Ionut Arghire

ProjectSend Vulnerability Exploited in the Wild

VulnCheck warns of widespread exploitation of a year-and-a-half-old ProjectSend vulnerability for which multiple public exploits exist.

November 27, 2024

Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity

US senators introduce new legislation to protect health data and strengthen the cybersecurity of the country’s healthcare sector.

November 27, 2024

Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets

The Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery.

November 27, 2024

IBM Patches RCE Vulnerabilities in Data Virtualization Manager, Security SOAR

IBM has released patches for two high-severity remote code execution vulnerabilities in Data Virtualization Manager and Security SOAR.

November 26, 2024

Chinese Hackers Exploiting Critical Vulnerability in Array Networks Gateways

CISA warns about attacks exploiting CVE-2023-28461, a critical vulnerability in Array Networks AG and vxAG secure access gateways.

November 26, 2024

New York Fines Geico and Travelers $11 Million Over Data Breaches

New York has announced $11 million settlements with Geico and Travelers over data breaches affecting 120,000 people.

November 26, 2024

Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites

Two vulnerabilities in the Anti-Spam by CleanTalk WordPress plugin allowed attackers to execute arbitrary code remotely.

November 26, 2024

Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks

A ransomware group has been observed exploiting a recently patched command injection vulnerability in Zyxel firewalls for initial access.

November 25, 2024

Viso Trust Raises $7 Million for Third-Party Risk Management Platform

San Francisco-based third-party risk management provider Viso Trust has raised $7 million in venture funding.

November 25, 2024

North Korea Deploying Fake IT Workers in China, Russia, Other Countries

The North Korean fake IT workers have infiltrated businesses in China, Russia, and other countries aside from the US.

November 25, 2024

Microlise Confirms Data Breach as Ransomware Group Steps Forward

The SafePay ransomware group claims to have stolen over 1 terabyte of data from vehicle tracking solutions provider Microlise.

November 25, 2024

Cyberattack Disrupts Systems of Gambling Giant IGT

Gambling giant IGT says it has taken certain systems offline in response to a cyberattack discovered over the weekend.

November 22, 2024

US Takes Down Stolen Credit Card Marketplace PopeyeTools

The US government has announced the seizure of stolen credit card marketplace PopeyeTools and charges against its administrators.

November 22, 2024

Russian Cyberespionage Group Hit 60 Victims in Asia, Europe

Russia-linked TAG-110 has targeted over 60 government, human rights, and educational entities in Asia and Europe.

November 22, 2024

400,000 Systems Potentially Exposed to 2023’s Most Exploited Flaws

VulnCheck finds hundreds of thousands of internet-accessible hosts potentially vulnerable to 2023’s top frequently exploited flaws.

November 22, 2024

Prompt Security Raises $18 Million for Gen-AI Security Platform

Gen-AI security startup Prompt Security has raised $18 million in a Series A funding round led by Jump Capital.

November 22, 2024

MITRE Updates List of 25 Most Dangerous Software Vulnerabilities

MITRE has released an updated CWE Top 25 Most Dangerous Software Weaknesses list, with cross-site scripting (XSS) at the top.

November 21, 2024

Financial Software Firm Finastra Investigating Data Breach

Finastra is investigating a data breach after a hacker claimed the theft of information from an internal file-transfer application.

November 21, 2024

US Charges Five Alleged Scattered Spider Members

Five alleged members of the Scattered Spider cybercrime group were charged for phishing and stealing millions in cryptocurrency.

November 21, 2024

Risk Intelligence Startup RIIG Raises $3 Million

Risk intelligence and cybersecurity solutions provider RIIG has raised $3 million in a seed funding round led by Felton Group.

November 20, 2024

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

ProjectSend Vulnerability Exploited in the Wild

Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity

Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets

IBM Patches RCE Vulnerabilities in Data Virtualization Manager, Security SOAR

Chinese Hackers Exploiting Critical Vulnerability in Array Networks Gateways

New York Fines Geico and Travelers $11 Million Over Data Breaches

Critical Vulnerabilities Found in Anti-Spam Plugin Used by 200,000 WordPress Sites

Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks

Viso Trust Raises $7 Million for Third-Party Risk Management Platform

North Korea Deploying Fake IT Workers in China, Russia, Other Countries

Microlise Confirms Data Breach as Ransomware Group Steps Forward

Cyberattack Disrupts Systems of Gambling Giant IGT

US Takes Down Stolen Credit Card Marketplace PopeyeTools

Russian Cyberespionage Group Hit 60 Victims in Asia, Europe

400,000 Systems Potentially Exposed to 2023’s Most Exploited Flaws

Prompt Security Raises $18 Million for Gen-AI Security Platform

MITRE Updates List of 25 Most Dangerous Software Vulnerabilities

Financial Software Firm Finastra Investigating Data Breach

US Charges Five Alleged Scattered Spider Members

Risk Intelligence Startup RIIG Raises $3 Million

Featured

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Artificial Intelligence

AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

ICS/OT

Cal Water Investigating Iranian Hackers’ Claims

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Ransomware

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Latest News

Identity & Access

Webinar Today: How Modern Breaches Bypass MFA and Evade Detection

Funding/M&A

1Password Acquires Apono in Reported $250M-$300M Deal

Artificial Intelligence

Tenet Security Emerges From Stealth With $6 Million Seed Funding

ICS/OT

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Daily Briefing Newsletter