An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud. "Nexus appears to be in its early stages of development," Italian cybersecurity firm Cleafy said in a report published this week. "Nexus provides all the main features to perform ATO attacks (Account Takeover) against banking portals and

DMARC blocks spam and phishing emails sent from spoofed domains, and it's vastly underutilized, a new report says.

Cloud-based System of Trust application now available for test-driving quantitative risk assessment of suppliers of hardware, software, services.

Help the board understand where the business is vulnerable, where controls end, and where exposure begins.

Proving that there’s still plenty of venture money in cybersecurity, cloud identity security platform Britive today announced that it raised $20.5 million in a Series B funding round. Led by Pelion Venture Partners with participation from Liberty Global Ventures, Crosslink Capital and One Way Ventures, the new brings Britive’s total raised to $36 million. CEO Art Poghosyan says that it’ll be put toward expanding the company’s investments in customer successes, marketing and sales, as well as product development. “Ironically, the pandemic affected Britive’s business more positively than not,” Poghosyan told TechCrunch in an email interview. “It accelerated the move to virtualizing work environments and transition from data center to cloud.” There’s truth to that. According to a 2022 survey from Equinix, 71% of IT decision-makers plan to move more functions to the cloud over the next 12 months. The cloud has plenty of upsides, among them scalability and accessibility. But there are drawbacks, too — one being security (potentially). A poll from the Cloud Security Alliance reveals that close to one-third of businesses using a public cloud provider experienced security issues within the past two years, including unauthorized apps and poorly configured APIs. Poghosyan says that Britive was built to address those cloud security concerns — particularly on the identity and access management (IAM) side. Founded in 2018, the startup’s platform generates access privileges — including tokens and keys — on demand for people and software accessing cloud services and apps. “Our tech automatically expires and removes privileges when not in use to ensure the cloud keys and tokens are not exposed to attacks around the clock,” Poghosyan said. “Britive’s offering allows development teams to continue building at cloud speed while security teams maintain full visibility and control over cloud identities and privileges. Britive is far from the only player in the vast and growing IAM market, though. There’s well-capitalized ventures like Saviynt, whose platform enables companies to secure apps, data and infrastructure in a single platform. Private equity firm Thoma Bravo paid billions to acquire identity access management startups SailPoint, Ping Identity and ForgeRock. On the less grandiose end of the spectrum, there are ventures like ConductorOne, which aims to bring automation to identity and access management. Poghosyan asserts that Britive’s anomaly-spotting AI differentiates it from the others out there. Using AI, Britive analyzes cloud user activity logs in near-real time and attempts to identify behavioral patterns that could be dangerous or unauthorized. The platform then alerts the relevant security teams, giving them the option to quickly terminate any potentially problematic sessions. TechCrunch can’t speak to Britive’s efficacy. But the company’s growth suggests there’s something there. Poghosyan says that annual recurring revenue is in the “millions” of dollars and growing 3x annually, and that Britive now has “dozens” of customers, including several Fortune 500 brands. “Our platform manages thousands of daily active privileged identities who interact with critical business applications and infrastructure hosted on major cloud platforms,” Poghosyan added. “Even in a broader climate of economic slowdown, enterprise organizations continue to invest in future-proofing their cloud infrastructure and security solutions stack, which Britive is an essential part of.” Britive, which currently has about 55 employees, expects to add 10 to 20 staffers by the end of the year, Poghosyan said. Britive, which helps secure public clouds, lands $20.5M investment by Kyle Wiggers originally published on TechCrunch

Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.

Cisco’s semiannual security updates for IOS and IOS XE software resolve high-severity DoS, command injection, and privilege escalation vulnerabilities. The post Cisco Patches High-Severity Vulnerabilities in IOS Software appeared first on SecurityWeek.

Parents are still looking for answers weeks after hackers stole the personal data of thousands of users from kids’ tech coding camp iD Tech, with some fearing that their children’s data was compromised in the data breach. iD Tech, which provides on-campus classes and online tech and coding courses for kids, has yet to acknowledge the breach or notify parents. News of the data breach broke in February after a hacker on a cybercrime forum claimed to have hacked iD Tech a month earlier on January 3. The hacker claimed to have stolen close to 1 million user records, including names, dates of birth, passwords stored in plaintext, and about 415,000 unique email addresses, which iD Tech did not dispute when reached by email. That can equate to each parent’s account having one or more kids in classes at the tech camp. Some parents only found out as recently as March 6 when data breach notification services like Have I Been Pwned obtained the data and sent out notifications to affected families. Other parents found out when other services, like Firefox or their device security software, notified them that their information was found in the breached data. One parent, who learned from a breach notification service that their data had been stolen, told TechCrunch that the stolen information is only a portion of the data that iD Tech collects on account holders and the children who use its platform, including gender, billing information, and some health data, like immunizations. The parent said that the breached data must relate to the child’s date of birth because they never provided their own. The parent said that iD Tech has not yet notified them of the breach. When the parent contacted the company to inquire, iD Tech claimed that it had already notified affected account holders. iD Tech has not publicly acknowledged the breach, either on its website or any of its social media channels. And there’s no evidence that iD Tech has notified affected account holders of the breach, either. When reached by email, iD Tech CEO Pete Ingram-Cauchi declined to explain why the company hasn’t publicly acknowledged the breach. When asked, Ingram-Cauchi declined to provide a copy of the communication that iD Tech claims to have sent to parents. The company declined to say if the breach had been reported to offices of state attorneys general per data breach notification laws. Instead, iD Tech provided a brief statement from a generic company email address declining to comment citing its ongoing investigation. The sender of the email declined to provide their name for this story. Ingram-Cauchi did not reply to a follow-up email. Kids tech camp iD Tech still silent weeks after data breach by Zack Whittaker originally published on TechCrunch

Telecommunication providers in the Middle East are the subject of new cyber attacks that commenced in the first quarter of 2023. The intrusion set has been attributed to a Chinese cyber espionage actor associated with a long-running campaign dubbed Operation Soft Cell based on tooling overlaps. "The initial attack phase involves infiltrating Internet-facing Microsoft Exchange servers to deploy

Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI's ChatGPT service to harvest Facebook session cookies and hijack the accounts. The "ChatGPT For Google" extension, a trojanized version of a legitimate open source browser add-on, attracted over 9,000 installations since March 14, 2023, prior to its removal. It was originally