Ionut Arghire

Russia-Linked RomCom Hackers Targeting NATO Summit Guests

A recent RomCom cyber operation has been targeting NATO Summit guests and other entities supporting Ukraine.

July 11, 2023

Critical Infrastructure Services Firm Ventia Takes Systems Offline Due to Cyberattack

Critical infrastructure services provider Ventia has taken some systems offline following a cyberattack.

July 10, 2023

PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability

PoC exploit has been published for a recently patched Ubiquiti EdgeRouter vulnerability leading to arbitrary code execution.

July 10, 2023

Critical Vulnerability Can Allow Takeover of Mastodon Servers

A critical vulnerability in the Mastodon social networking platform may allow attackers to take over target servers.

July 10, 2023

Iranian Cyberspies Target US-Based Think Tank With New macOS Malware

In May 2023, Iran-linked cyberespionage group Charming Kitten targeted a US-based think tank with new macOS malware.

July 7, 2023

Security Firm Finds Over 130k Internet-Exposed Photovoltaic Diagnostics Systems

Cyble has discovered more than 130,000 Photovoltaic monitoring and diagnostic solutions exposed to the internet.

July 7, 2023

Two Apps Hosted on Google Play Caught Sending User Data to Chinese Servers

Two applications hosted on Google Play, with over 1.5 million combined downloads, were caught sending user data to servers in China.

July 7, 2023

Android Security Updates Patch 3 Exploited Vulnerabilities

Google’s July 2023 security updates for Android patches 43 vulnerabilities, including three exploited in the wild.

July 6, 2023

28,000 Impacted by Data Breach at Pepsi Bottling Ventures

The personal, financial, and health information of over 28,000 individuals stolen in data breach at Pepsi Bottling Ventures.

July 6, 2023

Interpol: Key Member of Major Cybercrime Group Arrested in Africa

Law enforcement authorities have arrested a suspected senior member of the French-speaking Opera1er cybercrime group.

July 6, 2023

Vulnerability in Cisco Enterprise Switches Allows Attackers to Modify Encrypted Traffic

Cisco says a high-severity vulnerability in Nexus 9000 series switches could allow attackers to intercept and modify encrypted traffic.

July 6, 2023

Japan’s Nagoya Port Suspends Cargo Operations Following Ransomware Attack

Japan’s Port of Nagoya this week suspended cargo loading and unloading operations following a ransomware attack.

July 5, 2023

Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities

Mozilla has released Firefox 115 to the stable channel with patches for two high-severity use-after-free vulnerabilities.

July 5, 2023

VMware, Other Tech Giants Announce Push for Confidential Computing Standards

VMware partners with tech giants to accelerate the development of confidential computing applications.

July 3, 2023

200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ Plugin

Attackers exploit critical vulnerability in the Ultimate Member plugin to create administrative accounts on WordPress websites.

June 30, 2023

MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses

Use-after-free and OS command injection vulnerabilities reach the top five most dangerous software weaknesses in the 2023 CWE Top 25 list.

June 30, 2023

Proton Launches Open Source Password Manager

Proton makes its open source Proton Pass password manager globally available for major browsers and mobile devices.

June 30, 2023

IP Fabric Raises $25 Million in Series B Funding

IP Fabric raises $25 million in new financing to build technology in the enterprise network assurance space.

June 29, 2023

Serious Vulnerability Exposes Admin Interface of Arcserve UDP Backup Solution

Researchers publish PoC for a high-severity authentication bypass vulnerability in the Arcserve UDP data backup solution.

June 29, 2023

New MIT Framework Evaluates Side-Channel Attack Mitigations

The framework helps evaluate the effectiveness of obfuscation side-channel mitigation schemes against data leaks.

June 29, 2023

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

Russia-Linked RomCom Hackers Targeting NATO Summit Guests

Critical Infrastructure Services Firm Ventia Takes Systems Offline Due to Cyberattack

PoC Exploit Published for Recent Ubiquiti EdgeRouter Vulnerability

Critical Vulnerability Can Allow Takeover of Mastodon Servers

Iranian Cyberspies Target US-Based Think Tank With New macOS Malware

Security Firm Finds Over 130k Internet-Exposed Photovoltaic Diagnostics Systems

Two Apps Hosted on Google Play Caught Sending User Data to Chinese Servers

Android Security Updates Patch 3 Exploited Vulnerabilities

28,000 Impacted by Data Breach at Pepsi Bottling Ventures

Interpol: Key Member of Major Cybercrime Group Arrested in Africa

Vulnerability in Cisco Enterprise Switches Allows Attackers to Modify Encrypted Traffic

Japan’s Nagoya Port Suspends Cargo Operations Following Ransomware Attack

Firefox 115 Patches High-Severity Use-After-Free Vulnerabilities

VMware, Other Tech Giants Announce Push for Confidential Computing Standards

200,000 WordPress Sites Exposed to Attacks Exploiting Flaw in ‘Ultimate Member’ Plugin

MITRE Updates CWE Top 25 Most Dangerous Software Weaknesses

Proton Launches Open Source Password Manager

IP Fabric Raises $25 Million in Series B Funding

Serious Vulnerability Exposes Admin Interface of Arcserve UDP Backup Solution

New MIT Framework Evaluates Side-Channel Attack Mitigations

Featured

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Artificial Intelligence

AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

ICS/OT

Cal Water Investigating Iranian Hackers’ Claims

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Ransomware

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Data Breaches

French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker

Latest News

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Vulnerabilities

Joomla, LiteSpeed Vulnerabilities Exploited in Attacks

Data Breaches

iRhythm Confirms Data Stolen in Hack

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Daily Briefing Newsletter