Ionut Arghire

Android’s March 2023 Updates Patch Over 50 Vulnerabilities

Google has released patches for more than 50 vulnerabilities as part of the March 2023 security updates for the Android platform.

March 7, 2023

New ATM Malware ‘FiXS’ Emerges

Metabase Q documents FiXS, a new malware family targeting ATMs in Latin America.

March 6, 2023

New Tool Made by Microsoft and Mitre Emulates Attacks on Machine Learning Systems

Microsoft and Mitre release Arsenal plugin to help cybersecurity professionals emulate attacks on machine learning (ML) systems.

March 6, 2023

Ransomware Operators Leak Data Allegedly Stolen From City of Oakland

Play ransomware operators have leaked data allegedly stolen from the City of Oakland last month.

March 6, 2023

Cybercrime Marketplace Leaks Over 2.1 Million Payment Cards

Carding marketplace BidenCash last week released information on more than 2.1 million credit and debit cards.

March 6, 2023

Thousands of Websites Hijacked Using Compromised FTP Credentials

Cybersecurity startup Wiz warns of a widespread redirection campaign in which thousands of websites have been compromised using legitimate FTP credentials.

March 3, 2023

Organizations Warned of Royal Ransomware Attacks

FBI and CISA have issued an alert to warn organizations of the risks associated with Royal ransomware attacks.

March 3, 2023

Over 71k Impacted by Credential Stuffing Attacks on Chick-fil-A Accounts

Chick-fil-A is informing users that their accounts have been compromised in a two-month-long credential stuffing campaign.

March 3, 2023

BlackLotus Bootkit Can Target Fully Patched Windows 11 Systems

ESET says the BlackLotus UEFI bootkit can bypass secure boot on fully updated Windows 11 systems.

March 2, 2023

Canadian Bookstore Chain Indigo Says Employee Data Stolen in Ransomware Attack

Canadian bookstore chain Indigo this week confirmed that employee data was stolen in a ransomware attack last month.

March 2, 2023

Cisco Patches Critical Vulnerability in IP Phones

Cisco has released patches for a critical remote code execution vulnerability in certain IP phones.

March 2, 2023

GitHub Secret Scanning Now Generally Available

GitHub this week made secret scanning generally available and free for all public repositories.

March 2, 2023

Two Hacking Groups Seen Targeting Materials Sector in Asia

Two APTs, named Winnti and Clasiopa, have been observed targeting Asian organizations in the materials sector.

March 1, 2023

Several Law Firms Targeted in Malware Attacks

In January and February 2023, six law firms were targeted with the GootLoader and SocGholish malware in two separate campaigns.

March 1, 2023

Google Workspace Client-Side Encryption Now Generally Available in Gmail, Calendar

Google this week made client-side encryption for Gmail and Calendar available for Workspace customers.

March 1, 2023

South American Cyberspies Impersonate Colombian Government in Recent Campaign

The South American cyberespionage group Blind Eagle has been observed impersonating a Colombian government tax agency in recent attacks.

March 1, 2023

Ransomware Attack Hits US Marshals Service

The US Marshals Service has confirmed that ransomware was deployed on one of its systems that contains sensitive law enforcement information.

February 28, 2023

New ‘Exfiltrator-22’ Post-Exploitation Framework Linked to Former LockBit Affiliates

A recently identified post-exploitation framework ‘Exfiltrator-22’ uses the same C&C infrastructure as the LockBit ransomware.

February 28, 2023

Vouched Raises $6.3 Million for Identity Verification Platform

AI-driven identity verification platform Vouched has raised $6.3 million in a funding round led by BHG VC and SpringRock Ventures.

February 28, 2023

US Sanctions Several Entities Aiding Russia’s Cyber Operations

US Department of Treasury has announced a fresh set of sanctions against entities helping Russia in the war against Ukraine.

February 27, 2023

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

Android’s March 2023 Updates Patch Over 50 Vulnerabilities

New ATM Malware ‘FiXS’ Emerges

New Tool Made by Microsoft and Mitre Emulates Attacks on Machine Learning Systems

Ransomware Operators Leak Data Allegedly Stolen From City of Oakland

Cybercrime Marketplace Leaks Over 2.1 Million Payment Cards

Thousands of Websites Hijacked Using Compromised FTP Credentials

Organizations Warned of Royal Ransomware Attacks

Over 71k Impacted by Credential Stuffing Attacks on Chick-fil-A Accounts

BlackLotus Bootkit Can Target Fully Patched Windows 11 Systems

Canadian Bookstore Chain Indigo Says Employee Data Stolen in Ransomware Attack

Cisco Patches Critical Vulnerability in IP Phones

GitHub Secret Scanning Now Generally Available

Two Hacking Groups Seen Targeting Materials Sector in Asia

Several Law Firms Targeted in Malware Attacks

Google Workspace Client-Side Encryption Now Generally Available in Gmail, Calendar

South American Cyberspies Impersonate Colombian Government in Recent Campaign

Ransomware Attack Hits US Marshals Service

New ‘Exfiltrator-22’ Post-Exploitation Framework Linked to Former LockBit Affiliates

Vouched Raises $6.3 Million for Identity Verification Platform

US Sanctions Several Entities Aiding Russia’s Cyber Operations

Featured

Artificial Intelligence

Industry Reactions to Claude Fable 5: Feedback Friday

ICS/OT

Iranian Cyber Group Handala Claims Cal Water Hack

Cybercrime

Google Confirms Exploitation of Oracle PeopleSoft Zero-Day by ShinyHunters

Incident Response

Alert Fatigue Is Becoming a Security Threat of Its Own

ICS/OT

Siemens Says Desigo CC Files Flagged as Malware by Security Engines

Vulnerabilities

Microsoft Patches Exploited Exchange Server Vulnerability

ICS/OT

Critical HVAC and UPS Vulnerabilities Could Let Hackers Disrupt Data Centers

Latest News

Supply Chain Security

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

Artificial Intelligence

Anthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export Controls

Management & Strategy

In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine

ICS/OT

Iranian Cyber Group Handala Claims Cal Water Hack

Vulnerabilities

Ivanti Sentry Exploitation Attempts Hitting Honeypots

Vulnerabilities

Chrome 149 Update Patches 28 Vulnerabilities

Artificial Intelligence

Anthropic Disputes Fable 5 AI Jailbreak

Daily Briefing Newsletter