Ionut Arghire

Security Experts:

WRITE FOR US

Contact Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Recent articles by Ionut Arghire

Cornami Raises $68 Million for Quantum Secure Computing on Encrypted Data

Cornami, a company that helps companies secure data from post-quantum threats, raises $68 million in oversubscribed Series C funding.
National Cybersecurity Agencies Describe Commonly Used Initial Access Techniques

Canada, the Netherlands, New Zealand, the US, and the UK warn that threat actors exploit weak cybersecurity practices for initial access.
NVIDIA Patches Code Execution Vulnerabilities in Graphics Driver

Impacting the Windows and Linux versions of the driver, the high-severity vulnerabilities could be exploited to achieve code execution and escalation of privileges.
Large-Scale Attack Targeting Tatsu Builder WordPress Plugin

A remote code execution vulnerability in Tatsu Builder potentially exposes up to 50,000 websites to attacks.
US Accuses Venezuelan Doctor of Creating and Selling Ransomware

Moises Luis Zagala Gonzalez, a citizen of France and Venezuela, has been charged with building, using, and selling ransomware.
Researchers Devise New Type of Bluetooth LE Relay Attacks

Researchers at NCC Group create a tool for conducting a new type of Bluetooth Low Energy (BLE) relay attack that bypasses existing protections.
'Sysrv' Botnet Targeting Recent Spring Cloud Gateway Vulnerability

A new variant of the botnet attempts to exploit a critical vulnerability in Spring Cloud Gateway.
SonicWall Patches Unauthorized Access Vulnerability in SMA Appliances

A high-severity vulnerability resolved in SonicWall SMA1000 series appliances could lead to unauthorized access.
Iran-Linked OilRig APT Caught Using New Backdoor

New research find the Iran-linked hacking group OilRig using a new backdoor in an attack against a government official within Jordan’s foreign ministry.
devOcean Emerges From Stealth With Cloud-Native Security Operations Platform

Israeli startup devOcean launches from stealth with $6 million in funding from Glilot Capital Partners and angel investors.
'IceApple' Post-Exploitation Framework Created for Long-Running Operations

Using an in-memory-only framework designed for long-running, state-sponsored operations, IceApple appears to be the work of a Chinese threat actor.
Ukrainian Sentenced to US Prison for Selling Hacked Credentials

Glib Oleksandr Ivanov-Tolpintsev, 28, operated a botnet for decrypting stolen usernames and passwords, and sold the credentials on a dark web marketplace.
Organizations in Europe Targeted With New 'Nerbian' RAT

Packing various anti-analysis and anti-reversing capabilities, Nerbian RAT is being distributed via emails carrying COVID-19 and World Health Organization themes.
Application Security Firm StackHawk Bags $20.7 Million in Series B Funding

Application security startup StackHawk raises $20.7 million in a new investment round co-led by Sapphire Ventures and Costanoa Ventures.
Iranian Cyberspy Group Launching Ransomware Attacks Against US

The use of ransomware and the targeting of entities outside typical victimology suggest the Iranian APT Charming Kitten might switch to financially-motivated activities.
HP Patches UEFI Vulnerabilities Affecting Over 200 Computers

Two vulnerabilities in the UEFI firmware of more than 200 HP laptops and workstations could allow an attacker to gain elevated privileges and run code in the BIOS.
Intel Patches High-Severity Vulnerabilities in BIOS, Boot Guard

Impacting multiple processor models, the security issues could lead to privilege escalation or information disclosure.
Chrome 101 Update Patches High-Severity Vulnerabilities

The latest Chrome iteration resolves 13 vulnerabilities, including nine reported by external researchers.
Healthcare Technology Provider Omnicell Discloses Ransomware Attack

Omnicell noted in a Form 10-Q filing with the US SEC that the incident impacted internal systems and products and services.
SAP Patches Spring4Shell Vulnerability in More Products

The company has addressed the Spring4Shell bug (CVE-2022-22965) in six products, but hasn’t provided details on other potentially affected software.
Windows Print Spooler Vulnerabilities Increasingly Exploited in Attacks

Half of the attacks Kaspersky has observed since July 2021 happened between January and April 2022.
Microsoft Azure Vulnerability Allowed Code Execution, Data Theft

Found in the third-party ODBC data connector for Amazon Redshift, the security bug impacted Azure Data Factory and Azure Synapse Pipeline.
Email Security Firm Abnormal Security Raises $210 Million at $4 Billion Valuation

Email security platform Abnormal Security raised $210 million in a Series C funding round led by Insight Partners.
DarkCrystal RAT Offers Many Capabilities for Very Low Price

A lifetime license for this remote access trojan costs only $40, a fraction of the price of similar tools.
QNAP Patches Critical Vulnerability in Network Surveillance Products

Tracked as CVE-2022-27588, the vulnerability could allow a remote attacker to run arbitrary commands.

SECURITYWEEK NETWORK:

Security Experts:

Ionut Arghire

Recent articles by Ionut Arghire

Get the Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek