Source: www.securityweek.com – Author: Ionut Arghire Ohio History Connection (OHC) has confirmed that personal information of thousands of individuals was stolen in a July ransomware attack...
Author:
North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The North Korea-linked advanced persistent threat (APT) actor Lazarus Group has been observed exploiting a Zoho ManageEngine vulnerability to compromise...
Cypago Raises $13 Million for GRC Automation Platform – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Israeli startup Cypago on Thursday announced that it has raised $13 million in a funding round led by Entrée Capital,...
Google Workspace Introduces New AI-Powered Security Controls – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google on Thursday introduced new AI-powered security controls for its Workspace customers, targeting zero trust, digital sovereignty, and threat defense....
University of Minnesota Confirms Data Breach, Says Ransomware Not Involved – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The University of Minnesota has confirmed that a threat actor has exfiltrated data from its systems, but says no malware...
Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Cisco on Wednesday announced patches for six vulnerabilities in its products, including three high-severity bugs in NX-OS and FXOS software...
FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Federal Bureau of Investigation says that the patches released for a recent Barracuda Email Security Gateway (ESG) vulnerability were...
Digital Identity Protection Firm SpyCloud Raises $110 Million – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Account takeover and fraud prevention company SpyCloud on Wednesday announced that it has raised $110 million in a funding round...
Hosting Provider CloudNordic Loses All Customer Data in Ransomware Attack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Danish cloud hosting services provider CloudNordic has announced that all its systems were rendered unusable following a ransomware attack. The...
FBI Finds 1,580 Bitcoin in Crypto Wallets Linked to North Korean Hackers – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Federal Bureau of Investigation has published information on six cryptocurrency wallets operated by North Korean hackers and believed to...
3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire More than 3,000 Openfire servers have not been patched against a recent vulnerability and remain exposed to attacks relying on...
US Government Publishes Guidance on Migrating to Post-Quantum Cryptography – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Institute of Standards and Technology...
First Weekly Chrome Security Update Patches High-Severity Vulnerabilities – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Google this week announced a Chrome 116 security update that patches five memory safety vulnerabilities reported by external researchers, including...
TP-Link Smart Bulb Vulnerabilities Expose Households to Hacker Attacks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Four vulnerabilities identified by academic researchers from Italy and the UK in the TP-Link Tapo L530E smart bulb and its...
US Military Targeted in Recent HiatusRAT Attack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A recent HiatusRAT campaign has been targeting a US military procurement system for reconnaissance, cybersecurity firm Lumen reports. Initially observed...
New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A newly discovered advanced persistent threat (APT) actor has been observed deploying the PlugX backdoor via a supply chain attack,...
Cerby Raises $17 Million for Access Management Platform for Nonstandard Applications – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Access management startup Cerby today announced that it has raised $17 million in a Series A funding round that brings...
Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Cybersecurity company Cyfirma claims to have uncovered the real identity of the developer behind the CypherRAT and CraxsRAT remote access...
US Gov Warns of Foreign Intelligence Cyberattacks Against US Space Industry – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Air Force Office of Special Investigations (AFOSI), the Federal Bureau of Investigation (FBI), and the National Counterintelligence and Security...
Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Networking appliances maker Juniper Networks has announced patches for four vulnerabilities in the J-Web interface of Junos OS, which could...
Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Open source software development automation server Jenkins this week announced patches for high- and medium-severity vulnerabilities impacting multiple plugins. The...
Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A newly discovered financially motivated operation is relying on signature-based tools and stealthy cross-platform malware to remain undetected, and abuses...
Israel, US to Invest $4 Million in Critical Infrastructure Security Projects – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Government agencies in Israel and the US have announced plans to invest $3.85 million in projects meant to improve the...
Federally Insured Credit Unions Required to Report Cyber Incidents Within 3 Days – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The National Credit Union Administration (NCUA) is updating cyberattack reporting rules, requiring all federally insured credit unions to report incidents...
Malicious QR Codes Used in Phishing Attack Targeting US Energy Company – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire A widespread phishing campaign ongoing since May 2023 has been targeting organizations in various industries, including a major US energy...
Cisco Patches High-Severity Vulnerabilities in Enterprise Applications – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Cisco on Wednesday announced security updates for several enterprise applications to patch high-severity vulnerabilities leading to privilege escalation, SQL injection,...
Thousands of Systems Turned Into Proxy Exit Nodes via Malware – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Threat actors are leveraging access to malware-infected Windows and macOS systems to deploy a proxy application, AT&T’s Alien Labs reports....
CISA Releases Cyber Defense Plan to Reduce RMM Software Risks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday announced the release of a strategic plan to help critical infrastructure...
Ivanti Patches Critical Vulnerability in Avalanche Enterprise MDM Solution – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Ivanti has released patches for seven critical- and high-severity vulnerabilities in Avalanche, its enterprise mobile device management (MDM) solution. The...
Cleaning Products Giant Clorox Takes Systems Offline Following Cyberattack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Cleaning products manufacturer and marketer Clorox Company says it has taken certain systems offline in response to a cyberattack. “The...