Ionut Arghire

Citrix, Cisco, Fortinet Zero-Days Among 2023’s Most Exploited Vulnerabilities

Most of the top frequently exploited vulnerabilities in 2023 were initially exploited as zero-days, according to data from government agencies.

November 13, 2024

Ivanti Patches 50 Vulnerabilities Across Several Products

Ivanti has released fixes for dozens of vulnerabilities in Endpoint Manager, Avalanche, Connect Secure, Policy Secure, and Secure Access Client.

November 13, 2024

High-Severity Vulnerabilities Patched in Zoom, Chrome

Zoom Apps security updates resolve six vulnerabilities and Chrome 131 stable is rolling out with 12 security fixes.

November 13, 2024

Citrix, Fortinet Patch High-Severity Vulnerabilities

Citrix and Fortinet have released patches for multiple vulnerabilities, including high-severity bugs in NetScaler and FortiOS.

November 13, 2024

Ahold Delhaize Cybersecurity Incident Impacts Giant Food, Hannaford

Cybersecurity incident impacts Giant Food, Hannaford, and other Ahold Delhaize USA brands, including pharmacies and e-commerce services.

November 12, 2024

SAP Patches High-Severity Vulnerability in Web Dispatcher

SAP has released eight new security notes on November 2024 patch day, including one addressing a high-severity vulnerability in Web Dispatcher.

November 12, 2024

Millions of Hot Topic Customers Impacted by Data Breach

Hot Topic has suffered a data breach impacting approximately 57 million unique email addresses and the personal information of roughly 25 million.

November 12, 2024

New iOS Security Feature Reboots Devices to Protect User Data: Reports

A new feature in the latest iOS release reportedly reboots locked devices that have not been unlocked for longer periods of time.

November 12, 2024

FBI Warns US Organizations of Fake Emergency Data Requests Made by Cybercriminals

The FBI is seeing an increase in threat actors using fake emergency data requests to harvest information from US companies.

November 11, 2024

Debt Relief Firm Forth Discloses Data Breach Impacting 1.5 Million People

Forth says the personal information of 1.5 million people was compromised in a May 2024 data breach.

November 11, 2024

Veeam Patches High-Severity Vulnerability as Exploitation of Previous Flaw Expands

Veeam has released a hotfix for a high-severity authentication bypass vulnerability in Backup Enterprise Manager.

November 11, 2024

Many Legacy D-Link NAS Devices Exposed to Remote Attacks via Critical Flaw

D-Link warns of a critical-severity command injection vulnerability impacting multiple discontinued NAS models.

November 11, 2024

Malwarebytes Acquires VPN Provider AzireVPN

Malwarebytes has acquired Sweden-based privacy-focused VPN provider AzireVPN to expand its product offerings.

November 8, 2024

Unpatched Vulnerabilities Allow Hacking of Mazda Cars: ZDI

ZDI discloses vulnerabilities in the infotainment system of multiple Mazda car models that could lead to code execution.

November 8, 2024

Texas Oilfield Supplier Newpark Hit by Ransomware

Texas-based oilfield supplier Newpark Resources says a ransomware attack disrupted information systems and business applications.

November 8, 2024

HPE Patches Critical Vulnerabilities in Aruba Access Points

HPE this week warned of two critical vulnerabilities in Aruba Networking access points that could lead to unauthenticated command injection.

November 8, 2024

‘SteelFox’ Miner and Information Stealer Bundle Emerges

Impersonating legitimate software such as Foxit PDF Editor and AutoCAD, the SteelFox crimeware bundle steals user information.

November 7, 2024

Cisco Patches Critical Vulnerability in Industrial Networking Solution

A critical vulnerability in Cisco Unified Industrial Wireless software could allow remote, unauthenticated attackers to inject commands with root privileges.

November 7, 2024

Cyberattack on Microlise Disables Tracking in Prison Vans, Courier Vehicles

Vehicle tracking services for Serco, DHL, and other fleets were disrupted after Microlise fell victim to a cyberattack.

November 7, 2024

Google Cloud Rolling Out Mandatory MFA for All Users

Starting this month, Google Cloud will be rolling out mandatory MFA for all users who sign in with a password.

November 6, 2024

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

Citrix, Cisco, Fortinet Zero-Days Among 2023’s Most Exploited Vulnerabilities

Ivanti Patches 50 Vulnerabilities Across Several Products

High-Severity Vulnerabilities Patched in Zoom, Chrome

Citrix, Fortinet Patch High-Severity Vulnerabilities

Ahold Delhaize Cybersecurity Incident Impacts Giant Food, Hannaford

SAP Patches High-Severity Vulnerability in Web Dispatcher

Millions of Hot Topic Customers Impacted by Data Breach

New iOS Security Feature Reboots Devices to Protect User Data: Reports

FBI Warns US Organizations of Fake Emergency Data Requests Made by Cybercriminals

Debt Relief Firm Forth Discloses Data Breach Impacting 1.5 Million People

Veeam Patches High-Severity Vulnerability as Exploitation of Previous Flaw Expands

Many Legacy D-Link NAS Devices Exposed to Remote Attacks via Critical Flaw

Malwarebytes Acquires VPN Provider AzireVPN

Unpatched Vulnerabilities Allow Hacking of Mazda Cars: ZDI

Texas Oilfield Supplier Newpark Hit by Ransomware

HPE Patches Critical Vulnerabilities in Aruba Access Points

‘SteelFox’ Miner and Information Stealer Bundle Emerges

Cisco Patches Critical Vulnerability in Industrial Networking Solution

Cyberattack on Microlise Disables Tracking in Prison Vans, Courier Vehicles

Google Cloud Rolling Out Mandatory MFA for All Users

Featured

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Artificial Intelligence

AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

ICS/OT

Cal Water Investigating Iranian Hackers’ Claims

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Ransomware

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Latest News

Identity & Access

Webinar Today: How Modern Breaches Bypass MFA and Evade Detection

Funding/M&A

1Password Acquires Apono in Reported $250M-$300M Deal

Artificial Intelligence

Tenet Security Emerges From Stealth With $6 Million Seed Funding

ICS/OT

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Daily Briefing Newsletter