Ionut Arghire

Security Experts:

WRITE FOR US

Contact Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Recent articles by Ionut Arghire

Cisco, F5 Networks Investigate libssh Vulnerability Impact

Cisco and F5 Networks are investigating the possible impact of the recently patched libssh vulnerability on their products, while other vendors have concluded similar investigations
Flaw in Media Library Impacts VLC, Other Software

A code execution vulnerability in the LIVE555 Streaming Media library impacts VLC, MPlayer and other applications
Recent Branch.io Patch Creates New XSS Flaw

Patch for a recently disclosed XSS vulnerability in Branch.io introduced another similar flaw
Google Boosts Android Security with Protected Confirmation

Google further improves Android security with new Protected Confirmation API
NSA-Linked 'DarkPulsar' Exploit Tool Detailed

Kaspersky Lab researchers have analyzed DarkPulsar, another exploit supposedly stolen from the NSA-linked Equation Group
0-Day in jQuery Plugin Impacts Thousands of Applications

Thousands of projects are possibly impacted by a jQuery File Upload plugin vulnerability that has been actively exploited in the wild
Chinese Hackers Use 'Datper' Trojan in Recent Campaign

A China-linked cyber espionage group known as Tick was observed using the Datper malware in a recent campaign
Mozilla Brings Encrypted SNI to Firefox Nightly

Mozilla announces that Firefox Nightly now supports encrypting the Transport Layer Security (TLS) Server Name Indication (SNI) extension
Flaws Open Telepresence Robots to Prying Eyes

Celia/VGo telepresence robots from Vecna are affected by several vulnerabilities
Apple's Revamped Privacy Website Offers Users Access to Their Data

Apple users can now get a copy of the data the tech giant has on them, directly from a refreshed and expanded privacy website rolled out this week
Google Pixel 3 Improves Data Protection with Security Chip

Google has packed the recently launched Pixel 3 and Pixel 3 XL devices with Titan M, a security chip that can better protect information at hardware level
'Operation Oceansalt' Reuses Code from Chinese Group APT1

A recently observed cyber-espionage campaign targeting South Korea, the United States and Canada is reusing malicious code previously associated with state-sponsored Chinese group APT1
Chrome 70 Updates Sign-In Options, Patches 23 Flaws

Google released Chrome 70 on Tuesday and the latest version brings updated sign-in options and patches for 23 vulnerabilities
LuminosityLink RAT Author Sentenced to 30 Months in Prison

The maker of the LuminosityLink RAT was sentenced to 30 months in federal prison
'GreyEnergy' Cyberspies Target Ukraine, Poland

A cyber espionage group named GreyEnergy, linked by researchers to Russia's BlackEnergy, has been targeting energy and transportation companies in Ukraine and other countries
Oracle's October 2018 Update Includes 301 Security Fixes

Oracle’s October 2018 Critical Patch Update (CPU) includes 301 security fixes, bringing the total number of patches released this year to 1,119
Malicious RTF Documents Deliver Information Stealers

A newly discovered infection campaign is leveraging malicious RTF files to deliver information-stealing Trojans without being detected
Major Browsers to Kill TLS 1.0, 1.1

All major web browsers will deprecate support for the older Transport Layer Security (TLS) 1.0 and 1.1 protocols in the first half of 2020
FDA Warns of Flaws in Medtronic Programmers

A vulnerability in the software update process of certain Medtronic Programmer models has determined the company to block the functionality on some devices
Google Boosts Protection of Backups in Android

The latest Android leverages Google Cloud’s Titan technology to better protect users’ backed-up application data
Microsoft Incompletely Patches JET Database Vulnerability

A patch released by Microsoft for a serious vulnerability affecting its JET Database Engine is incomplete
U.S. Senators Demand Internal Memo Related to Google+ Incident

A group of United States senators sent a letter to Google, urging it to provide an internal memo that supposedly explains why the company did not disclose the Google+ data exposure that was discovered in March.
Hackers Exploit Drupalgeddon2 to Install Backdoor

Hackers exploit the Drupal vulnerability known as Drupalgeddon2 to install a backdoor on compromised servers
Google Hardens Android Kernel

Google has made the Android kernel more resilient to code reuse attacks, courtesy of implemented support for LLVM’s Control Flow Integrity (CFI).
Mozilla Delays Distrust of Symantec Certificates

Mozilla this week announced that the distrust of older Symantec certificates, initially planned for Firefox 63, will be delayed.

SECURITYWEEK NETWORK:

Security Experts:

Ionut Arghire

Recent articles by Ionut Arghire

SecurityWeek Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek