Stay informed about the latest security breaches, hacks, and cyberattacks in the field of cybersecurity.

Hacker Claims Exploit Used on Streamers in Apex Legends Has Been Resolved by Game Developers

Apex Legends Concept Art
Last month, a hacker wreaked havoc during an esports tournament of the popular shooter game Apex Legends, hacking two well-known streamers mid-game to make it look like they were using cheats. “The exploit I’ve used in [Apex Legends Global Series] is fully patched,” the hacker who goes by Destroyer2009 said in an online chat. Or other video game hacking incidents? Or other video game hacking incidents? Destroyer2009’s hacks were high-profile, disruptive, and caused a big stir in the Apex Legends community.

Thousands of Companies Face Fresh Disaster as Firewall Bug Plagues Palo Alto Networks

Scanning Computer Group
Palo Alto Networks urged companies this week to patch against a newly discovered zero-day vulnerability in one of its widely used security products, after malicious hackers began exploiting the bug to break into corporate networks. Because the vulnerability allows hackers to gain complete control of an affected firewall over the internet without authentication, Palo Alto gave the bug a maximum severity rating. The ease with which hackers can remotely exploit the bug puts thousands of companies that rely on the firewalls at risk from intrusions. Adding another complication, Palo Alto initially suggested disabling telemetry to mitigate the vulnerability, but said this week that disabling telemetry does not prevent exploitation. Security firm Volexity, which first discovered and reported the vulnerability to Palo Alto, said it found evidence of malicious exploitation going back to March 26, some two weeks before Palo Alto released fixes.

Evolution Equity Partners Secures $1.1 Billion for Cutting-Edge Cybersecurity and AI Fund

Gettyimages 1310129244
It’s against this backdrop that Evolution Equity Partners, a growth capital investment firm based in NYC, on Tuesday launched a $1.1 billion cybersecurity and AI fund, the third such fund in Evolution’s history. The fund, called Evolution Technology Fund III, was oversubscribed, with participation from existing and new endowments, sovereign investors, insurance companies, foundations, fund of funds, family offices and angels. “The Evolution Technology Fund III has already backed fifteen leading cybersecurity companies, initiating its investment period over 12 months ago,” Seewald said. “We believe that provides private markets investors with diversified exposure to cybersecurity opportunities.”ESG will be another factor, according to Seewald. Evolution’s 30-person teams manages around $2 billion in assets and has backed 60 companies to date; its previous fund was $400 million.

US Government Issues Urgent Reminder for Sisense Customers to Update Passwords Following Security Breach

U.S. cybersecurity agency CISA is warning Sisense customers to reset their credentials and secrets after the data analytics company reported a security incident. CISA said it urges Sisense customers to “reset credentials and secrets potentially exposed to, or used to access, Sisense services” and to report any suspicious activity involving the use of compromised credentials to the agency. Founded in 2004, Sisense develops business intelligence and data analytics software for big companies, including telcos, airlines and tech giants. Companies like Sisense rely on using credentials, such as passwords and private keys, to access a customer’s various stores of data for analysis. With access to these credentials, an attacker could potentially also access a customer’s data.

“New from DuckDuckGo: Subscription includes VPN and identity theft protection bundle”

Vpn Ddg
Privacy-focused consumer tech company DuckDuckGo launched a new Privacy Pro subscription on Thursday that bundles a VPN service, personal information removal, and identity theft restoration. This is the company’s first move towards a subscription service built into the DuckDuckGo browser. With personal information removal service, DuckDuckGo scans dozens of data broker sites to find details like your name and address. (At that time, Removaly’s founder, Kyle Krzeski, posted on X that a privacy company acquired the startup without naming it.) The third feature of DuckDuckGo’s privacy pro plan is identity theft restoration, where an advisor would help you recover your identity-related loss around the clock.

“Revolutionizing Security Tools with Simbian’s AI Integration”

Gettyimages 1724735466
After leaving Nvidia in 2010, Kumar pivoted to cybersecurity, eventually co-founding Fortanix, a cloud data security platform. Leveraging AI, Simbian can automatically orchestrate and operate existing security tools, finding the right configurations for each product by taking into account a company’s priorities and thresholds for security, informed by their business requirements. A separate study found that organizations now juggle on average 76 different security tools, leading IT teams and leaders to feel overwhelmed. In addition to automatically configuring a company’s security tools, the Simbian platform attempts to respond to “security events” by letting customers steer security while taking care of lower-level details. But that assumes Simbian’s AI doesn’t make mistakes, a tall order, given that it’s well established that AI is error-prone.

“Addressing the Social Isolation Crisis: Buffet’s Efforts to Foster Meaningful Connections in the Physical World”

Buffet App
A new app called Buffet is aiming to address the loneliness epidemic by helping users meet new people by quickly matching them with a person and a place to meet up (Think Tinder + OpenTable). Buffet aims to help users meet likeminded individuals, whether they’re looking for a new friend, romantic partner or gym buddy. So we put one foot in front of the other and stared building Buffet.”To get started with Buffet, users enter five of their interests, such as motorcycles, horseback riding or reading. Buffet encourages people to go beyond a chatbox and digital communication and actually meet up in the real world. Hacking believes that if Buffet can win over the average 25-year-old female professional, it can win over anyone.

“Collaborative Efforts: Open Source Foundations Unify to Establish Shared Standards for the EU’s Cybersecurity Resilience Act”

Gettyimages 1473057239 E1712083727562
Seven open source foundations are coming together to create common specifications and standards for Europe’s Cyber Resilience Act (CRA), regulation adopted by the European Parliament last month. And this is what the seven open source foundations are coming together for now. By coming together as one, this should go some way toward treating open source software development as a single “thing” bound by the same standards and processes. Throw into the mix other proposed regulation, including the Securing Open Source Software Act in the U.S., and it’s clear that the various foundations and “open source stewards” will come under greater scrutiny for their role in the software supply chain. “The open source community and the broader software industry now share a common challenge: legislation has introduced an urgent need for cybersecurity process standards.

Observe: AT&T responds to data breach by resetting millions of passcodes

Site Att Version
Death, taxes, and regular, terrifying cybersecurity leaks. Those are the facts of life, as the latest AT&T data breach is teaching us yet again. A TechCrunch investigation into leaked customer data from the American telco giant has led to AT&T resetting certain customer account passcodes to prevent them from being at risk. The root of the security weakness is a massive, and AT&T’s data breach included a leaked dataset concerning more than seventy million former and current AT&T account holders. Only a fraction are still current, but the scale of the leaked dataset that TechCrunch dug into makes it plain that despite huge amounts of work and investment, there are still regular, exploitable, and dangerous for consumers.