Source: www.securityweek.com – Author: Ionut Arghire A recently observed malicious campaign has relied on typosquatting to trick users into downloading a malicious NPM package that would...
Author:
New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Server and computer hardware giant Supermicro has released updates to address multiple vulnerabilities in Baseboard Management Controllers (BMC) IPMI firmware....
Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Major Linux distributions such as Debian, Fedora, and Ubuntu are affected by a GNU C Library (glibc) vulnerability that could...
Google, Yahoo Boosting Email Spam Protections – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google and Yahoo on Tuesday announced a series of new requirements meant to improve email phishing and spam protections for...
US Executives Targeted in Phishing Attacks Exploiting Flaw in Indeed Job Platform – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A recent phishing campaign targeting executives in senior roles has been exploiting an open redirection vulnerability in the Indeed website,...
Dozens of Malicious NPM Packages Steal User, System Data – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Fortinet’s security researchers have identified multiple malicious NPM packages containing obfuscated scripts designed to harvest a trove of information from...
Motel One Discloses Ransomware Attack Impacting Customer Data – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Budget hotel chain Motel One Group on Monday confirmed that some customer information and credit card data was stolen in...
Android’s October 2023 Security Updates Patch Two Exploited Vulnerabilities – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google on Monday announced the release of patches for 51 vulnerabilities as part of the October 2023 security updates for...
European Telecommunications Standards Institute Discloses Data Breach – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The European Telecommunications Standards Institute (ETSI) has disclosed a data breach following a cyberattack on its member’s portal. Established in...
Johnson Controls Ransomware Attack Could Impact DHS – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Sensitive Department of Homeland Security (DHS) information might have been compromised in a recent ransomware attack aimed at government contractor...
CISA Kicks Off Cybersecurity Awareness Month With New Program – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire To celebrate the 20th Cybersecurity Awareness Month, CISA has launched a new program, meant to promote four critical actions that...
Silverfort Open Sources Lateral Movement Detection Tool – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Identity protection provider Silverfort has announced the open source release of a lateral movement detection tool. Called LATMA (Lateral Movement...
Generative AI Startup Nexusflow Raises $10.6 Million – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire California startup Nexusflow on Thursday announced that it has raised $10.6 million in seed funding to work on technology to...
Researchers Extract Sounds From Still Images on Smartphone Cameras – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A group of academic researchers has devised a technique to extract sounds from still images captured using smartphone cameras with...
Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A high-severity remote code execution (RCE) vulnerability in Apache NiFi, for which an exploitation tool already exists, can lead to...
Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Gaps in Cloudflare’s security controls allow users to bypass customer-configured protection mechanisms and target other users from the platform itself,...
FBI Warns Organizations of Dual Ransomware, Wiper Attacks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The FBI is warning organizations of new trends in ransomware attacks, where victims are targeted by multiple file-encrypting malware families...
Lumu Raises $30 Million for Threat Detection and Response Platform – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Lumu, a cybersecurity firm that helps organizations identify and isolate potential compromises, on Wednesday announced that it has raised $30...
Cisco Warns of IOS Software Zero-Day Exploitation Attempts – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Cisco this week announced patches for multiple vulnerabilities impacting its products, including a medium-severity flaw in IOS and IOS XE...
Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Operation Zero, a Russian zero-day acquisition firm, announced this week that it is offering up to $20 million for full...
Misconfigured TeslaMate Instances Put Tesla Car Owners at Risk – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Misconfigured TeslaMate instances can leak tons of data on the internet, potentially exposing Tesla cars and their drivers to malicious...
Firefox 118 Patches High-Severity Vulnerabilities – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Mozilla on Tuesday announced security updates for both Firefox and Thunderbird, addressing a total of nine vulnerabilities in its products,...
Stolen GitHub Credentials Used to Push Fake Dependabot Commits – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Threat actors have been observed pushing fake Dependabot contributions to hundreds of GitHub repositories in an effort to inject malicious...
Google Open Sources Binary File Comparison Tool BinDiff – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google has announced that BinDiff, a popular file comparison tool maintained by the company for more than a decade, is...
UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The advanced persistent threat (APT) actor Stealth Falcon has been observed deploying a new backdoor on the systems of a...
Xenomorph Android Banking Trojan Targeting Users in US, Canada – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Recently identified Xenomorph Android banking trojan samples show an expanded target list that now includes North American users, online fraud...
$200 Million in Cryptocurrency Stolen in Mixin Network Hack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Peer-to-peer digital asset transactional network Mixin Network has suspended deposits and withdrawals after hackers stole $200 million. The Hong Kong-based...
Stealthy APT Gelsemium Seen Targeting Southeast Asian Government – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A stealthy advanced persistent threat (APT) actor known as Gelsemium has been observed targeting a government entity in Southeast Asia...
Nigerian Pleads Guilty in US to Million-Dollar BEC Scheme Role – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A Nigerian national residing in South Africa last week pleaded guilty in court in the United States to his role...
City of Dallas Details Ransomware Attack Impact, Costs – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The City of Dallas has announced that an $8.5 million budget has been approved to support the restoration of its...