Ionut Arghire

Xenomorph Android Banking Trojan Targeting Users in US, Canada

The Xenomorph Android banking trojan can now mimic financial institutions in the US and Canada and is also targeting crypto wallets.

September 26, 2023

$200 Million in Cryptocurrency Stolen in Mixin Network Hack

Mixin Network suspends deposits and withdrawals after hackers steal $200 million in digital assets from its centralized database.

September 26, 2023

Stealthy APT Gelsemium Seen Targeting Southeast Asian Government

A stealthy APT known as Gelsemium has been observed targeting a government entity in Southeast Asia for persistence and intelligence collection.

September 25, 2023

Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role

Kosi Goodness Simon-Ebo, a Nigerian national, pleaded guilty in a US court to his involvement in a million-dollar BEC fraud scheme.

September 25, 2023

City of Dallas Details Ransomware Attack Impact, Costs

City of Dallas has approved an $8.5 million budget to restore systems following a Royal ransomware attack in May 2023.

September 25, 2023

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers.

September 25, 2023

Air Canada Says Employee Information Accessed in Cyberattack

Canada’s largest airline says the personal information of some employees was accessed in a recent cyberattack.

September 22, 2023

BIND Updates Patch Two High-Severity DoS Vulnerabilities

The latest BIND security updates include patches for two high-severity DoS vulnerabilities that can be exploited remotely.

September 22, 2023

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

CISA says Known Exploited Vulnerabilities Catalog has helped federal agencies significantly accelerate their vulnerability remediation pace.

September 22, 2023

TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data

TransUnion denies suffering a breach after a hacker publishes 3GB of data allegedly stolen from the credit reporting firm.

September 21, 2023

Legit Security Raises $40 Million in Series B Financing

Legit Security raises $40 million in a Series B funding round led by CRV to help organizations protect the software supply chain from attacks

September 21, 2023

Atlassian Security Updates Patch High-Severity Vulnerabilities

Atlassian has released patches for multiple high-severity vulnerabilities in Jira, Confluence, Bitbucket, and Bamboo products.

September 21, 2023

Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks

The FBI and CISA are warning critical infrastructure organizations of ongoing Snatch ransomware attacks, which also involve data exfiltration.

September 21, 2023

Tor-Based Drug Marketplace Piilopuoti Shut Down by Law Enforcement

Finnish authorities have seized the drugs marketplace Piilopuoti, which has been operating on the Tor network since May 2022.

September 20, 2023

Discern Security Emerges From Stealth Mode With $3 Million in Funding

Policy management cybersecurity startup Discern Security on Tuesday emerged from stealth mode with $3 million in funding.

September 20, 2023

DHS Publishes New Recommendations on Cyber Incident Reporting

DHS has published a new set of recommendations to help federal agencies better report cyber incidents and protect critical infrastructure.

September 20, 2023

GitLab Patches Critical Pipeline Execution Vulnerability

GitLab has released security updates to address a critical-severity vulnerability allowing an attacker to run pipelines as another user.

September 20, 2023

Alcion Raises $21 Million for Backup-as-a-Service Platform

Data management startup Alcion has raised $21 million in a Series A funding round led by Veeam to expand its market presence.

September 19, 2023

Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices

New versions of Pakistan-linked APT Transparent Tribe’s CapraRAT Android trojan mimic the appearance of YouTube.

September 19, 2023

Thousands of Juniper Appliances Vulnerable to New Exploit

VulnCheck details a new fileless exploit targeting a recent Junos OS vulnerability that thousands of devices have not been patched against.

September 19, 2023

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

Xenomorph Android Banking Trojan Targeting Users in US, Canada

$200 Million in Cryptocurrency Stolen in Mixin Network Hack

Stealthy APT Gelsemium Seen Targeting Southeast Asian Government

Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role

City of Dallas Details Ransomware Attack Impact, Costs

In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

Air Canada Says Employee Information Accessed in Cyberattack

BIND Updates Patch Two High-Severity DoS Vulnerabilities

Faster Patching Pace Validates CISA’s KEV Catalog Initiative

TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data

Legit Security Raises $40 Million in Series B Financing

Atlassian Security Updates Patch High-Severity Vulnerabilities

Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks

Tor-Based Drug Marketplace Piilopuoti Shut Down by Law Enforcement

Discern Security Emerges From Stealth Mode With $3 Million in Funding

DHS Publishes New Recommendations on Cyber Incident Reporting

GitLab Patches Critical Pipeline Execution Vulnerability

Alcion Raises $21 Million for Backup-as-a-Service Platform

Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices

Thousands of Juniper Appliances Vulnerable to New Exploit

Featured

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Artificial Intelligence

AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

ICS/OT

Cal Water Investigating Iranian Hackers’ Claims

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Ransomware

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Latest News

Funding/M&A

1Password Acquires Apono in Reported $250M-$300M Deal

Artificial Intelligence

Tenet Security Emerges From Stealth With $6 Million Seed Funding

ICS/OT

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Vulnerabilities

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

Daily Briefing Newsletter