Checkmarx acquires open source supply chain security startup Dustico

Checkmarx, an Israeli provider of static application security testing (AST), has acquired open-source supply chain security startup Dustico for an undisclosed sum.  Founded in 2020, Dustico provides a dynamic source-code analysis platform that employs machine learning to detect malicious attacks and backdoors in software supply chains.  The acquisition will see Checkmarx combine its AST capabilities […]

Cybersecurity trainer HackerU acquires Cybint for $50M, say sources

Florida-based HackerU, which creates cybersecurity and other digital skills programs, is acquiring Cybint, a SaaS-based cyber education company. TechCrunch sources understand this to be a $50 million acquisition, though both companies declined to comment on the price. HackerU provided digital workforce training to students, post-graduate professionals and the community in the U.S., Europe and Asia […]

Passwordstate customers complain of silence and secrecy after cyberattack

It has been over three months since Click Studios, the Australian software house behind the enterprise password manager Passwordstate, warned its customers to “commence resetting all passwords.” The company was hit by a supply chain attack that sought to steal the passwords from customer servers around the world. But customers tell TechCrunch that they are […]

増え続ける「サプライチェーン攻撃」の脅威に備えるために、いまわたしたちができること

信頼されているソフトウェアやハードウェアに悪意のあるコードやコンポーネントを忍ばせる「サプライチェーン攻撃」と呼ばれるハッキング手法が広がっている。ロシアや中国の影も見え隠れする大規模な攻撃に対する防御は容易ではないが、国や企業レヴェルでの対応は決して不可能ではない。

Security flaws found in popular EV chargers

U.K. cybersecurity company Pen Test Partners has identified several vulnerabilities in the APIs of six home electric vehicle charging brands and a large public EV charging network. While the charger manufacturers resolved most of the issues, the findings are the latest example of the poorly regulated world of Internet of Things devices, which are poised […]

A Silicon Valley VC firm with $1.8B in assets was hit by ransomware

Advanced Technology Ventures, a Silicon Valley venture capital firm with more than $1.8 billion in assets under its management, was hit by a ransomware attack in July that saw cybercriminals steal personal information on the company’s private investors, or limited partners (LPs). In a letter to the Maine attorney general’s office, ATV said it became […]

Sophos extends its spending spree with Refactr buy

Thoma Bravo-owned Sophos has announced its second takeover in as many weeks with the acquisition of Seattle-based DevSecOps startup Refactr. Refactr was founded in 2017 and offers an automation platform that helps cybersecurity and DevOps teams to collaboratively operate. The platform, which is used by the nonprofit Center for Internet Security and the U.S. Air […]