Ionut Arghire

10 Million Likely Impacted by Data Breach at French Unemployment Agency

The personal information of roughly 10 million individuals might have been compromised in a data breach at French unemployment agency Pole Emploi.

August 28, 2023

3 Malware Loaders Detected in 80% of Attacks: Security Firm

QakBot, SocGholish, and Raspberry Robin are the three most popular malware loaders, accounting for 80% of the observed incidents.

August 28, 2023

Ohio History Organization Says Personal Information Stolen in Ransomware Attack

Personal information stolen in ransomware attack at Ohio History Connection posted online after organization refuses to pay ransom.

August 28, 2023

North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw

North Korea-linked Lazarus Group exploited a ManageEngine vulnerability to compromise an internet backbone infrastructure provider.

August 25, 2023

Cypago Raises $13 Million for GRC Automation Platform

Israeli startup Cypago raises $13 million in funding and launches a governance, risk management and compliance (GRC) automation platform.

August 25, 2023

Google Workspace Introduces New AI-Powered Security Controls

Google has announced new AI-powered zero trust, digital sovereignty, and threat defense controls for Workspace customers.

August 25, 2023

University of Minnesota Confirms Data Breach, Says Ransomware Not Involved

University of Minnesota confirms data was stolen from its systems, says no malware infection or file encryption has been identified.

August 24, 2023

Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks

Cisco has released patches for three high-severity vulnerabilities in NX-OS and FXOS software that could lead to denial-of-service (DoS) conditions.

August 24, 2023

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective

The FBI says that the patches Barracuda released in May for an exploited ESG zero-day vulnerability (CVE-2023-2868) were not effective.

August 24, 2023

Digital Identity Protection Firm SpyCloud Raises $110 Million

Account takeover and fraud protection firm SpyCloud has raised $110 million in a growth funding round led by Riverwood Capital.

August 24, 2023

Hosting Provider CloudNordic Loses All Customer Data in Ransomware Attack

Danish cloud hosting provider CloudNordic says most customers lost all data after ransomware shut down all its systems and servers.

August 24, 2023

FBI Finds 1,580 Bitcoin in Crypto Wallets Linked to North Korean Hackers

The FBI has published information on six crypto wallets in which North Korean hackers moved roughly 1,580 Bitcoin from various heists.

August 23, 2023

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

More than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit.

August 23, 2023

US Government Publishes Guidance on Migrating to Post-Quantum Cryptography

CISA, NSA, and NIST urge organizations to create quantum-readiness roadmaps and prepare for post-quantum cryptography migration.

August 23, 2023

First Weekly Chrome Security Update Patches High-Severity Vulnerabilities

Google has released the first weekly Chrome security update, which patches five memory safety vulnerabilities, including four rated ‘high severity’.

August 23, 2023

TP-Link Smart Bulb Vulnerabilities Expose Households to Hacker Attacks

Vulnerabilities in the TP-Link Tapo L530E smart bulb and accompanying mobile application can be exploited to obtain the local Wi-Fi password.

August 22, 2023

US Military Targeted in Recent HiatusRAT Attack

The threat actor behind HiatusRAT was seen performing reconnaissance against a US military procurement system in June 2023.

August 22, 2023

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack

A new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong.

August 22, 2023

Cerby Raises $17 Million for Access Management Platform for Nonstandard Applications

Cerby has raised $17 million in Series A funding for its access management platform for applications not supported by identity providers.

August 22, 2023

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer

Cyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator.

August 21, 2023

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

10 Million Likely Impacted by Data Breach at French Unemployment Agency

3 Malware Loaders Detected in 80% of Attacks: Security Firm

Ohio History Organization Says Personal Information Stolen in Ransomware Attack

North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw

Cypago Raises $13 Million for GRC Automation Platform

Google Workspace Introduces New AI-Powered Security Controls

University of Minnesota Confirms Data Breach, Says Ransomware Not Involved

Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks

FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective

Digital Identity Protection Firm SpyCloud Raises $110 Million

Hosting Provider CloudNordic Loses All Customer Data in Ransomware Attack

FBI Finds 1,580 Bitcoin in Crypto Wallets Linked to North Korean Hackers

3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability

US Government Publishes Guidance on Migrating to Post-Quantum Cryptography

First Weekly Chrome Security Update Patches High-Severity Vulnerabilities

TP-Link Smart Bulb Vulnerabilities Expose Households to Hacker Attacks

US Military Targeted in Recent HiatusRAT Attack

New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack

Cerby Raises $17 Million for Access Management Platform for Nonstandard Applications

Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer

Featured

Artificial Intelligence

Industry Reactions to Claude Fable 5: Feedback Friday

ICS/OT

Iranian Cyber Group Handala Claims Cal Water Hack

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Incident Response

Alert Fatigue Is Becoming a Security Threat of Its Own

ICS/OT

Siemens Says Desigo CC Files Flagged as Malware by Security Engines

Vulnerabilities

Microsoft Patches Exploited Exchange Server Vulnerability

ICS/OT

Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers

Latest News

Supply Chain Security

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

Artificial Intelligence

Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls

Management & Strategy

In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine

ICS/OT

Iranian Cyber Group Handala Claims Cal Water Hack

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

Artificial Intelligence

Anthropic Disputes Fable 5 AI Jailbreak

Daily Briefing Newsletter