Source: www.securityweek.com – Author: Ionut Arghire GitHub today announced the general availability of push protection, a feature designed to prevent developers from unknowingly exposing secrets in...
Author:
Data Protection Startup Optery Raises $2.7 Million in Seed Funding – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Data protection startup Optery this week announced raising $2.7 million in a seed funding round that brings the total raised...
Microsoft: Iranian APTs Exploiting Recent PaperCut Vulnerability – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Microsoft warned over the weekend that more threat actors have started targeting a recently patched vulnerability in PaperCut MF/NG print...
Google Releases Open Source Bazel Plugin for Container Image Security – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google last week announced the general availability of ‘rules_oci’, an open source Bazel plugin for building container images. Bazel improves...
Ransomware Group Claims Attack on Constellation Software – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Alphv/BlackCat ransomware group has claimed responsibility for a cyberattack that Canadian software company Constellation Software disclosed last week. Toronto-based...
Vulnerability in Field Builder Plugin Exposes Over 2M WordPress Sites to Attacks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A cross-site scripting (XSS) vulnerability in the Advanced Custom Fields WordPress plugin could be exploited to inject malicious scripts into...
1 Million Impacted by Data Breach at NextGen Healthcare – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Healthcare solutions provider NextGen Healthcare has started informing roughly one million individuals that their personal information was compromised in a...
New Android Trojans Infected Many Devices in Asia via Google Play, Phishing – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Security researchers are warning that two new Android trojans have been observed targeting users in Southeast and East Asia. One...
Fortinet Patches High-Severity Vulnerabilities in FortiADC, FortiOS – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Fortinet this week announced its monthly set of security updates that address nine vulnerabilities in multiple products, including two high-severity...
Azure API Management Vulnerabilities Allowed Unauthorized Access – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Three vulnerabilities in the Azure API Management service could be exploited to perform various types of malicious actions, cloud security...
Vulnerability Could Have Been Exploited for ‘Unlimited’ Free Credit on OpenAI Accounts – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A vulnerability in OpenAI’s account validation process allowed anyone to obtain virtually unlimited free credit for the company’s services by...
Fraud Detection Startup Moonsense Raises $4.2 Million in Seed Funding – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Fraud detection startup Moonsense this week announced that it has raised $4.2 million in a seed funding round co-led by...
Meta Swiftly Neutralizes New ‘NodeStealer’ Malware – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Facebook parent company Meta says it disrupted a novel malware family within weeks after it emerged earlier this year. Dubbed...
Cisco Warns of Critical Vulnerability in EoL Phone Adapters – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Cisco this week raised the alarm on a critical remote code execution (RCE) vulnerability impacting SPA112 2-Port phone adapters, which...
US Announces Takedown of Card-Checking Service, Charges Against Russian Operator – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The US Department of Justice this week announced the takedown of card-checking platform ‘Try2Check’ and charges against its Russian administrator....
Apple, Google Propose Standard to Combat Misuse of Location-Tracking Devices – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Apple and Google this week submitted a draft industry specification aimed at preventing unwanted location tracking. The initiative targets accessories...
Netgear Vulnerabilities Lead to Credentials Leak, Privilege Escalation – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Vulnerabilities in Netgear’s NMS300 ProSAFE network management system allow attackers to retrieve cleartext credentials and escalate privileges, cybersecurity firm Flashpoint...
Chrome 113 Released With 15 Security Patches – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google this week announced the release of Chrome 113 to the stable channel with 15 security fixes, including patches for...
Chinese APT Uses New ‘Stack Rumbling’ Technique to Disable Security Software – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A subgroup of the Chinese state-sponsored threat actor known as APT41 has been observed using a new denial-of-service (DoS) technique...
IT Services Firm Bitmarck Takes Systems Offline Following Cyberattack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire German IT services provider Bitmarck on Monday announced that it has shut down customer and internal systems following a cyberattack....
T-Mobile Says Personal Information Stolen in New Data Breach – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire US wireless carrier T-Mobile is informing some customers that their personal information was compromised in a recent data breach. After...
Critical Infrastructure Organizations Urged to Identify Risky Communications Equipment – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The US Cybersecurity and Infrastructure Security Agency (CISA) on Monday issued an alert to urge critical infrastructure organizations to scope...
Exploitation of 5-Year-Old TBK DVR Vulnerability Spikes – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Fortinet warns of a massive spike in exploitation attempts targeting a five-year-old authentication bypass vulnerability in TBK DVR devices. A...
New ‘Lobshot’ hVNC Malware Used by Russian Cybercriminals – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Russian cybercrime group TA505 has been observed using new hVNC (Hidden Virtual Network Computing) malware in recent attacks, threat intelligence...
CISA Asks for Public Opinion on Secure Software Attestation – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The US Cybersecurity and Infrastructure Security Agency (CISA) has announced that proposed guidance for secure software development is now open...
‘BouldSpy’ Android Malware Used in Iranian Government Surveillance Operations – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Mobile security firm Lookout has analyzed a piece of Android spyware used by the Iranian government to surveil minority groups...
Critical Vulnerability in Zyxel Firewalls Leads to Command Execution – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Taiwanese network equipment manufacturer Zyxel this week announced patches for a critical-severity vulnerability impacting its ATP, USG FLEX, VPN, and...
Aadya Raises $5 Million for SMB-Focused Security Platform – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Cybersecurity firm Aadya Security this week announced that it has raised $5 million in Series A funding, which brings the...
Chinese Cyberspies Delivered Malware via Legitimate Software Updates – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A Chinese APT actor tracked as Evasive Panda has been observed targeting in-country members of an international non-governmental organization (NGO)...
Google Obtains Court Order to Disrupt CryptBot Distribution – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google this week announced that it has obtained a court order that helped it disrupt the CryptBot information stealer’s distribution....