Atlassian has issued a patch for its Confluence workspace collaboration tool, which is being targeted in the wild with a zero-day vulnerability that gives attackers unauthenticated remote code execution privileges. The vulnerability has a CVSS score of 10 out of 10 for criticality.
Devo has closed its Series F round and notched a $2 billion valuation to incorporate more capabilities into its SOC via acquisition. The company plans to use the $100 million to buy companies that will provide customers with additional intelligence on top of Devo's data for specific use cases.
A zero-day vulnerability in Atlassian Confluence, a workspace collaboration tool that serves millions of daily active users, is being targeted in the wild. The flaw, according to the company's security advisory, gives attackers unauthenticated remote code execution privileges.
Late-stage security startup Cybereason has laid off 10% of its employees in response to deteriorating market conditions less than a year after raising $325 million. The news was first reported by Israeli publications Calcalist and Globes, which both said roughly 100 employees had been let go.
ReliaQuest has agreed to buy Digital Shadows for $160 million to infuse its security operations platform with threat intelligence, attack surface management, and dark web monitoring. The deal will give clients more visibility and context around threats facing their networks, endpoints and cloud.
Memo to IT administrators: Don't store data in cloud in an unsecure manner. Security researchers at Secureworks have found more than 1,200 cloud-based, unsecured Elasticsearch databases that attackers wiped, leaving only a ransom note demanding Bitcoin in return for their restoration.
Obtaining threat insight is like practicing judo - you want to use your attacker's power against them, says Chris Borales, senior manager of product marketing at Gigamon. He and Tom Dager, CISO of Archer Daniels Midland Company, discuss how to keep pace with the evolving ransomware landscape.
Milind Mungale of Protean eGov Technologies has led the security strategies for the company for two decades. He discusses the changing cybersecurity landscape and building security operations from the ground up for a company that handles sensitive government and citizen information.
The U.S. Cybersecurity and Infrastructure Security Agency has added 75 flaws to its catalog of known exploited software vulnerabilities. The vulnerabilities were disclosed in three separate batches of 21, 20 and 34 vulnerabilities on Monday, Tuesday and Wednesday, respectively.
Manufacturing is a huge industry with massive amounts of critical data and IoT surfaces, and it is also a lucrative target for cybercriminals. CyberEdBoard member Shankar Karthikason discusses how to secure your OT environment and build an effective cybersecurity program.
Four ISMG editors discuss highlights from the London Summit, including the most concerning emerging threats if collateral damage from the Russia-Ukraine war isn't all it was reputed to be, building a cyber risk playbook to help businesses identify exposure, and stress and burnout in the workplace.
Cribl has raised $150 million to drive the development of new features such as hosted versions of the company's technology. The company will build out separate tools for each piece of the observability process rather than forcing customers to purchase a bundle with features they don't care about.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.