The U.S. National Security Agency is buying vast amounts of commercially available web browsing data on Americans without a warrant, according to the agency’s outgoing director. NSA director Gen. Paul Nakasone disclosed the practice in a letter to Sen. Ron…
Category: Security News | TechCrunch
Microsoft says Russian hackers also targeted other organizations
On Friday, Microsoft revealed that it had been the victim of a hack carried out by Russian government spies. Now, a week later, the technology giant said that it was not the only target of the espionage operation. In a…
How a mistakenly published password exposed Mercedes-Benz source code
Mercedes-Benz accidentally exposed a trove of internal data after leaving a private key online that gave “unrestricted access” to the company’s source code, according to the security research firm that discovered it. Shubham Mittal, co-founder and chief technology officer of…
23andMe admits it didn’t detect cyberattacks for months
In a data breach notification letter filed with regulators this weekend, 23andMe revealed that hackers started breaking into customers’ accounts in April 2023 and continued through most of September. In other words, for around five months, 23andMe did not detect…
Kusari is building a supply chain security platform on top of open source
The software supply chain, which comprises the components, libraries and processes companies use to develop and publish software, is under threat. According to one recent survey, 88% of companies believe that software supply chain security presents an “enterprise-wide risk” to…
HPE says it was hacked by Russian group behind Microsoft email breach
Hewlett Packard Enterprise said on Wednesday that its cloud-based email system was compromised by Midnight Blizzard, a Russia-linked hacking group that recently broke into Microsoft’s corporate network. In a filing with the U.S. Securities and Exchange Commission, the enterprise tech…
Prompt Security wants to make GenAI safe for the enterprise
Businesses are moving faster than ever to use generative AI and bring it to both their employees and users. Moving fast and security don’t always go hand-in-hand, though, so it’s only now that many businesses are waking up to the…
US sanctions Russian citizen accused of playing key role in Medibank ransomware attack
The U.S. government sanctioned a Russian national for allegedly playing a “pivotal role” in the ransomware attack against Australian health insurance giant Medibank that exposed the sensitive information of almost 10 million patients. 33-year-old Alexander Ermakov, who has also been…
Clerk, the authentication startup, lands $30M and inks a strategic deal with Stripe
Clerk, a startup creating a suite of embeddable UIs, APIs and admin dashboards that app developers can use to authenticate and manage users, has raised $30 million in a Series B round led by CRV with participation from Stripe, Andreessen…
iPhone users should turn on Apple’s stolen device protection feature
Apple released a new version of iOS yesterday with a handful of new features, such as collaborative playlists in Apple Music and a new Unity wallpaper for Black History Month. Another interesting new feature in iOS 17.3 is something called…