Ionut Arghire

Security Experts:

WRITE FOR US

Contact Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Recent articles by Ionut Arghire

QNAP Investigating New Attacks Targeting NAS Devices

The company looks into a campaign targeting a Roon Server flaw and into eCh0raix ransomware attacks on devices with weak passwords.
CISA: Disconnect Internet for 3-5 Days to Evict SolarWinds Hackers From Network

The agency encourages critical infrastructure entities and governmental organizations to review and apply the guidance.
Application Security Startup ArmorCode Emerges From Stealth

The company provides enterprises with the necessary tools to streamline app security and improve developer productivity.
Cisco Patches Code Execution Flaw in VPN Product 6 Months After Disclosure

Initially disclosed in November 2020, the high severity vulnerability could be abused by authenticated, local attackers.
Insurer CNA Fully Restores Systems Following Ransomware Attack

The company says it has no evidence that potentially compromised data is being shared on the Dark Web.
Researchers Abuse Apple’s Find My Network for Data Upload

Researchers find and document a way to leverage Apple’s Find My's Offline Finding network to upload arbitrary data to the Internet.
Citrix Patches Vulnerability in Workspace App for Windows

Impacting all versions of the application, the flaw could allow a local attacker to escalate their privileges to System level.
Microsoft Warns of Attacks on Aerospace, Travel Sectors

The attackers use a new loader to deliver RevengeRAT or AsyncRAT and other tools for data harvesting and exfiltration.
Asset Discovery Provider Panaseer Raises $26.5 Million

Panaseer banks $26.5 million in Series B funding to build out a Continuous Controls Monitoring (CCM) platform to help organizations identify assets and manage security controls.
Apple Removed 95,000 Fraudulent Applications From App Store in 2020

Last year, the company encountered over 1 million problematic apps and stopped $1.5 billion in potentially fraudulent transactions.
Security Researchers Dive Into DarkSide Ransomware

At least five Russian speaking threat actors have been identified as affiliates with the DarkSide RaaS.
SAP Patches High-Severity Flaws in Business One, NetWeaver Products

The German software maker has released 6 new and 5 updated security notes on its May 2021 Security Patch Day.
DevOps Security Startup Cycode Raises $20 Million

Cycode, an Israeli startup focused on securing DevOps tools, has raised $20 million in Series A funding.
University of California Confirms Personal Information Stolen in Cyberattack

The data breach affects employees, retirees and beneficiaries, students, and other individuals who participated in UC programs.
Google Patches 19 Vulnerabilities With Chrome 90 Update

At least 13 of the bugs are considered high severity, but none of the flaws appears to have been exploited in the wild to date.
Google Releases Open Source Tool for Verifying Containers

In collaboration with the Sigstore project, Google ships an open-source tool called cosign to make signing and verifying container images easy.
Diplomatic Entities Targeted with New 'Moriya' Windows Rootkit

Researchers at Kaspersky warn that a new rootkit is being used as part of the ongoing 'TunnelSnake' campaign targeting entities in Asia and Africa since 2019.
Four Eastern Europeans Admit in U.S. Court to Providing Bulletproof Hosting

The four individuals provided bulletproof hosting services for seven years, facilitating cyberattacks and the distribution of malware.
City of Chicago Hit by Data Breach at Law Firm Jones Day

Employee emails sent and received over a period of two years were compromised in an incident involving the Accellion FTA file transfer service.
CISA Analyzes FiveHands Ransomware

The analysis report provides technical details on the FiveHands malware and recommendations on how organizations can mitigate ransomware attacks.
Android App Developers Required by Google to Share More Info on Data Handling

All applications in Google Play will be required to provide specific information on the data they collect and how it is stored and used.
Russian 'Evil Corp' Cybercriminals Possibly Evolved Into Cyberspies

Evidence suggests the SilverFish cyberspies and Wasted Locker/Hades ransomware operators are the same threat actor.
Cisco Patches Critical Flaws in SD-WAN, HyperFlex HX Products

An attacker could exploit these vulnerabilities to create administrative accounts, gain elevated privileges, or execute arbitrary commands as the root user.
DOD Expands Vulnerability Disclosure Program to Web-Facing Targets

The U.S. Department of Defense has put all public-facing websites and applications in scope for an expanded vulnerability disclosure program.
Red Hat Open-Sourcing StackRox Security Technology

The StackRox community upstream project will open source and manage Red Hat Advanced Cluster Security for Kubernetes code.

SECURITYWEEK NETWORK:

Security Experts:

Ionut Arghire

Recent articles by Ionut Arghire

Get the Daily Briefing

Popular Topics

Security Community

Stay Intouch

About SecurityWeek