Ionut Arghire

Critical Authentication Bypass Resolved in GitHub Enterprise Server

Critical vulnerability in GitHub Enterprise Server allows unauthenticated attackers to obtain administrative privileges.

May 22, 2024

Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager

Ivanti has released product updates to resolve multiple vulnerabilities, including critical code execution flaws in Endpoint Manager.

May 22, 2024

Chrome 125 Update Patches High-Severity Vulnerabilities

Google released a Chrome 125 update to resolve four high-severity vulnerabilities reported by external researchers.

May 22, 2024

QNAP Rushes Patch for Code Execution Flaw in NAS Devices

QNAP rolls out patches for multiple vulnerabilities after proof-of-concept exploit published for a remote code execution vulnerability.

May 21, 2024

OmniVision Says Personal Information Stolen in Ransomware Attack

Semiconductor giant OmniVision Technologies says personal information was stolen in a September 2023 ransomware attack.

May 21, 2024

CyberArk to Acquire Machine Identity Firm Venafi for $1.54 Billion

CyberArk agreed to acquire machine identity management Venafi from Thoma Bravo for $1.54 billion.

May 20, 2024

2.4 Million Impacted by WebTPA Data Breach

Health insurance firm WebTPA says the personal information of 2.4 million individuals was compromised in a data breach.

May 20, 2024

MediSecure Data Breach Impacts Patient and Healthcare Provider Information

MediSecure says data related to prescriptions distributed until November 2023 was compromised in a ransomware attack.

May 20, 2024

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products

CISA has added two vulnerabilities in discontinued D-Link products to its KEV catalog, including a decade-old flaw.

May 17, 2024

New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data

The Antidot Android banking trojan snoops on users and steals their credentials, contacts, and SMS messages.

May 17, 2024

Microsoft Quick Assist Tool Abused for Ransomware Delivery

The Black Basta group abuses remote connection tool Quick Assist in vishing attacks leading to ransomware deployment.

May 17, 2024

C/side Emerges From Stealth Mode With $1.7 Million Investment

C/side has emerged from stealth mode with $1.7 million in pre-seed funding from Scribble Ventures and angel investors

May 17, 2024

Alkira Raises $100 Million for Secure Network Infrastructure Platform

Network infrastructure as-a-service Alkira has raised $100 million in a Series C funding round led by Tiger Global Management.

May 16, 2024

Android 15 Brings Improved Fraud and Malware Protections

Google is boosting fraud and malware protections in Android 15 with live threat detection and expanded restricted settings.

May 16, 2024

Personal Information Stolen in City of Wichita Ransomware Attack

The City of Wichita says files containing personal information were exfiltrated in a recent ransomware attack.

May 16, 2024

Third Chrome Zero-Day Patched by Google Within One Week

Google releases Chrome 125 to the stable channel with patches for nine vulnerabilities, including a zero-day.

May 16, 2024

Threat Actors Abuse GitHub to Distribute Multiple Information Stealers

Russian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software.

May 15, 2024

400,000 Linux Servers Hit by Ebury Botnet

The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected.

May 15, 2024

900k Impacted by Data Breach at Mississippi Healthcare Provider

Singing River Health System says the personal information of roughly 900,000 individuals was stolen in an August 2023 ransomware attack.

May 15, 2024

Unwanted Tracking Alerts Rolling Out to iOS, Android

Apple and Google have rolled out a new mobile feature that warns users of unwanted trackers moving with them.

May 15, 2024

SECURITYWEEK NETWORK:

ICS:

Ionut Arghire

Critical Authentication Bypass Resolved in GitHub Enterprise Server

Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager

Chrome 125 Update Patches High-Severity Vulnerabilities

QNAP Rushes Patch for Code Execution Flaw in NAS Devices

OmniVision Says Personal Information Stolen in Ransomware Attack

CyberArk to Acquire Machine Identity Firm Venafi for $1.54 Billion

2.4 Million Impacted by WebTPA Data Breach

MediSecure Data Breach Impacts Patient and Healthcare Provider Information

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products

New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data

Microsoft Quick Assist Tool Abused for Ransomware Delivery

C/side Emerges From Stealth Mode With $1.7 Million Investment

Alkira Raises $100 Million for Secure Network Infrastructure Platform

Android 15 Brings Improved Fraud and Malware Protections

Personal Information Stolen in City of Wichita Ransomware Attack

Third Chrome Zero-Day Patched by Google Within One Week

Threat Actors Abuse GitHub to Distribute Multiple Information Stealers

400,000 Linux Servers Hit by Ebury Botnet

900k Impacted by Data Breach at Mississippi Healthcare Provider

Unwanted Tracking Alerts Rolling Out to iOS, Android

Featured

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Artificial Intelligence

AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

ICS/OT

Cal Water Investigating Iranian Hackers’ Claims

Network Security

Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks

Ransomware

Ransomware Attack Shuts Down Mills of Australia’s Second-Largest Sugar Producer

Latest News

Identity & Access

Webinar Today: How Modern Breaches Bypass MFA and Evade Detection

Funding/M&A

1Password Acquires Apono in Reported $250M-$300M Deal

Artificial Intelligence

Tenet Security Emerges From Stealth With $6 Million Seed Funding

ICS/OT

Rockwell Automation Patches Vulnerabilities in ICS Controllers and Software

Malware & Threats

Microsoft Teams Relay Servers Abused in DragonForce Ransomware Attack

Vulnerabilities

Oracle’s Second Monthly Security Updates Deliver 245 Patches

Vulnerabilities

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Daily Briefing Newsletter