Source: www.securityweek.com – Author: Ionut Arghire Cisco this week raised the alarm on a zero-day in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software...
Author:
New Phishing Campaign Launched via Google Looker Studio – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Cybersecurity firm Check Point is warning of a new type of phishing attacks that abuse Google Looker Studio to bypass...
Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Endpoint security firm Emsisoft is urging its users to update their anti-malware and other security products and reboot their systems...
US Aeronautical Organization Hacked via Zoho, Fortinet Vulnerabilities – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Advanced persistent threat (APT) actors have exploited known vulnerabilities in Zoho ManageEngine and Fortinet VPN products to hack an organization...
See Tickets Alerts 300,000 Customers After Another Web Skimmer Attack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Ticketing services agency See Tickets has notified more than 300,000 individuals that their payment card data was stolen in a...
CISA Releases Guidance on Adopting DDoS Mitigations – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The US Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance to help federal agencies adopt distributed denial-of-service (DDoS)...
Cisco Patches Critical Vulnerability in BroadWorks Platform – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Cisco on Wednesday announced patches for a critical-severity vulnerability in the BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform....
Thousands of Popular Websites Leaking Secrets – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Code security firm Truffle Security warns that thousands of the domains in the Alexa top 1 million websites list are...
Password-Stealing Chrome Extension Demonstrates New Vulnerabilities – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A group of academic researchers has built a proof-of-concept Chrome extension that can steal passwords from text input fields and...
Android Zero-Day Patched With September 2023 Security Updates – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google on Tuesday announced that Android’s September 2023 security updates contain patches for 32 vulnerabilities, including one that has been...
MITRE and CISA Release Open Source Tool for OT Attack Emulation – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The MITRE Corporation and the US Cybersecurity and Infrastructure Security Agency (CISA) today announced a new extension for the open...
7 Million Users Possibly Impacted by Freecycle Data Breach – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Freecycle.org, a platform that allows users to recycle their belongings, has prompted millions of users to reset their passwords after...
Developers Warned of Malicious PyPI, NPM, Ruby Packages Targeting Macs – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Threat actors have started uploading malicious packages to PyPI, NPM, and RubyGems repositories in a new campaign aimed at stealing...
Ransomware Attack on Fencing Systems Maker Zaun Impacts UK Military Data – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire British mesh fencing systems maker Zaun has disclosed a LockBit ransomware attack that potentially led to the compromise of data...
Free Decryptor Available for ‘Key Group’ Ransomware – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Cyber intelligence firm EclecticIQ on Thursday announced the release of a free decryption tool to help victims of the Key...
Threat Actors Adopt, Modify Open Source ‘SapphireStealer’ Information Stealer – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Multiple threat actors have adopted ‘SapphireStealer’ after the information stealer’s source code was published on GitHub, Cisco’s Talos security researchers...
Sourcegraph Discloses Data Breach Following Access Token Leak – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Code search and navigation platform Sourcegraph on Thursday announced that it has experienced a data breach after an engineer accidentally...
Over $1 Million Offered at New Pwn2Own Automotive Hacking Contest – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Zero Day Initiative (ZDI) this week announced that it will be offering more than $1 million in cash and...
Vulnerability in WordPress Migration Plugin Exposes Websites to Attacks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A vulnerability in several extensions for the All-in-One WP Migration plugin potentially exposes WordPress websites to attacks leading to sensitive...
Apple Preparing iPhone 14 Pro Phones for 2024 Security Research Device Program – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Apple on Wednesday announced that it is now accepting applications for the 2024 iPhone Security Research Device Program (SRDP). Intended...
Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Splunk on Wednesday announced patches for multiple high-severity vulnerabilities in Splunk Enterprise and IT Service Intelligence, including flaws in third-party...
500k Impacted by Data Breach at Fashion Retailer Forever 21 – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Fashion retailer Forever 21 has started informing more than 500,000 individuals that their personal information was compromised in a data...
Healthcare Organizations Hit by Cyberattacks Last Year Reported Big Impact, Costs – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Roughly 78% of the healthcare organizations in North America, South America, the APAC region, and Europe experienced a cyberattack over...
Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Threat actors have started exploiting four recently patched vulnerabilities in the J-Web component of Juniper Networks’ Junos OS after proof-of-concept...
GitHub Enterprise Server Gets New Security Capabilities – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire GitHub on Tuesday announced the general availability of Enterprise Server 3.10 with new security capabilities, including support for custom deployment...
High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Mozilla and Google on Tuesday announced the release of stable updates for Firefox and Chrome to address several high-severity vulnerabilities,...
Chinese APT Was Prepared for Remediation Efforts in Barracuda ESG Zero-Day Attack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Chinese cyberespionage group exploiting Barracuda Email Security Gateway (ESG) appliances was preparing for remediation efforts, deploying persistent backdoors on...
Personal, Health Information of 1.2 Million Stolen in PurFoods Ransomware Attack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Meal delivery service PurFoods says the personal and protected health information of more than 1.2 million individuals was stolen in...
10 Million Likely Impacted by Data Breach at French Unemployment Agency – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The personal information of roughly 10 million individuals was likely compromised in a data breach at French governmental unemployment agency...
3 Malware Loaders Detected in 80% of Attacks: Security Firm – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire QakBot, SocGholish, and Raspberry Robin are the three most popular malware loaders among cybercriminals, accounting for 80% of the observed...