Ionut Arghire

Click2Mail Informs Users of Data Breach

USPS affiliate Click2Mail.com has started sending out notices to some of its users about a data breach that impacted their personal information.

Mozilla Hardens Firefox Against Injection Attacks

Mozilla announced a reduced attack surface for code injection in Firefox through the removal of potentially dangerous artifacts such as occurrences of inline scripts and eval()-like functions.

Alleged Hacker Arraigned on $1.4 Million Cryptocurrency Fraud Charges

Anthony Tyler Nashatka, aka psycho, appeared in a US federal court on charges related to his involvement in a scheme aimed at defrauding victims of at least $1.4 million in cryptocurrency.

'Attor' Cyber-Espionage Platform Used in Attacks Aimed at Russia

A recently uncovered highly targeted cyber-espionage platform that uses Tor for network communication has been targeting Russia and Eastern Europe.

Google Patches 8 Vulnerabilities in Chrome 77

Google patches 8 vulnerabilities in Chrome 77, including 5 flaws that have earned researchers $45,000.

NIST and Microsoft Partner to Improve Enterprise Patching Strategies

The National Institute of Standards and Technology (NIST) and Microsoft announced a joint effort aimed at helping enterprises improve their patching strategies.

Magecart Attack on eCommerce Platform Hits Thousands of Online Shops

Magecart hackers have been gathering sensitive information from thousands of online shops after compromising top ecommerce platform and service provider Volusion.

iTunes Zero-Day Vulnerability Exploited by BitPaymer Ransomware

The BitPaymer ransomware operators were observed abusing a zero-day vulnerability in Apple’s iTunes for Windows to run code and evade detection.

Singaporean Indicted in U.S. for Illegal Crypto-Mining

A citizen of Singapore has been charged in the United States for a large-scale cryptocurrency mining operation performed using stolen identity and credit card information.

Tor to Reject End-of-Life Relays by Default

Starting with its next stable release, Tor (The Onion Router) browser will reject End-Of-Life relays by default, the Tor Project has announced.

SAP Patches Critical Vulnerabilities With October 2019 Security Updates

SAP this week released seven new Security Notes as part of the October 2019 Security Patch Day, with two of these notes rated Hot News.

Iranian Hackers Update Spear-Phishing Techniques in Recent Campaign

The Iranian state-sponsored threat actor known as Charming Kitten employed new spear-phishing methods in a recent campaign.

Cybersecurity Firms Partner on Open Source Security Technology Development

A group of cybersecurity companies launch the Open Cybersecurity Alliance (OCA), a joint effort focused on the development of open source security technologies.

Apple Patches 16 Vulnerabilities With macOS Catalina 10.15

Apple’s macOS Catalina 10.15 desktop operating system patches 16 vulnerabilities.

No Patch for Critical Code Execution Flaw Affecting D-Link Routers

A critical remote code execution vulnerability in several D-Link routers that reached their end of life remains unpatched.

New US-UK Agreement Speeds Law Enforcement's Access to User Data

The United States and the United Kingdom have signed an agreement meant to provide law enforcement agencies with faster access to data related to serious crimes.

Google Patches Remote Code Execution Bugs in Android 10

Google’s October 2019 security patches for Android address a total of 26 vulnerabilities, including a couple of remote code execution bugs impacting Android 10.

Code Execution Vulnerability Impacts NSA Reverse Engineering Tool

Versions through 9.0.4 of the Ghidra software reverse engineering (SRE) framework are impacted by a code-execution vulnerability.

Magecart Group Tied to Cobalt Hackers

Security researchers were able to link one of the hacking groups operating under the Magecart umbrella to the infamous threat actor known as the Cobalt Group.

Patches for Internet Explorer Zero-Day Causing Problems for Many Users

Microsoft releases new security patches for an Internet Explorer zero-day vulnerability that was initially addressed on September 23, due to some printing issues, but the new updates are also buggy.

New Campaign Targets Drupalgeddon2 Flaw to Install Malware

Hackers continue to target the Drupal vulnerability named Drupalgeddon2 to install malware onto unpatched systems.

Zero-Day Used in the Wild Impacts Pixel 2, Other Android Phones

Fully patched Pixel 2 devices, even those running Android 10 preview, are impacted by a vulnerability that has already been abused in attacks, a Google researcher has discovered.

Adwind Malware Used in Attacks Against U.S. Petroleum Firms

Attackers using the Adwind remote access Trojan (RAT) are targeting petroleum firms in the United States in a recent campaign.

Former Yahoo Programmer Pleads Guilty to Hacking User Accounts

A former Yahoo software engineer has admitted in court to hacking into the accounts of thousands of the platform’s users.

Singapore Ministry of Defence Launches New Bug Bounty Program

Singapore’s Ministry of Defence (MINDEF) is inviting 400 white-hat hackers to find vulnerabilities in its systems, as part of a three-week bug bounty program.

SECURITYWEEK NETWORK:

Security Experts:

Recent articles by Ionut Arghire

SecurityWeek Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek