Ionut Arghire

Privacy Startup Soveren Raises $6.5 Million Seed Round

Soveren is building technology for businesses to detect and resolve privacy incidents and stay compliant with GDPR and other regulations.

'Sabbath' Ransomware Operators Target Critical Infrastructure

Security experts warn that the 'Sabbath' ransomware group is targeting organizations in education, health and natural resources in both the United States and Canada.

North Korean Hackers Use New 'Chinotto' Malware to Target Windows, Android Devices

Newly observed attacks bear the characteristics observed in previous ScarCruft campaigns, including similar tooling and the same target pool.

Marine Services Provider Swire Pacific Offshore Discloses Data Breach

The Singapore company says an unauthorized party accessed confidential proprietary commercial information and personal data.

CISA Releases Guidance on Securing Enterprise Mobile Devices

The Enterprise Mobility Management (EMM) system checklist was designed to help mitigate vulnerabilities and protect business environments.

Ransomware Operators Threaten to Leak 1.5TB of Supernus Pharmaceuticals Data

The biopharmaceutical company says it has no plans to pay a ransom, but warns of potential exploitation of the improperly obtained data.

IoT Security Company Shield-IoT Raises $7.4 Million

The company says it can detect anomalies within minutes through transforming big data into small data sets.

Two Nigerians Sentenced to Prison in U.S. for Role in BEC Scams

Opeyemi Abidemi Adeoso was sentenced to 151 months in federal prison, while Benjamin Adeleke Ifebajo was sentenced to 120 months in prison.

CISA, FBI Warn of Potential Critical Infrastructure Attacks on Holidays

All organizations – especially critical infrastructure entities – are encouraged to improve their security stance to prevent potentially impactful cyberattacks.

Researcher Awarded $10,000 for Google Cloud Platform Vulnerability

The access token for a Google Cloud project could be leaked, thus allowing users to elevate privileges in other internal projects.

PoC Exploit Published for Latest Microsoft Exchange Zero-Day

Proof-of-concept (PoC) exploit code has been published for recently patched vulnerability in Microsoft Exchange Server.

Low Code/No Code App Security Firm Zenity Emerges From Stealth

The company announced a $5 million funding round that will help it expand customer acquisition, marketing, product, and research and development operations.

Biomanufacturing Facilities Warned of Attacks Involving Sophisticated Malware

New Tardigrade variant of Smoke Loader was detected within the networks of two biomanufacturing facilities roughly half a year apart.

Severe Code Execution Vulnerabilities Affect OpenVPN-Based Applications

Claroty researchers document a series of severe code execution vulnerabilities affecting virtual private network (VPN) solutions relying on OpenVPN.

U.S. Agencies Share More Details on ADSelfService Plus Vulnerability Exploitation

Security response agencies warn the Zoho flaw puts academic institutions, critical infrastructure and defense contractors are at high risk for APT attacks.

Researchers Hack Conti Ransomware Infrastructure

Prodaft security researchers exploited a vulnerability in the recovery servers used by the Conti ransomware, which allowed them to gain insight into its inner workings.

Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients

Utah Imaging Associates has started informing over 583,000 former and current patients who might have been affected by the incident.

Canadian Teen Arrested Over Theft of $36 Million in Cryptocurrency

Employing SIM swapping, cybercriminals managed to steal roughly $36.5 million from a single victim.

California Pizza Kitchen Says Employee Data Stolen in Breach

The pizza chain says hackers were able to access certain files on its systems in a cyberattack that was identified on September 15.

SnapAttack Spins Out of Booz Allen Hamilton With $8 Million in Funding

The new cloud-based software solution delivers actionable threat intelligence and adversary detection to help with the deployment of proactive security measures.

North Korean Hacker Group Intensifies Espionage Campaigns

Throughout 2021, the threat actor tracked as TA406 has been targeting organizations in sectors such as education, government, media, and research.

Microsoft Informs Users of High-Severity Vulnerability in Azure AD

The vulnerability allowed for private key data to be stored in clear text, enabling an attacker to elevate privileges to Contributor and potentially access sensitive information.

FBI Warns of Actively Exploited FatPipe Zero-Day Vulnerability

The security bug has been exploited in attacks since at least May 2021 to drop a webshell providing root access and the possibility of performing further nefarious activities.

Cloud Data Protection Startup Laminar Closes $32M Funding Round

Public cloud data protection provider Laminar has emerged from stealth with $32 million in Series A funding led by Insight Partners.

U.S., U.K. and Australia Warn of Iranian APTs Targeting Fortinet, Microsoft Exchange Flaws

The governmental agencies in the U.S., U.K, and Australia issued a joint advisory to warn of Iranian APTs exploiting Fortinet and Microsoft Exchange vulnerabilities.

SECURITYWEEK NETWORK:

Security Experts:

Recent articles by Ionut Arghire

Get the Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek