Source: www.securityweek.com – Author: Ionut Arghire American Airlines and Southwest Airlines have started informing thousands of pilots that their personal information was compromised in a data...
Author:
Fortinet Patches Critical RCE Vulnerability in FortiNAC – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Fortinet has released patches to address a critical vulnerability in its FortiNAC network access control solution. The zero trust access...
British Twitter Hacker Sentenced to Prison in US – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A British national has been sentenced to five years in prison in the US for his role in hacking schemes...
Remotely Exploitable DoS Vulnerabilities Patched in BIND – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Internet Systems Consortium (ISC) has released patches for three remotely exploitable denial-of-service (DoS) vulnerabilities in the DNS software suite...
NSA Issues Guidance on Mitigating BlackLotus Bootkit Infections – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The National Security Agency (NSA) has published technical mitigation guidance to help organizations harden systems against BlackLotus UEFI bootkit infections....
CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The US government’s cybersecurity agency CISA on Thursday added another batch of security flaws to its Known Exploited Vulnerabilities (KEV)...
VMware Patches Code Execution Vulnerabilities in vCenter Server – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Virtualization giant VMware has published software updates to address multiple memory corruption vulnerabilities in vCenter Server that could lead to...
US Military Personnel Receiving Unsolicited, Suspicious Smartwatches – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The U.S. Army’s Criminal Investigation Division is urging military personnel to be on the lookout for unsolicited, suspicious smartwatches in...
China-Linked APT15 Targets Foreign Ministries With ‘Graphican’ Backdoor – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Anti-malware vendor Symantec is warning that a China-linked hacking group flagged as APT15 is targeting foreign affairs ministries in the...
North Korean Hackers Caught Using Malware With Microphone Wiretapping Capabilities – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A hacking group linked to the North Korean government has been caught using new wiretapping malware in recent surveillance attacks,...
PoC Exploit Published for Cisco AnyConnect Secure Vulnerability – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A security researcher has published proof-of-concept (PoC) code targeting a recently patched high-severity vulnerability in the Cisco AnyConnect Secure Mobility...
Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’ – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Apple has rolled out a major security-themed iOS update to fix remote code execution vulnerabilities that have already been exploited...
Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Web application security firm Defiant warns of critical-severity authentication bypass vulnerabilities in two WordPress plugins with tens of thousands of...
Kaspersky Dissects Spyware Used in iOS Zero-Click Attacks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Russian anti-malware vendor Kaspersky has analyzed the spyware implant deployed as part of recent zero-click iMessage attack that targeted iOS-powered...
Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The US Cybersecurity and Infrastructure Security Agency (CISA) this week issued advisories detailing two unpatched vulnerabilities in Enphase products. An...
DOJ Launches Cyber Unit to Prosecute Nation-State Threat Actors – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The United States Department of Justice (DOJ) has created a new litigating section to increase its ability to disrupt and...
Norton Parent Says Employee Data Stolen in MOVEit Ransomware Attack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Gen Digital (NASDAQ: GEN), the company behind known cybersecurity brands such as Avast, Avira, AVG, Norton, and LifeLock, has confirmed...
OT:Icefall: Vulnerabilities Identified in Wago Controllers – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Forescout Technologies has disclosed the details of three vulnerabilities impacting operational technology (OT) products from Wago and Schneider Electric. The...
New ‘RDStealer’ Malware Targets RDP Connections – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A state-sponsored espionage campaign is leveraging new custom malware to monitor incoming remote desktop protocol (RDP) connections and infect connecting...
Australian Government Says Its Data Was Stolen in Law Firm Ransomware Attack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Office of the Australian Information Commissioner (OAIC) says some of its files were stolen in a ransomware attack on...
New Information Stealer ‘Mystic Stealer’ Rising to Fame – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A new information stealer malware is quickly becoming popular among hackers on prominent underground forums, according to a warning from...
Western Digital Blocks Unpatched Devices From Cloud Services – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Western Digital has blocked access to its cloud services for devices running firmware versions impacted by a known and critical...
Ransomware Gang Takes Credit for February Reddit Hack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Alphv/BlackCat ransomware gang has taken credit for the February 2023 cyberattack against social media site Reddit, claiming to have...
MOVEit Customers Urged to Patch Third Critical Vulnerability – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Progress Software is urging MOVEit customers to apply patches to a third critical vulnerability in the file transfer software in...
Russian National Arrested, Charged in US Over Role in LockBit Ransomware Attacks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The US Justice Department on Thursday announced charges against a third Russian national allegedly involved in deploying the LockBit ransomware....
Russian Hackers Using USB-Spreading Malware in Attacks on Ukrainian Government, Military – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Russia-linked hacking group Gamaredon has been observed infecting USB drives for lateral movement within compromised Ukrainian networks, Symantec reports. Active...
CISA, NSA Share Guidance on Hardening Baseboard Management Controllers – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have published new guidance to help organizations...
XSS Vulnerabilities in Azure Led to Unauthorized Access to User Sessions – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Two cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registry (ACR) could have led to unauthorized access to...
SquareX Launches Bug Bounty Program for Browser Security Product – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Hot on the heels of a $6 million seed funding round, cybersecurity startup SquareX today announced a six-week bug bounty...
US Organizations Paid $91 Million to LockBit Ransomware Gang – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The LockBit ransomware gang has launched roughly 1,700 attacks in the United States and received approximately $91 million in ransom...