with Maine’s attorney general on Wednesday that an unnamed third party accessed information from its systems between August 17 and August 19 “using […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Relyance lands $32M to help companies comply with data regulations

/in

As the demand for AI surges, AI vendors are devoting greater bandwidth to data security issues. Not only are they being compelled to comply with emerging data privacy regulations (e.g. the EU Data Act), but they’re finding themselves under the microscope of clients skeptical about how their data is being used and processed. The trouble […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Microsoft’s Take on Kernel Access and Safe Deployment Practices Following CrowdStrike Incident

/in

SecurityWeek talked to David Weston, VP enterprise and OS security at Microsoft, to discuss Windows kernel access and safe deployment practices.

The post Microsoft’s Take on Kernel Access and Safe Deployment Practices Following CrowdStrike Incident appeared first on SecurityWeek.

SecurityWeek – ​Read More

Vulnerability Prioritization & the Magic 8 Ball

/in

Vulnerability prioritization has evolved over the years. Several frameworks exist to help organizations make the right decisions when it comes to deciding which patches to apply and when. But are these better than a Magic 8 Ball?

darkreading – ​Read More

Microsoft: BYOD, QR Codes Lead Rampant Education Attacks

/in

The average higher education institution is getting hit once a week now, and as one University of Oregon attack shows, the sector often lacks the resources to keep pace.

darkreading – ​Read More

Firefox 131 Update Patches Exploited Zero-Day Vulnerability

/in

Mozilla has released a Firefox 131 update to resolve CVE-2024-9680, a code execution vulnerability exploited in the wild as a zero-day.

The post Firefox 131 Update Patches Exploited Zero-Day Vulnerability appeared first on SecurityWeek.

SecurityWeek – ​Read More

Attack Surface Management Startup WatchTowr Raises $19 Million

/in

Continuous automated red teaming platform provider WatchTowr has raised $19 million in a Series A funding round. 

The post Attack Surface Management Startup WatchTowr Raises $19 Million appeared first on SecurityWeek.

SecurityWeek – ​Read More

Organizations Warned of Exploited Fortinet FortiOS Vulnerability

/in

CISA has added a FortinetFortiOS vulnerability tracked as CVE-2024-23113 to its Known Exploited Vulnerabilities (KEV) catalog.

The post Organizations Warned of Exploited Fortinet FortiOS Vulnerability appeared first on SecurityWeek.

SecurityWeek – ​Read More

Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms

/in

Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer.
“At first glance, the thing that stood out was the script’s obfuscation, which seemed a bit bizarre because of all the accented characters,” Jscrambler researchers said in an analysis. “The heavy use of Unicode characters, many

The Hacker News – ​Read More

The Internet Archive slammed by DDoS attack and data breach

/in

The Internet Archive, the nonprofit organization that digitizes and archives materials like web pages, came under attack Wednesday. Several users – including over at The Verge – confronted a pop-up when visiting the site, reading, “Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More