Ionut Arghire

Ransomware Groups Abuse Microsoft Services for Initial Access

Sophos warns of two ransomware groups abusing Microsoft 365 services and default configurations to contact internal enterprise users.

January 21, 2025

Students, Educators Impacted by PowerSchool Data Breach

PowerSchool says the personal information of students and educators was stolen in a December 2024 data breach.

January 21, 2025

Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes

Marco Raquan Honesty has pleaded guilty to his roles in several fraud schemes, including smishing, identity theft, and bank account takeover.

January 20, 2025

FCC Taking Action in Response to China’s Telecoms Hacking

The FCC adopts declaratory ruling requiring telecommunications providers to secure their networks against nation-states and other threats.

January 20, 2025

CISA, FBI Update Software Security Recommendations

CISA and the FBI have updated their guidance regarding risky software security bad practices based on feedback received from the public.

January 20, 2025

US Government Agencies Call for Closing the Software Understanding Gap

CISA and other agencies call to action for the US government to take steps to close the software understanding gap.

January 17, 2025

Wolf Haldenstein Data Breach Impacts 3.4 Million People

Law firm Wolf Haldenstein Adler Freeman & Herz LLP says more than 3.4 million people were impacted by a December 2023 data breach.

January 17, 2025

Google Releases Open Source Library for Software Composition Analysis

Google releases OSV-SCALIBR, an open source library for software composition analysis and file system scanning.

January 17, 2025

US Announces Sanctions Against North Korean Fake IT Worker Network

The US Treasury has sanctioned two individuals and four entities involved in the North Korean fake IT worker scheme.

January 17, 2025

Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise

Three vulnerabilities in SimpleHelp could allow attackers to compromise the remote access software’s server and the client machine.

January 17, 2025

Wultra Raises €3 Million for Post-Quantum Authentication

Authentication solutions provider Wultra has raised €3 million (~$3.1 million) for its post-quantum technology.

January 16, 2025

380,000 Impacted by Data Breach at Cannabis Retailer Stiiizy

Cannabis retailer Stiiizy says hackers stole the personal information of 380,000 consumers from one of its vendors.

January 16, 2025

North Korean Hackers Targeting Freelance Software Developers

North Korea-linked Lazarus Group is targeting freelance software developers to compromise the supply chain.

January 16, 2025

Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes

A vulnerability in Google’s OAuth implementation allows takeover of old employee accounts when domain ownership changes.

January 15, 2025

Chrome 132 Patches 16 Vulnerabilities

Google has released Chrome 132 with fixes for 16 vulnerabilities, including multiple high-severity security defects.

January 15, 2025

Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities

Nvidia, Zoom, and Zyxel have released patches for multiple high-severity vulnerabilities across their products.

January 15, 2025

US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists

The US, Japan, and South Korea say North Korean hackers stole roughly $660 million in cryptocurrency last year.

January 15, 2025

Ivanti Patches Critical Vulnerabilities in Endpoint Manager

Ivanti has released patches for multiple vulnerabilities in Endpoint Manager (EPM), including four critical-severity flaws.

January 15, 2025

SAP Patches Critical Vulnerabilities in NetWeaver

SAP has released 14 security notes on January 2025 Patch Day, including two addressing critical vulnerabilities in NetWeaver.

January 14, 2025

Compromised AWS Keys Abused in Codefinger Ransomware Attacks

A ransomware group tracked as Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C.

January 14, 2025

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

Ransomware Groups Abuse Microsoft Services for Initial Access

Students, Educators Impacted by PowerSchool Data Breach

Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes

FCC Taking Action in Response to China’s Telecoms Hacking

CISA, FBI Update Software Security Recommendations

US Government Agencies Call for Closing the Software Understanding Gap

Wolf Haldenstein Data Breach Impacts 3.4 Million People

Google Releases Open Source Library for Software Composition Analysis

US Announces Sanctions Against North Korean Fake IT Worker Network

Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise

Wultra Raises €3 Million for Post-Quantum Authentication

380,000 Impacted by Data Breach at Cannabis Retailer Stiiizy

North Korean Hackers Targeting Freelance Software Developers

Google OAuth Flaw Leads to Account Takeover When Domain Ownership Changes

Chrome 132 Patches 16 Vulnerabilities

Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities

US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists

Ivanti Patches Critical Vulnerabilities in Endpoint Manager

SAP Patches Critical Vulnerabilities in NetWeaver

Compromised AWS Keys Abused in Codefinger Ransomware Attacks

Featured

Cybercrime

Canadian Airline WestJet Hit by Cyberattack

Government

Industry Reactions to Trump Cybersecurity Executive Order: Feedback Friday

Vulnerabilities

Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking

Artificial Intelligence

The AI Arms Race: Deepfake Generation vs. Detection

IoT Security

New ‘SmartAttack’ Steals Air-Gapped Data Using Smartwatches

Cybercrime

Interpol Targets Infostealers: 20,000 IPs Taken Down, 32 Arrested, 216,000 Victims Notified

Artificial Intelligence

Cyera Raises $540 Million to Expand AI-Powered Data Security Platform

Latest News

Cloud Security

Google’s $32 Billion Wiz Deal Draws DOJ Antitrust Scrutiny: Report

Tracking & Law Enforcement

Archetyp Dark Web Market Shut Down by Law Enforcement

Data Breaches

Asheville Eye Associates Says 147,000 Impacted by Data Breach

Data Breaches

Zoomcar Says Hackers Accessed Data of 8.4 Million Users

Data Breaches

240,000 Impacted by Data Breach at Eyecare Tech Firm Ocuco

Ransomware

Anubis Ransomware Packs a Wiper to Permanently Delete Files

Artificial Intelligence

Red Teaming AI: The Build Vs Buy Debate

Daily Briefing Newsletter