Ionut Arghire

D-Link Warns of RCE Vulnerability in Legacy Routers

Six discontinued D-Link router models are affected by a remote code execution (RCE) vulnerability that will not be patched.

November 20, 2024

GitHub Launches Fund to Improve Open Source Project Security

GitHub has launched a $1.25 million fund to be invested in improving the security of 125 open source projects.

November 20, 2024

Oracle Patches Exploited Agile PLM Zero-Day

Oracle has patched a high-severity information disclosure zero-day in Agile PLM that has been exploited in the wild.

November 20, 2024

Employee Data Compromised in Hacker Attack on Space Technology Firm Maxar

Satellite maker Maxar Space Systems has disclosed a data breach impacting the personal information of its employees.

November 19, 2024

Russian Phobos Ransomware Operator Extradited to US

Evgenii Ptitsyn was extradited from South Korea to the US to face charges for his alleged involvement in administering the Phobos ransomware.

November 19, 2024

Threat Actor Turns Thousands of IoT Devices Into Residential Proxies

A threat actor tracked as Water Barghest has compromised over 20,000 IoT devices and monetizes them as residential proxies.

November 19, 2024

Akira Ransomware Drops 30 Victims on Leak Site in One Day

Cyberint has observed the Akira ransomware group leaking in a single day the information allegedly stolen from 32 victims.

November 19, 2024

Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day

A zero-day vulnerability affecting five discontinued GeoVision product models has been exploited by a botnet.

November 18, 2024

Ransomware Attack on Oklahoma Medical Center Impacts 133,000

Great Plains Regional Medical Center says the personal information of 133,000 individuals was compromised in a ransomware attack.

November 18, 2024

300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks

EPA flags security vulnerabilities in more than 300 drinking water systems that serve roughly 110 million individuals.

November 18, 2024

Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report

The DeepData malware framework was seen exploiting a Fortinet VPN client for Windows zero-day that remains unpatched.

November 18, 2024

Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption

The Glove Stealer malware leverages a recently disclosed App-Bound encryption bypass method in attacks.

November 15, 2024

Known Brand, Government Domains Hijacked via Sitting Ducks Attacks

Threat actors have hijacked over 70,000 domains, including known brands and government entities, because of failed domain ownership verification.

November 15, 2024

Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover

Over 4 million WordPress websites were impacted by a critical Really Simple Security plugin vulnerability providing full administrative access.

November 15, 2024

LightSpy Spyware Operation Expands to Windows

The Chinese APT behind the LightSpy iOS backdoor has expanded its toolset with DeepData, a modular Windows-based surveillance framework.

November 15, 2024

Iranian Hackers Target Aerospace Industry in ‘Dream Job’ Campaign

Iran-linked Charming Kitten hackers have been running a ‘dream job’ campaign targeting the aerospace industry with the SnailResin malware.

November 14, 2024

Bitsight to Acquire Cybersixgill for $115 Million

Cyber risk management solutions provider Bitsight is acquiring threat intelligence firm Cybersixgill for $115 million.

November 14, 2024

CISA, FBI Confirm China Hacked Telecoms Providers for Spying

CISA and the FBI have confirmed that Chinese hackers compromised the networks of telecommunications companies to spy on specific targets.

November 14, 2024

Idaho Man Sentenced to 10 Years in Prison for Hacking, Data Theft, Extortion

Robert Purbeck was sentenced to 10 years in prison for stealing the personal information of over 132,000 people.

November 14, 2024

Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions

The exploit for a new zero-day vulnerability in Windows is executed by deleting files, drag-and-dropping them, or right clicking on them.

November 14, 2024

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

D-Link Warns of RCE Vulnerability in Legacy Routers

GitHub Launches Fund to Improve Open Source Project Security

Oracle Patches Exploited Agile PLM Zero-Day

Employee Data Compromised in Hacker Attack on Space Technology Firm Maxar

Russian Phobos Ransomware Operator Extradited to US

Threat Actor Turns Thousands of IoT Devices Into Residential Proxies

Akira Ransomware Drops 30 Victims on Leak Site in One Day

Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day

Ransomware Attack on Oklahoma Medical Center Impacts 133,000

300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks

Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report

Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption

Known Brand, Government Domains Hijacked via Sitting Ducks Attacks

Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover

LightSpy Spyware Operation Expands to Windows

Iranian Hackers Target Aerospace Industry in ‘Dream Job’ Campaign

Bitsight to Acquire Cybersixgill for $115 Million

CISA, FBI Confirm China Hacked Telecoms Providers for Spying

Idaho Man Sentenced to 10 Years in Prison for Hacking, Data Theft, Extortion

Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions

Featured

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Artificial Intelligence

AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

ICS/OT

Cal Water Investigating Iranian Hackers’ Claims

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Ransomware

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Latest News

Identity & Access

Webinar Today: How Modern Breaches Bypass MFA and Evade Detection

Funding/M&A

1Password Acquires Apono in Reported $250M-$300M Deal

Artificial Intelligence

Tenet Security Emerges From Stealth With $6 Million Seed Funding

ICS/OT

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Daily Briefing Newsletter