Ionut Arghire

Ransomware Attack Knocks 100 Romanian Hospitals Offline

Romanian hospitals turn to pen and paper after ransomware attack on centralized healthcare management system.

February 13, 2024

ExpressVPN User Data Exposed Due to Bug

ExpressVPN disables split tunneling on Windows after learning that DNS requests were not properly directed.

February 12, 2024

Stealthy Cyberespionage Campaign Remained Undiscovered for Two Years

A possibly China-linked threat actor uses a custom backdoor in a cyberespionage campaign ongoing since at least 2021.

February 12, 2024

Exploitation of Another Ivanti VPN Vulnerability Observed

Organizations urged to hunt for potential compromise as exploitation of a recent Ivanti enterprise VPN vulnerability begins.

February 12, 2024

New macOS Backdoor Linked to Prominent Ransomware Groups

Written in Rust, the new RustDoor macOS backdoor appears linked to Black Basta and Alphv/BlackCat ransomware.

February 9, 2024

Ivanti Patches High-Severity Vulnerability in VPN Appliances

An XXE flaw in Ivanti Connect Secure, Ivanti Policy Secure, and ZTA gateways could lead to unauthenticated access to resources.

February 9, 2024

US Offers $10M Reward for Information on Hive Ransomware Leaders

One year after taking down Hive ransomware, US announces a $10 million reward for information on the group’s key members.

February 9, 2024

Iran Ramps Up Cyberattacks on Israel Amid Hamas Conflict: Microsoft

Iran’s offensive cyber operations against Israel went from chaotic in October 2023 to targeting new geographies a month later.

February 8, 2024

Cisco Patches Critical Vulnerabilities in Enterprise Communication Devices

Two critical vulnerabilities in Cisco Expressway series devices can be exploited in CSRF attacks without authentication.

February 8, 2024

Google Announces Enhanced Fraud Protection for Android

Google Play Protect will block the installation of sideloaded applications requesting permissions frequently abused by fraudsters.

February 8, 2024

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability

A critical remote code execution vulnerability in Shim could allow attackers to take over vulnerable Linux systems.

February 7, 2024

Verizon Says Data Breach Impacted 63,000 Employees

Verizon is notifying 63,206 employees that their personal information was exposed in an internal data breach.

February 7, 2024

JetBrains Patches Critical Authentication Bypass in TeamCity

JetBrains releases patches for a critical-severity TeamCity authentication bypass leading to remote code execution.

February 7, 2024

Fortinet Patches Critical Vulnerabilities in FortiSIEM

Two critical OS command injection flaws in FortiSIEM could allow remote attackers to execute arbitrary code.

February 7, 2024

Tech Giants Form Post-Quantum Cryptography Alliance

The Linux Foundation, AWS, Cisco, IBM, and other tech companies establish the Post-Quantum Cryptography Alliance.

February 6, 2024

Millions of User Records Stolen From 65 Websites via SQL Injection Attacks

The ResumeLooters hackers compromise recruitment and retail websites using SQL injection and XSS attacks.

February 6, 2024

Canon Patches 7 Critical Vulnerabilities in Small Office Printers

Canon announces patches for seven critical-severity remote code execution flaws impacting small office printer models.

February 6, 2024

Critical Remote Code Execution Vulnerability Patched in Android

Android’s February 2024 security patches resolve 46 vulnerabilities, including a critical remote code execution bug.

February 6, 2024

Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities

Google announces $1 million investment in improving Rust’s interoperability with legacy C++ codebases.

February 5, 2024

QNAP Patches High-Severity Bugs in QTS, Qsync Central

Two high-severity vulnerabilities in QNAP’s operating system could lead to command execution over the network.

February 5, 2024

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

Ransomware Attack Knocks 100 Romanian Hospitals Offline

ExpressVPN User Data Exposed Due to Bug

Stealthy Cyberespionage Campaign Remained Undiscovered for Two Years

Exploitation of Another Ivanti VPN Vulnerability Observed

New macOS Backdoor Linked to Prominent Ransomware Groups

Ivanti Patches High-Severity Vulnerability in VPN Appliances

US Offers $10M Reward for Information on Hive Ransomware Leaders

Iran Ramps Up Cyberattacks on Israel Amid Hamas Conflict: Microsoft

Cisco Patches Critical Vulnerabilities in Enterprise Communication Devices

Google Announces Enhanced Fraud Protection for Android

Most Linux Systems Exposed to Complete Compromise via Shim Vulnerability

Verizon Says Data Breach Impacted 63,000 Employees

JetBrains Patches Critical Authentication Bypass in TeamCity

Fortinet Patches Critical Vulnerabilities in FortiSIEM

Tech Giants Form Post-Quantum Cryptography Alliance

Millions of User Records Stolen From 65 Websites via SQL Injection Attacks

Canon Patches 7 Critical Vulnerabilities in Small Office Printers

Critical Remote Code Execution Vulnerability Patched in Android

Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities

QNAP Patches High-Severity Bugs in QTS, Qsync Central

Featured

Supply Chain Security

Cybersecurity Firms Impacted by Klue Supply Chain Attack

Vulnerabilities

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Funding/M&A

Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push

Data Breaches

Kodak Admits Data Breach After ShinyHunters Hack Claims

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Latest News

Artificial Intelligence

French President Urges US to Share Cutting-Edge AI and Democracies to Cooperate on Regulation

Malware & Threats

In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum

Malware & Threats

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

Malware & Threats

FortiBleed: 86,000 Fortinet Device Credentials Compromised

Funding/M&A

Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Vulnerabilities

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Daily Briefing Newsletter