Shlomo Kremer, co-founder and CEO, Cato Networks (Image: Cato Networks)

Cato Networks Raises $238M on $3B Valuation to Move Upmarket

Michael Novinson • September 22, 2023

A late-stage SASE startup led by a serial entrepreneur hauled in a massive equity investment to address the feature and capability needs of large enterprises. The $238 million in funding will allow Cato Networks to more tightly align CASB and DLP with SASE to safeguard cloud apps and sensitive data.

►

Governance & Risk Management

ISMG Editors: London Summit - AI Tech and Incident Response

Latest

Endpoint Security

Apple Fixes Bugs That Infected Egyptian Politician's iPhone

Mihir Bagwe • September 22, 2023

Apple released patches Thursday to close three actively exploited vulnerabilities that researchers say commercial spyware maker Cytrox used to infect the iPhone of Egyptian politician Ahmed Eltantawy with Predator malware. The Citizen Lab attributes the attacks to the Egyptian government.

Cyberwarfare / Nation-State Attacks

Chinese, North Korean Nation-State Groups Target Health Data

Marianne Kolbasuk McGee • September 22, 2023

Chinese and North Korean nation-state groups continue to pose significant "unique threats" to the U.S. healthcare and public health sector, including data exfiltration attacks involving espionage and intellectual property theft, federal authorities warned Thursday in a brief naming the top groups.

Cybercrime

Nation-State Actors Unleash Stealthy, LuaJIT-Based Malware

Jayant Chakravarti • September 22, 2023

SentinelOne observed suspected cyberespionage actors of unknown origin using modular backdoors and highly stealthy tactics in August to target telecommunication companies in the Middle East, Western Europe and South Asia. The group, tracked as Sandman, is using the novel backdoor LuaJIT.

General Data Protection Regulation (GDPR)

UK Approves Commercial Data Transfer Deal With US

Akshaya Asokan • September 22, 2023

The British government on Thursday signed onto a European deal easing trans-Atlantic commercial data flows with the United States, telling Parliament that the United Kingdom will accede to a Brussels-led agreement that allows American firms such as Facebook and Google to store Europeans' data.

Fraud Management & Cybercrime

MGM Resorts Says Hotels 'Operating Normally' After Attack

Mathew J. Schwartz • September 22, 2023

MGM Resorts International says its hotels and casinos are now operating "normally" after the company was hit by ransomware-wielding attackers. Even so, numerous systems remain offline - including digital room key cards - as the company seeks to rebuild its IT infrastructure.

Fraud Management & Cybercrime

Feds Warn About Snatch Ransomware

Prajeet Nair • September 21, 2023

The Snatch ransomware group is targeting a wide range of critical infrastructure sectors, including the defense industrial base, food and agriculture, and information technology sectors, according to a new alert issued by U.S. authorities. The group operates on a ransomware-as-a-service model.

Fraud Management & Cybercrime

Ohio Community College Data Theft Breach Affects Nearly 300K

Marianne Kolbasuk McGee • September 21, 2023

An Ohio community college is notifying 290,000 people of a data theft breach this spring that may have compromised their personal and health information. Security researchers say small schools such as this are now favored targets. Some 80% of schools have reported hacking incidents in the past year.

Cybercrime

Dutch Police Warns Users of Credentials Leak Site

Akshaya Asokan • September 21, 2023

Hundreds of Dutch patrons of a now-defunct credential marketplace received warnings from national police in an attempt to prevent potential crimes using illicitly obtained personal identifiable information. Dutch national police Politie said it had contacted 400 "possible customers" of WeLeakInfo.

Blockchain & Cryptocurrency

Cryptohack Roundup: Private Key Compromise Led to CoinEx Hit

Mihir Bagwe • September 21, 2023

This week, hackers stole $70 million from CoinEx, FTX resumed online claims, Balancer suffered a breach, Celsius creditors are targets of phishing, nearly $900,000 was stolen from Mark Cuban's hot wallet, Malta prepares for crypto regulation and Hong Kong cracked down on illicit crypto exchanges.

Cybercrime

Breach Roundup: Effects of ISP Ransomware Attack in Colombia

Anviksha More • September 21, 2023

This week, Colombia grappled with the aftermath of a ransomware attack against IFX Networks, Clorox suffered product shortages, a glitch allowed T-Mobile users to access other users' data, California passed restrictions for data brokers and Finland seized a dark web marketplace.

Cyberwarfare / Nation-State Attacks

Canada Confirms DDoS Attack Disrupted Airport Arrival Kiosks

Mathew J. Schwartz • September 21, 2023

A recent, brief disruption at Canadian airports is a reminder that Russia-aligned hacking groups' bark remains worse than their bite. Experts say these groups' impact largely remains minimal, which begs the question of how they disrupted arrival kiosks across Canadian airports.

Cloud Security

Journey to the Cloud: Navigating the Transformation - Part 3

CyberEdBoard • September 21, 2023

In Part 3 of this three-part blog post, Nikko Asset Management's Marcus Rameke discusses why opting for SaaS or PaaS over IaaS is a sensible decision for most businesses, why cloud solutions are preferable to on-premises HCI, and how to achieve environmental sustainability.