A cybersecurity firm co-founded by former Austrian Chancellor Sebastian Kurz and Israeli entrepreneurs has reached a valuation of $1.1 billion after securing $100 million in a new funding round.
The company, known as Dream, focuses on AI-driven cybersecurity solutions for governments and critical infrastructure. Bain Capital Ventures led the Series B investment, with additional backing from Group 11, Tru Arrow, Tau Capital, and Aleph.
Founded in January 2023, Dream has reported over $130 million in annual sales to government and national cybersecurity agencies in 2024.
The company was established by Kurz, former NSO Group CEO Shalev Hulio, and cybersecurity expert Gil Dolev. It operates out of Tel Aviv, Vienna, and Abu Dhabi, positioning itself as a key player in global cybersecurity.
Kurz, who became Austria‘s chancellor in 2017 at the age of 31, resigned in 2021 and was later convicted of perjury in a political case. He received an eight-month suspended sentence, which he is currently appealing. Despite his legal troubles, his latest business venture is rapidly growing in the cybersecurity industry.
For more information on these topics, visit diplomacy.edu.
That project saw the opening of a data centre in 2023, which provides cloud services to businesses and government institutions.
Polish Prime Minister Donald Tusk joined Microsoft President Brad Smith at a press conference to discuss the plans. The investment highlights the growing importance of cybersecurity in the partnership between Microsoft and Poland.
For more information on these topics, visit diplomacy.edu.
A new report from Google states that cybercrime continues to expand, intersecting with state-backed cyber operations. Released ahead of the Munich Security Conference, research from Google’s Threat Intelligence Group and Mandiant outlines findings from their investigations in 2024 and trends observed over the past four years.
According to Google, financially motivated and state-backed cyber activities are becoming more interconnected. Cybercriminal ecosystems facilitate the acquisition of malware, vulnerabilities, and operational support, offering lower-cost alternatives to state-developed capabilities.
The report emphasises that while cybercrime and state-backed cyber operations increasingly overlap, responses to these threats require distinct strategies. Cybercrime often involves networks operating across jurisdictions, necessitating international collaboration to address its impact effectively.
For more information on these topics, visit diplomacy.edu.
The French National Cybersecurity Agency (ANSSI) has released new guidance on securing AI systems, emphasising a risk-based approach to AI deployment. Several international partners, including Canada, Singapore, Germany, Italy, Norway, the United Kingdom, Estonia and others, have co-signed the document.
The publication highlights the growing integration of AI across sectors and the need for organisations to assess and mitigate associated risks, particularly as they adopt large language models (LLMs).
ANSSI outlines key security challenges specific to AI, including vulnerabilities in data integrity, supply chain risks, and the potential for AI systems to be exploited as attack vectors. The report identifies major risks such as:
Compromises in AI hosting and management infrastructure
Supply chain attacks targeting AI components
Interconnections between AI and IT systems increasing attack surfaces
Long-term loss of control over AI-driven processes
Malfunctions affecting AI system reliability
To address these challenges, the document advocates for a structured approach to AI security, recommending that organisations:
Align AI system autonomy with risk assessments and operational criticality
Map AI supply chains and monitor interconnections with IT infrastructure
Implement continuous monitoring and maintenance of AI systems
Anticipate regulatory and technological developments impacting AI security
Strengthen training and awareness on AI-related risks
The publication also advises against using AI for automating critical actions without safeguards, urging organisations to conduct dedicated risk analyses and assess security measures at every stage of the AI system lifecycle.
For more information on these topics, visit diplomacy.edu.
Zach Witkoff, co-founder of the Trump-affiliated crypto project World Liberty Financial, had his X account hacked on Wednesday. The hacker used the account to promote a fake memecoin project involving Barron Trump, claiming that the news would soon be confirmed by the Trump family.
World Liberty Financial quickly confirmed the hack, urging users to ignore the fraudulent Barron Trump project. This incident is part of a wider trend of crypto scams, as Ivanka Trump also warned earlier this year about a fake memecoin using her likeness to defraud investors.
World Liberty Financial, a decentralised finance project, launched its own token, WLFI, in October 2024. Despite these security issues, the project continues to operate with the Trump family’s name associated with its team.
For more information on these topics, visit diplomacy.edu.
Kaspersky Labs has uncovered a dangerous malware hidden in software development kits used to create Android and iOS apps. The malware, known as SparkCat, scans images on infected devices to find crypto wallet recovery phrases, allowing hackers to steal funds without needing passwords. It also targets other sensitive data stored in screenshots, such as passwords and private messages.
The malware uses Google’s ML Kit OCR to extract text from images and has been downloaded around 242,000 times, primarily affecting users in Europe and Asia. It is embedded in dozens of real and fake apps on Google’s Play Store and Apple’s App Store, disguised as analytics modules. Kaspersky’s researchers suspect a supply chain attack or intentional embedding by developers.
While the origin of the malware remains unclear, analysis of its code suggests the developer is fluent in Chinese. Security experts advise users to avoid storing sensitive information in images and to remove any suspicious apps. Google and Apple have yet to respond to the findings.
WhatsApp has identified an advanced hacking campaign targeting nearly 90 users across more than two dozen countries. The attack, linked to Israeli spyware firm Paragon Solutions, exploited a zero-click vulnerability, meaning victims’ devices were compromised without them needing to interact with any malicious files. The messaging platform, owned by Meta, has since taken steps to block the hacking attempts and has issued a cease-and-desist letter to Paragon.
While WhatsApp has not disclosed the identities of those targeted, reports indicate that journalists and members of civil society were among the victims. The company has referred affected users to Citizen Lab, a Canadian watchdog that investigates digital security threats. Law enforcement agencies and industry partners have also been alerted, though specifics remain undisclosed.
Paragon, which was recently acquired by US investment firm AE Industrial Partners, has not commented on the allegations. The company presents itself as a responsible player in the spyware industry, claiming to sell its technology only to governments in stable democracies. However, critics argue that the continued spread of surveillance tools increases the risk of human rights abuses, with spyware repeatedly found on the devices of activists, journalists, and officials worldwide.
Cybersecurity experts warn that the growing use of commercial spyware poses an ongoing threat to digital privacy. Despite claims of ethical safeguards, the latest revelations suggest that even companies with supposedly responsible practices may be engaging in questionable surveillance activities.
Smiths Group, the British engineering firm known for its baggage-screening and explosive detection equipment, is addressing a cybersecurity breach involving unauthorised access to its systems. The company confirmed on Tuesday that it had isolated the affected systems as soon as the incident was detected.
Efforts are underway with cybersecurity experts to recover impacted systems and assess the broader implications of the breach. Smiths Group assured it is adhering to all regulatory requirements and promised to provide updates as necessary.
The incident, disclosed in the morning, sent the company’s shares down by as much as 2.3% in early trading. No further details have been provided about the breach or its potential consequences.
Italian cybersecurity startup Exein has signed an agreement with Taiwan’s MediaTek to embed its security technology into the chipmaker’s Genio platform. The partnership will provide advanced security features for billions of chips used in mobile, home, automotive, and healthcare industries worldwide.
Exein expects its technology to be implemented in over 3 billion devices as a result of the deal. The partnership, valued at more than 5 million euros, is projected to double in worth by 2028. The company views MediaTek as a key strategic partner and sees this collaboration as a step towards expanding into automotive and robotics sectors globally.
Italy has been striving to foster a stronger tech startup ecosystem, and this agreement marks a significant milestone. Exein previously raised $15 million in Series B funding and counts major companies like Daikin, Seco, and Kontron among its clients.
At the World Economic Forum in Davos, Europol’s executive director, Catherine De Bolle, urged tech companies to provide law enforcement access to encrypted messages, citing public safety concerns. While she argued this is necessary to combat crime and protect democracy, critics highlighted the risks of undermining encryption, which is essential for privacy and individual freedoms.
De Bolle compared accessing encrypted communications to executing a search warrant in a locked house. However, this analogy oversimplifies the issue, as encryption safeguards sensitive data and ensures private communication, even under authoritarian regimes. Weakening it could lead to widespread misuse, enabling mass surveillance and suppression, as seen in places like Russia.
Advocates for privacy stress that encryption is not merely a barrier to crime but a cornerstone of democracy, enabling free speech and safeguarding against state overreach. While law enforcement has other tools for crime-fighting, creating backdoors to encryption would expose everyone to cyber risks and potentially render digital security obsolete.
If governments succeed in weakening encryption, decentralised solutions backed by blockchain technology could rise, making such access nearly impossible in the future. The debate underscores the critical balance between security and preserving fundamental rights.
