Ionut Arghire

U.S. Shares Information on North Korean Threat Actor 'Kimsuky'

An alert issued by the United States this week provides information on Kimsuky, a threat actor focused on gathering intelligence on behalf of the North Korean government.

Payment and Data Security Firm Bluefin Raises $25 Million

Payment and data security solutions provider Bluefin on Wednesday announced it has raised $25 million in growth financing.

Compromised CMS Credentials Likely Used to Hack Trump Campaign Website

Security researchers believe that compromised credentials were used by hackers to access the content management system behind Donald Trump’s campaign website.

21 Malicious Apps Downloaded 8 Million Times From Google Play

Despite Google’s best efforts to keep Android users safe, malware does manage to slip into Google Play from time to time, and the 21 malicious apps that Avast identified recently are proof of that.

Microsoft Introduces New Password Spray Detection for Azure

Microsoft this week announced the availability of a new password spray detection for Azure AD Identity Protection customers.

Cyber Espionage Detection Firm Strider Technologies Raises $10 Million

Strider Technologies, a company that provides solutions for combating cyber espionage, on Tuesday announced that it raised $10 million in Series A funding. To date, the startup has raised $12 million.

Law Firm Says Google Employee Information Compromised in Data Breach

Fragomen, a law firm that provides Google with I-9 employment verification compliance services, says personal information of some people was compromised in a recent data breach.

Link Previews in Chat Apps Pose Privacy, Security Issues: Researchers

Analysis of the manner in which popular chat applications handle link previews has revealed several privacy and security issues, including some that still need addressing, security researchers warn.

NVIDIA Patches Code Execution Flaws in GeForce Experience

Patches released by NVIDIA last week for the GeForce Experience software address two code execution bugs assessed with a severity rating of high.

HPE Patches Two Critical, Remotely Exploitable Vulnerabilities

HPE has released patches for two critical vulnerabilities, one identified in StoreServ Management Console and the other affecting BlueData EPIC Software Platform and Ezmeral Container Platform.

Apple Notarizes Six New Variants of 'MacOffers' Adware

Apple has inadvertently given the thumbs up to six new malware variants, according to researchers at Mac security solutions provider Intego.

U.S. Treasury Sanctions Russian Institute Linked to Triton Malware

The US Department of the Treasury has announced sanctions against a Russian government institute connected to the destructive Triton malware.

Microsoft, MITRE Release Adversarial Machine Learning Threat Matrix

Microsoft and MITRE, in collaboration with a dozen other organizations, have developed a framework designed to help identify, respond to, and remediate attacks targeting machine learning (ML) systems.

Chrome 86 Starts Blocking Abusive Notification Permission Requests

Google has stepped up its effort against websites that have a history of sending abusive notification content, by blocking notification permission requests in Chrome 86.

Destructive Malware Spotted in Recent Attacks Launched by Iranian Cyberspies

The Iran-linked cyber-espionage group known as Seedworm appears to have added a new downloader to its arsenal and to have started conducting destructive attacks.

U.S. Says Russian Hackers Stole Data From Two Government Servers

The FBI and CISA say the Russian state-sponsored hacking group Energetic Bear has successfully compromised government networks and stole data from at least two servers.

XSS Vulnerability Exploited in Tech Support Scam

Malwarebytes security researchers have identified a new campaign in which tech support scammers are exploiting an XSS vulnerability and are relying exclusively on links posted on Facebook to reach potential victims.

Arctic Wolf Valued at $1.3 Billion After $200 Million Funding Round

Security operations company Arctic Wolf on Thursday announced the closing of a $200 million Series E funding round that values it at $1.3 billion.

QNAP Issues Advisory on Zerologon Vulnerability

Storage solutions provider QNAP this week published an advisory to warn customers that certain versions of QTS, the operating system for its NAS devices, are affected by the Zerologon vulnerability.

Oracle's October 2020 CPU Contains 402 New Security Patches

Oracle on Tuesday released its Critical Patch Update (CPU) for October 2020, which includes 402 new security patches released across the company’s product portfolio.

Microsoft Says Most TrickBot Servers Are Down

Most of the servers associated with the TrickBot botnet have been taken down following the technical and legal effort announced last week, Microsoft says.

IoT Security Foundation Launches Vulnerability Reporting Platform

The Internet of Things Security Foundation (IoTSF), an effort aimed at improving the security of IoT, has launched an online platform designed to make the reporting of vulnerabilities in IoT devices easier.

NSA Lists 25 Vulnerabilities Currently Targeted by Chinese State-Sponsored Hackers

The NSA this week released an advisory containing information on 25 vulnerabilities that are being actively exploited or targeted by Chinese state-sponsored threat actors.

New TrickBot Control Servers Unable to Respond to Bot Requests

Control servers included in the configuration file of new TrickBot samples fail to respond to bot requests.

Security Testing Company NSS Labs Ceases Operations

Austin, Texas-based security product testing company NSS Labs has announced that it ceased operations on October 15, 2020.