Ionut Arghire

Security Experts:

WRITE FOR US

Contact Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Recent articles by Ionut Arghire

Operator of 'DownThem' DDoS Attack Service Convicted

The service had over 2,000 users and is believed to have been responsible for more than 200,000 distributed denial of service attacks.
Mirai Botnet Starts Exploiting OMIGOD Flaw as Microsoft Issues More Guidance

The Mirai botnet has started exploiting the OMIGOD vulnerability just as Microsoft released more guidance on protections.
U.S. Agencies Warn of APTs Exploiting Recent ADSelfService Plus Zero-Day

The critical security bug was patched last week, when Zoho was already seeing in-the-wild attacks targeting it.
Endpoint Security Platform Kolide Banks $17 Million Investment

Endpoint security platform Kolide gets a fresh round of capital from venture capital investors.
Google Helps OSTIF Boost Security of Open Source Projects

Google announced plans to support the Open Source Technology Improvement Fund in launching its Managed Audit Program to review critical open source projects.
Kaspersky Received 105 Government, Law Enforcement Requests in H1 2021

As part of its first transparency report, the cybersecurity firm says it rejected all requests for user data received last year.
Researchers Create Toolkit for Hardware Security Tests on Apple's Mobile Processors

The researchers reverse-engineered Apple’s BootROM and built a software toolkit to explore vulnerabilities in Apple’s systems-on-a-chip (SoC).
Neosec Emerges From Stealth With $20.7 Million in Funding

The company aims to fight bad APIs with XDR (Extended Detection and Response) techniques such as precise behavioral analytics.
Severe Vulnerabilities Could Expose Thousands of Azure Users to Attacks

Microsoft patched one critical and three high-severity issues that can allow attackers to execute code remotely as root or escalate privileges.
SAP Patches Critical Vulnerabilities With September 2021 Security Updates

The German software maker released a total of 17 new security notes along with updates for two other notes.
Zoom Introduces End-to-End Encrypted Phone Calls

In addition to one-on-one phone call encryption, Zoom announces Verified Identity and a Bring Your Own Key (BYOK) offering.
Cobalt Strike Beacon Reimplementation 'Vermilion Strike' Targets Windows, Linux

Linux and Windows variants of the payload carry remote access capabilities such as file manipulation and shell command execution.
Swiss Post Offers up to €230,000 for Critical Vulnerabilities in e-Voting System

Security researchers worldwide are invited to hunt for vulnerabilities in the e-voting system as part of a bug bounty program on YesWeHack.
JumpCloud Raises $159 Million at $2.56 Billion Valuation

The company’s platform provides user and device management, helping employees securely access resources necessary for their work.
MikroTik Confirms Mēris Botnet Targets Routers Compromised Years Ago

The vulnerability was patched three years ago, but devices that did not have their passwords reset following the fix are still vulnerable.
Tens of Thousands of Unpatched Fortinet VPNs Hacked via Old Security Flaw

Hackers leaked online credentials stolen from 87,000 VPN devices, affecting roughly 22,500 victims worldwide, including nearly 3,000 in the United States.
Facebook Announces Encrypted WhatsApp Backups

Users will have an end-to-end encryption option when choosing to store their backups in Google Drive or iCloud.
Citrix Patches Hypervisor Vulnerabilities Allowing Host Compromise

The security holes could allow for privileged code running in a guest virtual machine to compromise the host.
Mēris Botnet Flexes Muscles With 22 Million RPS DDoS Attack

A series of recent record-breaking RPS-based DDoS attacks are the result of a new, powerful botnet flexing its muscles to prove its capabilities.
Google Introduces Private Compute Services for Android

Google introduced Private Compute Services for Android, a new suite of services designed to improve privacy in the Android operating system.
Cisco Patches High-Severity Security Flaws in IOS XR

Cisco warns that these vulnerabilities could be exploited by attackers to reboot devices, elevate privileges, or overwrite and read arbitrary files.
HAProxy Vulnerability Leads to HTTP Request Smuggling

A critical security flaw in HAProxy could lead to HTTP request smuggling attacks, allowing attackers to bypass security controls and access sensitive data without authorization.
GitHub Patches Security Flaws in Core Node.js Dependencies

GitHub has published documentation on seven vulnerabilities in the Node.js packages and warned that exploitation could expose users to code execution attacks.
US Gov Seeks Public Feedback on Draft Federal Zero Trust Strategy

The U.S. government's CISA and OMB are seeking the public’s opinion on draft zero trust strategic and technical documentation.
Canadian-US National Sentenced to Prison for Cybercrime Schemes

Ghaleb Alaumary sentenced to prison time for laundering millions from BEC schemes, ATM cash-outs, and bank cyber-heists.

SECURITYWEEK NETWORK:

Security Experts:

Ionut Arghire

Recent articles by Ionut Arghire

Get the Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek