Ionut Arghire

NVIDIA Patches Code Execution Flaws in GeForce Experience

Patches released by NVIDIA last week for the GeForce Experience software address two code execution bugs assessed with a severity rating of high.

HPE Patches Two Critical, Remotely Exploitable Vulnerabilities

HPE has released patches for two critical vulnerabilities, one identified in StoreServ Management Console and the other affecting BlueData EPIC Software Platform and Ezmeral Container Platform.

Apple Notarizes Six New Variants of 'MacOffers' Adware

Apple has inadvertently given the thumbs up to six new malware variants, according to researchers at Mac security solutions provider Intego.

U.S. Treasury Sanctions Russian Institute Linked to Triton Malware

The US Department of the Treasury has announced sanctions against a Russian government institute connected to the destructive Triton malware.

Microsoft, MITRE Release Adversarial Machine Learning Threat Matrix

Microsoft and MITRE, in collaboration with a dozen other organizations, have developed a framework designed to help identify, respond to, and remediate attacks targeting machine learning (ML) systems.

Chrome 86 Starts Blocking Abusive Notification Permission Requests

Google has stepped up its effort against websites that have a history of sending abusive notification content, by blocking notification permission requests in Chrome 86.

Destructive Malware Spotted in Recent Attacks Launched by Iranian Cyberspies

The Iran-linked cyber-espionage group known as Seedworm appears to have added a new downloader to its arsenal and to have started conducting destructive attacks.

U.S. Says Russian Hackers Stole Data From Two Government Servers

The FBI and CISA say the Russian state-sponsored hacking group Energetic Bear has successfully compromised government networks and stole data from at least two servers.

XSS Vulnerability Exploited in Tech Support Scam

Malwarebytes security researchers have identified a new campaign in which tech support scammers are exploiting an XSS vulnerability and are relying exclusively on links posted on Facebook to reach potential victims.

Arctic Wolf Valued at $1.3 Billion After $200 Million Funding Round

Security operations company Arctic Wolf on Thursday announced the closing of a $200 million Series E funding round that values it at $1.3 billion.

QNAP Issues Advisory on Zerologon Vulnerability

Storage solutions provider QNAP this week published an advisory to warn customers that certain versions of QTS, the operating system for its NAS devices, are affected by the Zerologon vulnerability.

Oracle's October 2020 CPU Contains 402 New Security Patches

Oracle on Tuesday released its Critical Patch Update (CPU) for October 2020, which includes 402 new security patches released across the company’s product portfolio.

Microsoft Says Most TrickBot Servers Are Down

Most of the servers associated with the TrickBot botnet have been taken down following the technical and legal effort announced last week, Microsoft says.

IoT Security Foundation Launches Vulnerability Reporting Platform

The Internet of Things Security Foundation (IoTSF), an effort aimed at improving the security of IoT, has launched an online platform designed to make the reporting of vulnerabilities in IoT devices easier.

NSA Lists 25 Vulnerabilities Currently Targeted by Chinese State-Sponsored Hackers

The NSA this week released an advisory containing information on 25 vulnerabilities that are being actively exploited or targeted by Chinese state-sponsored threat actors.

New TrickBot Control Servers Unable to Respond to Bot Requests

Control servers included in the configuration file of new TrickBot samples fail to respond to bot requests.

Security Testing Company NSS Labs Ceases Operations

Austin, Texas-based security product testing company NSS Labs has announced that it ceased operations on October 15, 2020.

UK Says Russia Launched Cyberattacks Against 2020 Olympic, Paralympic Games

The UK says Russia launched cyberattacks against organizations involved in the now-postponed 2020 Olympic and Paralympic Games that were set to take place in Tokyo this summer.

Ryuk Ransomware Attacks Continue Following TrickBot Takedown Attempt

The threat actor behind the Ryuk ransomware continues to conduct attacks following the recent attempts to disrupt the TrickBot botnet.

Android, macOS Versions of GravityRAT Spyware Spotted in Ongoing Campaign

Kaspersky security researchers have identified versions of the GravityRAT spyware that are targeting Android and macOS devices.

CISA Warns of Remote Code Execution Bugs in Visual Studio, Windows Codecs Library

CISA informs users about the availability of patches for two remote code execution vulnerabilities that affect Windows Codecs Library and Visual Studio Code.

Google Says No Significant Election Influence Campaigns Targeting Its Users

Google says its Threat Analysis Group (TAG) hasn’t observed any significant coordinated influence campaigns that are targeting United States voters on its platform.

Dickey's Barbecue Pit Investigating Possible Breach Affecting 3M Payment Cards

Dickey’s Barbecue Pit has launched an investigation after learning that cybercriminals may have stolen 3 million payment cards used at its restaurants.

QQAAZZ Group Charged for Helping Banking Trojan Operators Launder Money

Law enforcement agencies in 16 countries worked together to dismantle a criminal network involved in the laundering of money from high-level cybercriminals.

Twitter Hack: 24 Hours From Phishing Employees to Hijacking Accounts

Hackers needed roughly 24 hours to take over high-profile Twitter accounts in the July attack, a report from the New York Department of Financial Services reveals.

SECURITYWEEK NETWORK:

Security Experts:

Recent articles by Ionut Arghire

Get the Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek