Ionut Arghire

Security Experts:

WRITE FOR US

Contact Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Recent articles by Ionut Arghire

Iranian Hackers Target Enterprise Android Users With New RatMilad Spyware

The RatMilad spyware has been used indiscriminately in a broad campaign rather than to target specific individuals.
RealDefense Raises $30 Million to Acquire More Privacy, Cybersecurity Firms

RealDefense has raised $30 million from Sunflower Bank, which will help it complete the acquisition of more privacy and cybersecurity firms.
Canadian NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in US

Former Canadian government employee Sebastien Vachon-Desjardins was sentenced to prison for participating in NetWalker ransomware attacks.
Critical Packagist Vulnerability Opened Door for PHP Supply Chain Attack

A severe vulnerability impacting Packagist could have been abused to mount supply chain attacks targeting the PHP community.
DHS Tells Federal Agencies to Improve Asset Visibility, Vulnerability Detection

As per Binding Operational Directive 23-01, federal agencies have six months to take the necessary actions to improve asset visibility and vulnerability detection within their networks.
Web Security Company Detectify Raises $10 Million

Domain and web application security firm Detectify has received a $10 million investment from Insight Partners.
Supply Chain Attack Targets Customer Engagement Firm Comm100

CrowdStrike warns of a supply chain attack targeting North American and European organizations across multiple sectors with a trojanized Comm100 installer.
Optus Says ID Numbers of 2.1 Million Compromised in Data Breach

Out of 9.8 million Optus customers, 2.1 million had numbers associated with IDs compromised in a recent data breach.
CISA Warns of Attacks Exploiting Recent Atlassian Bitbucket Vulnerability

CISA has added to its KEV catalog a recent Atlassian Bitbucket flaw and two Microsoft Exchange zero-days.
North Korean Hackers Exploit Dell Driver Vulnerability to Disable Windows Security

North Korea’s Lazarus hackers were seen exploiting a Dell DBUtil driver vulnerability to disable security mechanisms on target Windows machines.
Canon Medical Product Vulnerabilities Expose Patient Information

Trustwave has identified two XSS vulnerabilities in Canon Medical’s Vitrea View medical imaging sharing tool.
CISA Issues Guidance on Transitioning to TLP 2.0

CISA has published guidance for organizations to prepare for the November 1, 2022, move from Traffic Light Protocol (TLP) version 1.0 to TLP 2.0.
DoD Announces Final Results of 'Hack US' Bug Bounty Program

A total of 267 ethical hackers participated in the HackerOne-hosted challenge, including 139 new to the DoD VDP.
Chinese Cyberespionage Group 'Witchetty' Updates Toolset in Recent Attacks

Part of the Cicada group, Witchetty has been observed progressively updating its toolset in recent attacks against Middle Eastern and African targets.
Cisco Patches High-Severity Vulnerabilities in Networking Software

Cisco has announced patches for 12 vulnerabilities in its IOS and IOS XE software, including 10 rated ‘high severity’.
Drupal Updates Patch Vulnerability in Twig Template Engine

Updates announced for Drupal core address a severe vulnerability in Twig that could lead to the leakage of sensitive information.
Auth0 Finds No Breach Following Source Code Compromise

Auth0 says it has not identified a data breach following a third-party’s claim to possess Auth0 older code repositories.
Kaiji Botnet Successor 'Chaos' Targeting Linux, Windows Systems

Black Lotus Labs security researchers have observed Chaos, the successor of the Kaiji DDoS botnet, targeting devices within enterprise environments.
Fast Company Hack Impacts Website, Apple News Account

American business magazine Fast Company confirms Apple News account hijack after its content management system (CMS) was hacked.
L2 Network Security Control Bypass Flaws Impact Multiple Cisco Products

Cisco has confirmed that tens of its enterprise routers and switches are impacted by four bypass vulnerabilities in Layer-2 (L2) network security controls.
Chrome 106 Patches High-Severity Vulnerabilities

Google has released Chrome 106 to the stable channel with patches for 20 vulnerabilities, including 16 externally reported bugs.
Google, Apple Remove 'Scylla' Mobile Ad Fraud Apps After 13 Million Downloads

Cybersecurity firm Human disrupts Scylla ad fraud campaign consisting of 89 mobile applications that gathered over 13 million downloads.
New Infostealer Malware 'Erbium' Offered as MaaS for Thousands of Dollars

Security researchers are warning of a new information stealer named Erbium being distributed as Malware-as-a-Service (MaaS).
Samsung Sued Over Recent Data Breaches

A class action lawsuit filed against Samsung alleges that the company unnecessarily collected user data, then stored and sold it without proper security protections.
Breached American Airlines Email Accounts Abused for Phishing

American Airlines discovered it was breached after receiving reports of employee email accounts being used in phishing attacks.

SECURITYWEEK NETWORK:

Security Experts:

Ionut Arghire

Recent articles by Ionut Arghire

Get the Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek