China-Linked APT15 Targets Foreign Ministries With ‘Graphican’ Backdoor
Anti-malware vendor Symantec is warning that a China-linked hacking group flagged as APT15 is targeting foreign affairs ministries in the Americas with a new backdoor…
Category: SecurityWeek
PoC Exploit Published for Cisco AnyConnect Secure Vulnerability
A security researcher has published proof-of-concept (PoC) code targeting a recently patched high-severity vulnerability in the Cisco AnyConnect Secure Mobility Client and Secure Client for…
The Benefits of Red Zone Threat Intelligence
Exploit trends help reveal the areas that cybercriminals are actively investigating for potential attacks and what they’re currently targeting. New intelligence allows CISOs to prioritize…
Bipartisan Bill Proposes Cybersecurity Funds for Rural Water Systems
A new bill proposes to increase cybersecurity funding for rural water systems by $7.5 million dollars per year. It’s not a lot of money for…
Apple Patches iOS Flaws Used in Kaspersky ‘Operation Triangulation’
Apple has rolled out a major security-themed iOS update to fix remote code execution vulnerabilities that have already been exploited in the wild. The patches…
CISOs’ New Stressors Brought on by Digitalization: Report
Whether cloud migration is a cause or effect of digitalization, it is nevertheless a major part of the journey currently being taken by business. Cloud…
Kaspersky Dissects Spyware Used in iOS Zero-Click Attacks
Russian anti-malware vendor Kaspersky has analyzed the spyware implant deployed as part of recent zero-click iMessage attack that targeted iOS-powered devices in its corporate network.…
Cooperation or Competition? China’s Security Industry Sees the US, Not AI, as the Bigger Threat
After years of breakneck growth, China’s security and surveillance industry is now focused on shoring up its vulnerabilities to the United States and other outside…
Critical WordPress Plugin Vulnerabilities Impact Thousands of Sites
Web application security firm Defiant warns of critical-severity authentication bypass vulnerabilities in two WordPress plugins with tens of thousands of installations. The first security defect,…
Enphase Ignores CISA Request to Fix Remotely Exploitable Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) this week issued advisories detailing two unpatched vulnerabilities in Enphase products. An American energy technology company, Enphase…
DOJ Launches Cyber Unit to Prosecute Nation-State Threat Actors
The United States Department of Justice (DOJ) has created a new litigating section to increase its ability to disrupt and prosecute nation-state threat actors and…
Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use?
Like all major applications, Google’s Chrome suffers from vulnerabilities. During 2022, SecurityWeek reported on 456 vulnerabilities (averaging 38 per month), including nine zero-days. The high…