Ionut Arghire

Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China

GreyNoise has observed millions of spoofed IPs flooding internet providers with web traffic primarily focusing on TCP connections.

September 20, 2024

Kubernetes Container Isolation Startup Edera Raises $5 Million

Edera has raised $5 million in seed funding to help organizations secure Kubernetes containers and AI workloads.

September 20, 2024

Law Enforcement Dismantles Phishing Platform Used for Unlocking Stolen Phones

The iServer phishing-as-a-service platform was used by Spanish-speaking criminals to harvest credentials and unlock stolen and lost phones.

September 20, 2024

CISA Releases Cyber Defense Alignment Plan for Federal Agencies

CISA has laid out the FOCAL plan, which aligns the collective operational defense capabilities across federal agencies.

September 19, 2024

Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd

Atlassian’s September 2024 monthly security bulletin details multiple high-severity vulnerabilities in four products.

September 19, 2024

Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate

Microsoft has observed the threat actor Vanilla Tempest targeting US healthcare organizations with INC ransomware.

September 19, 2024

GitLab Patches Critical Authentication Bypass Vulnerability

GitLab has patched a critical-severity SAML authentication bypass affecting both Community Edition (CE) and Enterprise Edition (EE) instances.

September 19, 2024

Threat Actors Target Accounting Software Used by Construction Contractors

Malicious hackers are caught brute-forcing Foundation Accounting Software at scale, compromising organizations in the construction industry.

September 18, 2024

CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities

CISA and the FBI have released an alert on XSS vulnerabilities, urging organizations to adopt a secure by design approach and eliminate them.

September 18, 2024

Chrome 129 Patches High-Severity Vulnerability in V8 Engine

Google has released Chrome 129 with patches for nine vulnerabilities, including a high-severity bug in the V8 engine.

September 18, 2024

AT&T to Pay $13 Million in Settlement Over 2023 Data Breach

AT&T has agreed to pay $13 million in a settlement with the FCC over a 2023 data breach at a third-party vendor’s cloud environment.

September 18, 2024

C/side Raises $6 Million to Secure the Browser Supply Chain

C/side has raised $6 million in a seed-stage funding round to help organizations protect against malicious browser third-party scripts.

September 17, 2024

D-Link Patches Critical Router Vulnerabilities

D-Link has released patches for critical vulnerabilities that could allow attackers to execute arbitrary code and commands on routers.

September 17, 2024

Dependency Confusion Could Have Led to RCE in Google Cloud Platform

Tenable shares details on a dependency confusion attack that led to the execution of code on Google’s internal servers.

September 17, 2024

BlackCloak Raises $17 Million to Protect Executives, High-Profile Individuals

BlackCloak has raised $17 million in Series B funding to protect high-profile individuals from sophisticated cyberattacks.

September 17, 2024

DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military

Chinese national Song Wu allegedly sent spear-phishing emails to NASA, Air Force, Navy, Army, and FAA employees.

September 17, 2024

Ransomware Group Leaks Data Allegedly Stolen From Kawasaki Motors

The RansomHub ransomware gang has published 487 gigabytes of data allegedly stolen from Kawasaki Motors Europe’s systems.

September 16, 2024

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day

Microsoft warns that a recently patched Windows vulnerability was exploited in the wild as a zero-day prior to July 2024.

September 16, 2024

Data Stolen in Ransomware Attack That Hit Seattle Airport

The Port of Seattle, which operates the SEA Airport, has confirmed that the August outage was the result of a ransomware attack.

September 16, 2024

SolarWinds Patches Critical Vulnerability in Access Rights Manager

SolarWinds has announced patches for a critical-severity remote code execution vulnerability in Access Rights Manager.

September 16, 2024

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China

Kubernetes Container Isolation Startup Edera Raises $5 Million

Law Enforcement Dismantles Phishing Platform Used for Unlocking Stolen Phones

CISA Releases Cyber Defense Alignment Plan for Federal Agencies

Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd

Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate

GitLab Patches Critical Authentication Bypass Vulnerability

Threat Actors Target Accounting Software Used by Construction Contractors

CISA, FBI Urge Organizations to Eliminate XSS Vulnerabilities

Chrome 129 Patches High-Severity Vulnerability in V8 Engine

AT&T to Pay $13 Million in Settlement Over 2023 Data Breach

C/side Raises $6 Million to Secure the Browser Supply Chain

D-Link Patches Critical Router Vulnerabilities

Dependency Confusion Could Have Led to RCE in Google Cloud Platform

BlackCloak Raises $17 Million to Protect Executives, High-Profile Individuals

DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military

Ransomware Group Leaks Data Allegedly Stolen From Kawasaki Motors

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day

Data Stolen in Ransomware Attack That Hit Seattle Airport

SolarWinds Patches Critical Vulnerability in Access Rights Manager

Featured

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Artificial Intelligence

AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

ICS/OT

Cal Water Investigating Iranian Hackers’ Claims

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Ransomware

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Latest News

Identity & Access

Webinar Today: How Modern Breaches Bypass MFA and Evade Detection

Funding/M&A

1Password Acquires Apono in Reported $250M-$300M Deal

Artificial Intelligence

Tenet Security Emerges From Stealth With $6 Million Seed Funding

ICS/OT

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Daily Briefing Newsletter