Category: http://www.infosecurity-magazine.com/rss/news/76/application-security/

The incident involved an unauthorized third party gaining access to several systems This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Western Digital Hit By Network Security Breach

Read more →

The ICO said TikTok failed to provide proper information on how data is collected, used and shared This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: TikTok Fined £12.7m For Violating UK Data Privacy Laws

Read more →

Website takedowns driven by Russian hacktivists This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: HTTP/S DDoS Attacks Soar 487% in Three Years

Read more →

Six crypto wallets now under government control This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Authorities Seize $112m From “Pig Butchering” Scammers

Read more →

Kaspersky links campaign to Gopuram backdoor This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Crypto Firms Are Likely Target for 3CX Attacks

Read more →

It will be a resource for DoD organizations, vendors and security researchers This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US DoD Unveils Website For Hack the Pentagon Bug Bounty Program

Read more →

Erich Andersen, general counsel for TikTok, confirmed company will safeguard US user data from China This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: TikTok to Comply With US Law, Protect User Data From China

Read more →

Latest Lookout report also suggested 46% of remote employees saved work files to personal devices This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Unapproved Apps Used By 32% of Remote Workers

Read more →

Pay TV firm accused of misleading investors This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Dish Network Hit with Multiple Securities Class Action Lawsuits

Read more →

Nearly five million impacted by December 2022 incident This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Consumer Loans Firm TMX Reveals Major Data Breach

Read more →

Firm has billions of pounds worth of government contracts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Outsourcer Capita Claims to Have Contained “Cyber Incident”

Read more →

GPDP probe is due to allegations that ChatGPT failed to comply with data collection rules This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Italy’s Privacy Watchdog Blocks ChatGPT Amid Privacy Concerns

Read more →

Harvesting API keys and secrets from AWS SES, Microsoft Office 365 and other services This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Modular “AlienFox” Toolkit Used to Steal Cloud Service Credentials

Read more →

The cross-site scripting flaw affects SFX version 9.1.1436.9590 or earlier and has a CVSS of 8.2 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Azure Flaw “Super FabriXss” Enables Remote Code Execution Attacks

Read more →

ICO issues call after reprimanding NHS Highland This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Regulator: HIV Data Protection Must Improve

Read more →

Agency wants business leaders to get serious about cyber This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: GCHQ Updates Security Guidance for Boards

Read more →

More than 100 sites created to lure European victims This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ukrainian Police Bust Multimillion-Dollar Phishing Gang

Read more →

Windows and Mac versions of the software were compromised to deliver infostealers This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: North Korean Hackers Use Trojanized 3CX DesktopApp in Supply Chain Attacks

Read more →

95% of security leaders are also concerned about phishing attacks via private messaging apps This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Over 70% of Employees Keep Work Passwords on Personal Devices

Read more →

New medical devices applications should “monitor, identify, and address” cybersecurity issues This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: FDA Protects Medical Devices Against Cyber-Threats With New Measures

Read more →

Scammers are increasingly trying to legitimize their efforts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Volume of HTTPS Phishing Sites Surges 56% Annually

Read more →

Agency says it has seized hundreds of assets in month-long operation This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NCA Celebrates Multimillion-Pound Fraud Takedowns

Read more →

SafeMoon claims exploited vulnerability was to blame This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Thieves Steal $9m from Crypto Liquidity Pool

Read more →

Spyware vendors facilitated the spread of malware by government-backed threat actors This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google Warns Against Commercial Spyware Exploiting Zero-Days

Read more →

The vulnerability has a CVSS score of 7.2 and was exploited against several companies in the US This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Clop Ransomware Group Exploits GoAnywhere MFT Flaw

Read more →

The new Salt Security report found that 80% of attacks happened over authenticated APIs This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Attacks Targeting APIs Increased By 400% in Last Six Months

Read more →

The breach was caused by a bug in an open-source library This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: ChatGPT Vulnerability May Have Exposed Users’ Payment Information

Read more →

New principles designed to disrupt and limit a rapidly growing market This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Tech Industry Bids to Tackle Cyber-Mercenary Epidemic

Read more →

Microsoft warns of “permissions gap” security threat This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Just 1% of Cloud Permissions Are Actively Used

Read more →

Mandiant says unit is focused on espionage and crypto theft This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Experts Warn of Self-Funding North Korean Group APT43

Read more →

The malware campaign relying on this technique was observed abusing Tor Browser installers This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Clipboard-Injector Attacks Target Cryptocurrency Users

Read more →

The vulnerability refers to a type confusion bug in the WebKit browser engine This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Apple Releases Security Patches For Older iPhone and iPad Models

Read more →

The move is expected to affect roughly 2.5 million government officials This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: France Bans TikTok, Other ‘Fun’ Apps From Government Devices

Read more →

Solomon Ekunke Okpe and others made over $1m from online fraud This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Four Years Behind Bars for Prolific BEC Scammer

Read more →

Bugcrowd is concerned about a lack of protection for ethical hackers This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Call for Submissions to UK’s New Computer Misuse Act

Read more →

White House says use of tools must be aligned with human rights This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Moves to Ban “Anti-Democratic” Spyware

Read more →

Information disclosure vulnerability aCropalypse could enable malicious actors to recover sections of screenshots This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Fixes Security Flaw in Windows Screenshot Tools

Read more →

The new variants hint that considerable effort is going into the future of IcedID and its codebase This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Three Variants of IcedID Malware Discovered

Read more →

The malware can extract information from documents, browser cookies and login information This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New MacStealer Targets Catalina, Newer MacOS Versions

Read more →

Agency attempts to disrupt the cybercrime underground This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NCA Harvests Info on DDoS-For-Hire With Fake Booter Sites

Read more →

FBI warns of scammers using Net-30 and Net-60 terms This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New BEC Tactics Enable Fake Asset Purchases

Read more →

Over 14 million records stolen from consumer lender This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Latitude Financial Admits Breach Impacted Millions

Read more →

Provides businesses with early warnings to evict threat actors before they can encrypt data This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Unveils Ransomware Notification Initiative

Read more →

The vulnerability could allow an unauthenticated attacker to gain admin privileges and take over a website This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites

Read more →

The move reportedly did not stem from a compromise of GitHub systems or customer information This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: GitHub Updates Security Protocol For Operations Over SSH

Read more →

Further blow for Chinese social media app This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Now UK Parliament Bans TikTok from its Network and Devices

Read more →

Monster 500MB attachment hides a nasty surprise This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: IRS Phishing Emails Used to Distribute Emotet

Read more →

Business leaders still underestimate importance of security to growth This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Fifth of Execs Admit Security Flaws Cost Them New Biz

Read more →

The deployment of custom credential theft malware is the main novelty of the new campaign This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: China-Aligned “Operation Tainted Love” Targets Middle East Telecom Providers

Read more →

Cyber-criminals used the scam to steal the credentials for various email accounts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: SharePoint Phishing Scam Targets 1600 Across US, Europe

Read more →

The flaw derives from the way the Okta system records failed login attempts to instances This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Post-Exploitation Attack Method Found Affecting Okta Passwords

Read more →

Plans to boost cyber-resilience in the health service by 2030 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Government Sets Out Vision for NHS Cybersecurity

Read more →

Incident was linked to previously disclosed ransomware attack This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Irish Food Giant Dole Admits Employee Data Breach

Read more →

Software was unwittingly downloaded thousands of times This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Malicious ChatGPT Chrome Extension Hijacks Facebook Accounts

Read more →

The forum’s admin said the move might be temporary and that they will set up a new Telegram group This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BreachForums Shuts Down After Admin’s Arrest

Read more →

Nexus offers overlay attacks and keylogging activities designed to steal victims’ credentials This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Android Banking Trojan ‘Nexus’ Promoted As MaaS

Read more →

Guidance includes best practices for identity governance, environmental hardening, SSO, MFA and IAM auditing This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA and NSA Enhance Security Framework With New IAM Guide

Read more →

Threat actors impersonated target company’s vendor This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Security Researchers Spot $36m BEC Attack

Read more →

Organizations are failing with their anti-phishing measures This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Just 1% of Dot-Org Domains Are Fully DMARC Protected

Read more →

ENISA claims most threats are opportunistic This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ransomware Attacks Double in Europe’s Transport Sector

Read more →

The scam targeted more than 40 well-known brands from 13 countries in the MEA region This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Over 2400 Fake Pages Found Targeting Job Seekers in Middle East, Africa

Read more →

Administrative, agriculture and transportation firms targeted in Donetsk, Luhansk and Crimea This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CommonMagic Targets Entities in Russo-Ukrainian Conflict Zone

Read more →

JFrog said this is the first instance of packages with malicious code in NuGet This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hackers Use NuGet Packages to Target .NET Developers

Read more →

Company urges operators to patch now This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: General Bytes Bitcoin ATMs Hacked to Steal Funds

Read more →

Offerings are designed to improve security for millions of firms This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NCSC Launches Two New Tools for Small Businesses

Read more →

Carmaker says it didn’t pay its extorters This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ferrari Reveals Data Breach Ransom Attack

Read more →

Microsoft said it saw between 40 and 60 daily attacks in February This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: KillNet Group Uses DDoS Attacks Against Azure-Based Healthcare Apps

Read more →

These included a number of government websites: 105 in Chile, 431 in Mexico and 265 in Peru This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Mispadu Trojan Steals 90,000+ Banking Credentials From Latin American Victims

Read more →

Conor Brian Fitzpatrick of Peekskill was apprehended last Wednesday following an FBI investigation This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BreachForums Admin Arrested in New York

Read more →

Jumpsec report identified Karakurt, Lockbit and Vice Society among groups responsible This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Ransomware Incident Volumes Surge 17% in 2022

Read more →

Akamai warns of new Mirai-like botnet written in Go This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: “Hinata” Botnet Could Launch Massive DDoS Attacks

Read more →

Juniper Research says most of the pain will be felt in the US This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Scam Robocalls Forecast to Cost $58bn This Year

Read more →

Most of these apps rely on clipper malware to steal the contents of the Android clipboard This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Telegram, WhatsApp Trojanized to Target Cryptocurrency Wallets

Read more →

SentinelOne shared details about the new campaign in an advisory published on Thursday This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Pro-Russian Winter Vivern APT Targets Governments and Telecom Firm

Read more →

Four of these vulnerabilities enabled potential attackers to perform remote code execution This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google Exposes 18 Zero-Day Flaws in Samsung Exynos Chips

Read more →

Negligence could have caused “significant damage” This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: ICO Reprimands Metropolitan Police for Data Snafu

Read more →

Organizations outside Ukraine could be targeted This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian Military Preparing New Destructive Attacks: Microsoft

Read more →

Tens of thousands of mailboxes targeted This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Vishing Campaign Targets Social Security Administration

Read more →

The critical vulnerability allows remote code execution and was assigned a CVSS v3.1 score of 9.8 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Government IIS Server Breached via Telerik Software Flaw

Read more →

The operation seized four servers, 7TB of data and 1909.4 Bitcoins (roughly $47.3m) This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: ChipMixer Crypto Laundromat Shut Down By German, US Authorities

Read more →

The Chancellor of the Duchy of Lancaster, Oliver Dowden, confirmed the plans earlier today This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Joins US, Canada, Others in Banning TikTok From Government Devices

Read more →

Tool won’t democratize cybercrime, agency argues This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NCSC Calms Fears Over ChatGPT Threat

Read more →

Business email compromise overtakes ransomware This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BEC Volumes Double on Phishing Surge

Read more →

Cobalt Strike beacon loader migrates across criminal ecosystems This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese SilkLoader Malware Sold to Russian Cyber-Criminals

Read more →

The hacker breached the DLP company’s internal update servers to deliver malware within its network This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Tick APT Group Hacked East Asian DLP Software Firm

Read more →

CPR discovered 2500 samples of the malware, impersonating 20 financial institutions in the region This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: “FakeCalls” Android Malware Targets Financial Firms in South Korea

Read more →

The research paper by HoxHunt analyzed 53,127 emails sent to users in over 100 countries This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Humans Still More Effective Than ChatGPT at Phishing

Read more →

NatWest warns of “life-changing” customer losses This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Bank Limits Crypto Payments to Smother Fraud

Read more →

Experts warn users to be on their guard This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Phishing Campaigns Use SVB Collapse to Harvest Crypto

Read more →

They include one likely exploited by Russian-linked threat actors This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Patches Two Zero Days This Month

Read more →

The threat actors mainly targeted organizations across Azerbaijan, Tajikistan and Kyrgyzstan This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: YoroTrooper Espionage Campaigns Target CIS, EU Countries

Read more →

The kit is written in NodeJS and has automated setup and detection evasion capabilities This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: DEV-1101 Updates Open Source Phishing Kit

Read more →

The Agency will warn critical infrastructure entities to enable mitigation before an incident This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Creates New Ransomware Vulnerability Warning Program

Read more →

LockBit ransomware group stole data and encrypted files This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: LA Housing Authority Suffers Year-Long Breach

Read more →

Euler Finance suffered “flash loan” attack This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Crypto Firm Loses $200m in Cyber-Attack

Read more →

National Protective Security Authority begins its work This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MI5 Launches New Agency to Tackle State-Backed Attacks

Read more →

The relationship between Europe and ASEAN countries is being exploited with social engineering lures This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Dark Pink APT Group Deploys KamiKakaBot Against South Asian Entities

Read more →

13 vulnerabilities were found in the E11 smart intercom devices by Chinese manufacturer Akuvox This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Remote Code Execution and Camera Access Flaws Found in Smart Intercoms

Read more →

Infostealers observed to be delivered via these videos included Vidar, RedLine and Raccoon This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Infostealers Spread Via AI-Generated YouTube Videos

Read more →

Agentless cloud security solutions were among the most talked-about topics during the Cloud & Cyber Security Expo, set in London on March 8-9, 2023 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Unlocking the Benefits and Trade-Offs…

Read more →