> TritonInfoSec News

# Archive

Browse past daily curated stories

Mar 15 Mar 14 Mar 13 Mar 12 Mar 11 Mar 10 Mar 09 Mar 08 Mar 07 Mar 06 Mar 05 Mar 04 Mar 03 Mar 02 Mar 01 Feb 28 Feb 27 Feb 26 Feb 25 Feb 24 Feb 23 Feb 21 Feb 20 Feb 18

Friday, March 13, 2026

  1. 1
    1
    The Hacker News general
    Veeam Patches 7 Critical Backup & Replication Flaws Allowing Remote Code Execution

    Veeam patched 7 critical vulnerabilities in Backup & Replication software, including CVE-2026-21666 with a 9.9 CVSS score that allows authenticated domain users to execute remote code on Backup Servers. Multiple other critical flaws also enable RCE attacks against the widely-used enterprise backup platform. These vulnerabilities pose significant risks to organizations relying on Veeam for data protection and backup operations.

  2. 2
    0
    Ars Technica Security general
    The who, what, and why of the attack that has shut down Stryker's Windows network"

    Medical device giant Stryker suffered a cyberattack that completely shut down its Windows network environment, with the company unable to provide a timeline for restoration. The attack affected Stryker's global operations and forced the company to send home over 5,000 workers at its Ireland facility. This demonstrates how targeted attacks on critical infrastructure can cause immediate operational disruption across multinational corporations.

  3. 3
    0
    The Record threat-intel
    US, Europol disrupt SocksEscort network that exploited thousands of residential routers

    US and European authorities disrupted the SocksEscort proxy network that compromised residential routers and IoT devices across 163 countries, affecting 369,000 victims and generating $5.8 million for cybercriminals. The network used AVRecon malware targeting Linux devices to provide anonymization services to threat actors. This takedown represents a significant blow to cybercriminal infrastructure used to mask attack origins.

  4. 4
    0
    CyberScoop general
    Stryker attack highlights nebulous nature of Iranian cyber activity amid joint U.S.-Israel conflict

    The Stryker cyberattack highlights increased Iranian cyber activity amid the ongoing U.S.-Israel conflict, with early analysis suggesting the attack was successful against the medical device manufacturer. Iranian APTs are demonstrating enhanced capabilities in targeting critical infrastructure during geopolitical tensions. Security teams need to prepare for escalated threat activity from state-sponsored groups during periods of international conflict.

  5. 5
    0
    Dark Reading general
    Iran MOIS Colludes With Criminals to Boost Cyberattacks

    Iran's Ministry of Intelligence (MOIS) is now directly collaborating with actual cybercriminal groups rather than just masquerading as them, representing a significant evolution in Iranian cyber operations. This partnership allows state actors to blend espionage activities with financially-motivated attacks, making attribution more difficult. The shift indicates Iran is leveraging criminal networks to expand operational capabilities and complicate threat intelligence efforts.

  6. 6
    0
    BleepingComputer general
    Canadian retail giant Loblaw notifies customers of data breach

    Canadian retail giant Loblaw disclosed a data breach that prompted the company to automatically log out all customers from their digital accounts as a precautionary measure. Account holders must re-authenticate to access the company's digital services following the security incident. The breach affects one of Canada's largest retail chains, potentially impacting millions of customer accounts.

  7. 7
    0
    Schneier on Security threat-intel
    iPhones and iPads Approved for NATO Classified Data

    Apple's iPhone and iPad became the first consumer devices certified for NATO classified data up to the restricted level without requiring special software modifications. This certification enables government and military personnel to use standard Apple devices for classified communications out-of-the-box. The approval represents a significant milestone for mobile device security in government environments.

  8. 8
    0
    BleepingComputer general
    England Hockey investigating ransomware data breach

    England Hockey is investigating a ransomware attack after the AiLock ransomware gang listed the organization on its data leak site. The breach affects the governing body for field hockey in England and demonstrates how ransomware groups continue targeting sports organizations. This incident highlights the vulnerability of smaller governing bodies that may lack robust cybersecurity defenses.

  9. 9
    0
    The Record threat-intel
    US sanctions North Korea IT worker networks in Laos, Vietnam

    The US sanctioned North Korean IT worker networks operating in Laos and Vietnam, targeting Amnokgang Technology Development Company and Quangvietdnbg International Services Company. These entities facilitate North Korean IT workers' operations and currency conversion services for sanctions evasion. The sanctions aim to disrupt North Korea's revenue generation through illicit IT work conducted overseas.

  10. 10
    0
    The Hacker News general
    Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

    The VENON banking malware targets 33 Brazilian banks using Rust programming language and credential-stealing overlays, marking a departure from typical Delphi-based Latin American malware families. The malware infects Windows systems and represents the evolution of regional banking trojans toward more sophisticated programming languages. This shift demonstrates how threat actors are modernizing their development practices to evade detection.