Ionut Arghire

Google Sees Drop in Government-Backed Phishing Attempts

Google says it has seen a drop in the number of warnings sent for potential government-backed phishing or malware attempts last year, mainly due to improved protection systems.

Senator Urges Vendors to Secure Networking Devices Amid COVID-19 Outbreak

U.S. Sen. Mark Warner has sent letters to six Internet networking device vendors urging them to ensure that their products remain secure during the COVID-19 social distancing efforts.

GitHub Paid Out Over $1 Million in Bug Bounties

GitHub this week announced that it has paid out over $1 million in rewards to the security researchers participating in its bug bounty program on HackerOne.

Websites of U.S. Presidential Candidates Pose Security, Privacy Risks

The majority of campaign websites of United States presidential candidates run code that can pose security and privacy risks to consumers.

Spyware Delivered to iPhone Users in Hong Kong Via iOS Exploits

A recently observed campaign is attempting to infect the iPhones of users in Hong Kong with an iOS backdoor that allows attackers to take control of devices.

Humio Raises $20 Million in Series B Funding

Log management platform Humio this week announced that it closed a $20 million Series B funding round, bringing the total investment raised to date to $32 million.

Apple Enables Full Third-Party Cookie Blocking in Safari

Apple this week announced that third-party cookies are now blocked by default in Safari on macOS, iOS and iPadOS.

Remote Code Execution Vulnerability Patched in OpenWrt

A vulnerability that OpenWrt addressed in its opkg fork could have been exploited for the remote execution of arbitrary code.

FBI Shuts Down Hacker Platform, Arrests Administrator

The FBI shut down a Russian-based online platform where various cybercrime products and services were being sold.

Apple Patches Code Execution Vulnerabilities Across Product Portfolio

Security patches released this week by Apple for many of its products address a variety of vulnerabilities, including multiple issues that could lead to arbitrary code execution on the affected devices.

Videolabs Patches Code Execution, DoS Vulnerabilities in libmicrodns Library

Vulnerabilities that Videolabs addressed recently in its libmicrodns library could lead to denial of service (DoS) and arbitrary code execution.

'WildPressure' Campaign Targets Industrial Sector in Middle East

A targeted and ongoing campaign first spotted last year has hit industrial organizations in the Middle East with a new Trojan.

WPvivid Backup Plugin Flaw Leads to WordPress Database Leak

A vulnerability addressed recently in the WPvivid Backup Plugin could be exploited to obtain all files of a WordPress website.

Authorities Warn of Escalating COVID-19-Themed Cyberattacks

Authorities in the United States and Europe have issued warnings of increased cyber-activity related to the ongoing COVID-19 (coronavirus) pandemic.

Abuse.ch Launches Free Malware Repository

A newly launched service from abuse.ch aims to make it easy for the community to share known malware samples and access additional intelligence on them.

Flaw in Password Managers Allowed Apps to Steal Credentials

One of the vulnerabilities that researchers from the University of York discovered in widely-used password managers could have resulted in malicious apps stealing users’ credentials.

University of Utah Health Discloses Data Breach

University of Utah Health revealed last week that it discovered unauthorized access to some employee email accounts, along with a malware infection on one of its workstations.

Mozilla to Remove Support for FTP in Firefox

Mozilla is getting ready to remove support for FTP in the Firefox browser due to security concerns.

Unprotected Database Exposed 5 Billion Previously Leaked Records

A database containing over 5 billion records of data leaked in previous data breaches was exposed by a UK-based cybersecurity company.

Russian Cyberspies Hacked High-Profile Email Accounts for Phishing

Russia-linked APT28 hijacked high-profile email accounts and used them for phishing attacks, Trend Micro reported.

Russia-Linked Cybercriminals Use Legitimate Tools in Attacks on German Firms

In a campaign targeting German companies, the infamous Russia-linked threat actor known as TA505 has been using legitimate tools in addition to malware.

Android Surveillance Campaign Leverages COVID-19 Crisis

Amid numerous malicious attacks leveraging the current COVID-19 coronavirus crisis, security researchers have discovered an Android surveillance campaign targeting users in Libya.

Google Patches High-Risk Chrome Flaws, Halts Upcoming Releases

Google this week rolled out an update to address multiple high-severity vulnerabilities in Chrome and also announced that it is pausing upcoming releases of the browser.

RDP-Capable TrickBot Targets Telecoms Sectors in U.S. and Hong Kong

A recently discovered TrickBot variant targeting telecommunications organizations in the United States and Hong Kong includes a module for RDP brute-forcing.

NIST, DHS Publish Guidance on Securing Virtual Meetings, VPNs

NIST and DHS published a series of recommendations on how to ensure that virtual meetings and connections to enterprise networks are protected from prying eyes.

SECURITYWEEK NETWORK:

Security Experts:

Recent articles by Ionut Arghire

Subscribe to the Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek