Ionut Arghire

Apache Guacamole Vulnerabilities Facilitate Attacks on Enterprises

Remote code execution and information disclosure vulnerabilities addressed in Apache Guacamole can be highly useful to threat actors targeting enterprises.

ICS-Targeting Snake Ransomware Isolates Infected Systems Before Encryption

ICS-targeting Snake/EKANS ransomware manipulates the firewall to isolate infected systems before initiating the file encryption process.

CISA Warns Enterprises of Risks Associated With Tor

In an alert published this week, CISA and the FBI warned enterprises about the use of Tor in cyberattacks.

Enterprises in Americas, Europe Targeted With Valak Information Stealer

The Valak information stealer is being distributed in ongoing campaigns aimed at enterprises in North America, South America, Europe and likely other regions.

Ransomware Operators Demand $14 Million From Power Company

The threat actor behind the Sodinokibi (REvil) ransomware is demanding a $14 million ransom from Brazilian-based electrical energy company Light S.A.

Chinese Hackers Target Uyghurs With Multiple Android Surveillance Tools

For seven years, a Chinese threat actor has targeted the Uyghur ethnic minority with several malware families, including newly identified Android surveillance tools.

Google Details Memory-Related Security Improvements in Android 11

Google this week shared details on how it is fighting memory bugs in Android 11, as well as on other security improvements that the upcoming platform version will deliver.

macOS Privacy Protections Bypass Disclosed After Apple Fails to Release Fix

Details on a macOS privacy protections bypass method were published this week, more than six months after Apple was informed of the issue, but failed to deliver a fix.

'GoldenSpy' Malware Uninstaller Delivered to Victims Following Public Exposure

Within days after a report detailing the GoldenSpy malware operation targeting organizations doing business in China, an uninstaller was pushed to affected systems to completely remove the infection.

Windows Codecs Library Vulnerabilities Allow Remote Code Execution

Microsoft publishes advisories to provide details on two remote code execution vulnerabilities addressed in the Windows Codecs Library.

e-Learning Platform OneClass Exposed Data on Students, Lecturers

An Elasticsearch database pertaining to e-learning platform OneClass was found to expose data on over one million students and lecturers.

Cyber-Espionage Group StrongPity Focuses on Kurdish Community

Recent attacks associated with the StrongPity threat actor appear to focus on the Kurdish community in Turkey and Syria.

Data Stolen From 945 Websites Emerges on Dark Web

SQL databases allegedly stolen from 945 websites have emerged on the Dark Web, potentially impacting tens of millions of people.

Threat Hunting Firm Hunters Raises $15 Million in Series A Round

Threat hunting solutions provider Hunters today announced that it closed a $15 million Series A funding round, which brings the total raised by the company to $20.4 million.

Russian Pleads Guilty for Role in Cybercrime Organization

A Russian national pleaded guilty last week for his role in an international cyber theft ring that caused losses of more than $568 million.

Magecart Hackers Target U.S. Cities Using Click2Gov

Magecart web skimmers were found on the websites of eight cities in the United States and one thing they have in common is that they all use the Click2Gov platform.

UCSF Pays Cybercriminals $1.14 Million to Recover Files After Ransomware Attack

University of California San Francisco (UCSF) revealed that it paid roughly $1.14 million to cybercriminals to recover data encrypted during a ransomware attack earlier this month.

Tens of U.S. Businesses Targeted With WastedLocker Ransomware

At least 31 organizations in the United States have been targeted with the recently detailed WastedLocker ransomware.

Hybrid Malware 'Lucifer' Includes Cryptojacking, DDoS Capabilities

A recently identified piece of cryptojacking malware includes the necessary functionality to launch DDoS attacks.

Hackers Target Online Stores With Web Skimmer Hidden in Image Metadata

A group of cybercriminals managed to hide their web skimmer in the EXIF metadata of an image that was then surreptitiously loaded by compromised online stores.

NVIDIA Patches Code Execution Flaws in GPU Drivers

NVIDIA this week released patches for a dozen vulnerabilities in GPU display drivers and vGPU software, including multiple issues that could lead to code execution.

Siemens Acquires System-on-Chip Analytics Company UltraSoC

Siemens this week announced that it is acquiring UltraSoC Technologies, a provider of analytics and monitoring solutions for SoCs.

Developer of DDoS Botnets Based on Mirai Code Sentenced to Prison

A man who developed distributed denial of service (DDoS) botnets based on the source code of Mirai was sentenced to 13 months in federal prison.

'GoldenSpy' Malware Hidden In Chinese Tax Software

A newly identified piece of malware is being distributed embedded in tax payment software that some businesses operating in China are required to install.

Akamai Mitigates Record 809 MPPS DDoS Attack

Akamai has mitigated a second record-setting DDoS attack since the beginning of June, one that peaked at 809 MPPS.

SECURITYWEEK NETWORK:

Security Experts:

Recent articles by Ionut Arghire

Get the Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek