Category: http://www.infosecurity-magazine.com/rss/news/76/application-security/

Funds were taken in attack on Ronin Network This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Norway Seizes Millions in North Korean Crypto

Read more →

Criminal network comprises French and Israeli gangsters This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Police Bust $41m Email Scam Gang

Read more →

The threat actor initiated infection chains by targeting employees through WhatsApp messages This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

Read more →

The document directly mentions APT27, APT30, APT31, Ke3chang, Gallium and Mustang Panda This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: EU Cybersecurity Agency Warns Against Chinese APTs

Read more →

One year after the invasion of Ukraine, Google and Mandiant analyzed the cyber strategy of Russia-backed threat actors This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google Report Reveals Russia’s Elaborate Cyber Strategy in Ukraine

Read more →

The newest version of OxtaRAT is a polyglot file combining a compiled AutoIT script and an image This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Armenia and Azerbaijan Hackers Use OxtaRAT to Monitor Conflict

Read more →

The UK National Cybersecurity Centre’s new guidance breaks down the essentials of a good supply chain mapping (SCM) list This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK NCSC Launches Recommendations on Supply Chain Mapping

Read more →

It’s OK Ltd made over 1.7 million nuisance calls This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Firm Fined £200K For “Exploitative” Call Campaign

Read more →

Attempt to trick network defenders into allow-listing remote access app This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hackers Fake Emsisoft Certificate to Hide Attack

Read more →

Email snafu affects staff at Liverpool University Hospital Foundation Trust This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Data Leak Hits Thousands of NHS Workers

Read more →

Combined, the two groups have launched BEC campaigns in at least 13 different languages This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BEC Groups Target Firms With Multilingual Impersonation Attacks

Read more →

Core functions are intact, but the city has taken certain non-emergency systems offline This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: City of Oakland Declares State of Emergency After Ransomware Attack

Read more →

The phishing email warned users that there had been fraud on the account This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hackers Leverage PayPal to Send Malicious Invoices

Read more →

Scammers made an estimated $30m in profits in 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Quarter of Crypto Tokens Linked to Pump-and-Dump

Read more →

The average malware variant now utilizes 11 TTPs This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Experts Warn of Surge in Multipurpose Malware

Read more →

Security and ethical concerns raised by surveillance commissioner This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Policing Riddled with Chinese CCTV Cameras

Read more →

It is an initiative designed to limit user data sharing in digital advertising This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google Launches Privacy Sandbox Beta on Android 13 Devices

Read more →

It shows the threat actor trying to convince Royal Mail to pay the ransom using various techniques This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: LockBit and Royal Mail Ransomware Negotiation Leaked

Read more →

The attacks mainly targeted victims in the US but also in the UK, Turkey, and the Philippines This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Crypto-Stealing Campaign Deploys MortalKombat Ransomware

Read more →

Recorded Future analyzed how threat actors have been exploiting VMware ESXi vulnerabilities over the past three years This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Threat Analysis: VMware ESXi Attacks Soared in 2022

Read more →

Valentine’s Day outages hit airline and media companies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: SAS App and Website Hit as Attacks Target Swedish Firms

Read more →

February Patch Tuesday contains updates for over 70 CVEs This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Patches Three Zero-Day Bugs This Month

Read more →

Indian threat group conducts hundreds of operations in a short time-span This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: SideWinder APT Attacks Regional Targets in New Campaign

Read more →

The infostealer Vidar has returned to the top 10 after an increase in ‘brandjacking’ attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Lokibot, AgentTesla Grow in January 2023’s Most Wanted Malware List

Read more →

The group previously targeted government agencies and think tanks in Asia and Europe This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Hackers Infiltrate South American Diplomatic Networks

Read more →

Experts say the delay in notifying customers left data potentially open to compromise This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hackers Breach Pepsi Bottling Ventures’ Network

Read more →

Group laundered funds via 100 bank accounts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Spanish Police Bust €5m Phishing Gang

Read more →

Attack reached 71 million requests-per-second This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cloudflare Stops Largest HTTP DDoS Attack on Record

Read more →

Sanctioned mixer Blender is actually Sinbad, says Elliptic This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Resurrected Crypto-mixer Launders $100m in North Korean Funds

Read more →

Victim losses associated with online romance scams nationwide totaled approximately $5.9bn in 2021 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cybersecurity Experts Warn Against Valentine’s Day Romance Scams

Read more →

The threat actors used phishing to deliver malicious files created with the Royal Road Weaponizer This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Group-IB Blocks Attack By Chinese Tonto Team Hackers

Read more →

Cybersecurity experts believe senior leadership teams underestimate cyber-threats This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Majority of Firms Make Cybersecurity Decisions Without Attacker Insight

Read more →

Latest npm and PyPI finds should be kept out of build environments This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Researchers Uncover 700+ Malicious Open Source Packages

Read more →

Money transfer firm failed to crack down on scam agents This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MoneyGram Fraud Victims Get $115m in Compensation

Read more →

Domain registrar blames upstream provider This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Namecheap Customers Flooded with Phishing Emails

Read more →

The SNP MP revealed details of the incident, in which he clicked on a malicious file purportedly about the military situation in Ukraine This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Politician’s Email Hacked by Suspected…

Read more →

Reddit said there was “no indication” of a breach of the company’s primary production systems This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Reddit Hit By Phishing Attack, Source Code Stolen

Read more →

The latest iteration of the document is now analyzing activity by the Maui and H0lyGh0st groups This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Warns Critical Sectors Against North Korean Ransomware Attacks

Read more →

Reversing Labs said aabquerys was able to download second- and third-stage malware payloads This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Malicious Npm Package Uses Typosquatting, Downloads Malware

Read more →

Some industrial systems have been exposed for three years This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Fifth of ICS Bugs Have No Patch Available

Read more →

Avast also warns of increase in tech support fraud This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Refund and Invoice Scams Surge in Q4

Read more →

Threat actor has been dubbed TA866 by Proofpoint This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Threat Group Reviews Screenshots Before Striking

Read more →

Open source enterprise software users presented tools to automate SBOMs during the State of Open Con 23 conference in London This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #SOOCon23: Open Source Tools can Automate SBOM Requirements

Read more →

The seven Russian nationals are members of the notorious Trickbot malware gang This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US and UK Sanction Seven Russian Cyber-Criminals

Read more →

Closure of Hydra has major impact on underground sales This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Dark Web Market Revenues Sink 50% in 2022

Read more →

UK company set up to illegally profit from trade in protective equipment This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Trio Arrested in COVID PPE Fraud Probe

Read more →

Ukraine braced for more critical infrastructure attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Info-Stealer Discovered as Russia Prepares Fresh Offensive

Read more →

The SNP MP revealed details of the incident, in which he clicked on a malicious file purportedly about the military situation in Ukraine This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Politician’s Email Hacked by Suspected…

Read more →

A UK government official asks the cyber industry, including the open software community, to help shape software security policies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #SOOCon23: UK Government Urges Industry Input on Software Security Policy

Read more →

Open rates for emails hit 28% This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BEC Attacks Surge 81% in 2022

Read more →

A panel of policy experts discuss how to improve global cooperation around open source software security This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #SOOCon23: Global Cooperation Needed to Enhance Open Source Software Security

Read more →

Legacy bug in ESXi servers is being targeted by threat actors This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Releases Recovery Tool for VMware Ransomware Victims

Read more →

Replika accused of posing risk to children This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Regulator Halts AI Chatbot Over GDPR Concerns

Read more →

With $10m in seed funding, Guardz looks to tackle cyber insurance for small businesses This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cyber Insurance, A Must-Have for Small Businesses

Read more →

The engineering firm has started an investigation “to identify the extent of the issue” This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Metal Engineering Firm Vesuvius Hit by Cyber-Attack

Read more →

Dutch and German police team up to take down Exclu This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Drugs Labs Busted After Encrypted Chat App Takedown

Read more →

NCSC contest sees thousands of schoolgirls enter This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Thirteen Teams Win at UK’s CyberFirst Girls Competition

Read more →

Which? study finds many fail to provide basic online protection This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Banks Still Failing on Digital Security – Report

Read more →

Scripts could interact with the device’s UI and enter text, simulate touch events, etc. This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Novel Banking Trojan ‘PixPirate’ Targets Brazil

Read more →

Microsoft’s Digital Threat Analysis Center shared the findings last Friday in a blog post This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Iranian Threat Actor Neptunium Associated With Charlie Hebdo Cyber-Attacks

Read more →

The Tallahassee Memorial HealthCare hospital is following protocols for system downtime This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Major Florida Hospital Shuts Down Networks, Ransomware Attack Suspected

Read more →

New York attorney general says software facilitates domestic abuse This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Stalkerware Developer Hit with $400K Fine

Read more →

Vendor’s ESXi hypervisors are being targeted This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Legacy VMware Bug Exploited in Global Ransomware Campaign

Read more →

Crypto has a market cap of close to $11m This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Scam Alert for Dingo Token That Charges 99% Fee

Read more →

They created pages with malicious links and ultimately conducted credential-harvesting attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Threat Actors Use ClickFunnels to Bypass Security Services

Read more →

Affected data includes names, contact details, vehicle details and ID documents, among others This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Arnold Clark Confirms Customer Data Compromised in Breach

Read more →

The new campaign highlighted several “noteworthy developments” in TTPs This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Lazarus Group Attack Identified After Operational Security Fail

Read more →

WiCyS is calling for workshop participants to inform its State of Inclusion of Women in Cybersecurity report This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Women in CyberSecurity Calls for Participants for New Measuring Inclusion Workshops

Read more →

North Korean hackers were a major cause This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Record $3.8bn Stolen Via Crypto in 2022

Read more →

The new loaders also leverage obfuscated virtualization techniques to avoid detection This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MalVirt Loaders Exploit .NET Virtualization to Deliver Malvertising Attacks

Read more →

The Jira versions affected by the vulnerability are 5.3.0, 5.3.1, 5.3.2, 5.4.0, 5.4.1 and 5.5.0 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Atlassian Patches Critical Authentication Flaw in Jira Software

Read more →

The malware had additional exfiltration techniques compared to previously studied variants This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Credential-Stealing Campaign By APT34 Targets Middle East Firms

Read more →

New rules are designed to reduce regulatory burden This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: ICO Relaxes Breach Reporting for Comms Providers

Read more →

Individual accused of draining funds from trading platform Mango Markets This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Man Charged in $110m Crypto Trading Scheme

Read more →

Similar number expect surge in cyber-attacks this year This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Quarter of CFOs Have Suffered $1m+ Breaches

Read more →

A BlackBerry survey reveals 51% of security leaders expect ChatGPT to be at the heart of a successful cyber-attack within a year This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: IT Leaders Reveal Cyber Fears Around ChatGPT

Read more →

They created pages with malicious links and ultimately conducted credential-harvesting attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Threat Actors Use ClickFunnels to Bypass Security Services

Read more →

Affected data includes names, contact details, vehicle details and ID documents, among others This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Arnold Clark Confirms Customer Data Compromised in Breach

Read more →

The new campaign highlighted several “noteworthy developments” in TTPs This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Lazarus Group Attack Identified After Operational Security Fail

Read more →

WiCyS is calling for workshop participants to inform its State of Inclusion of Women in Cybersecurity report This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Women in CyberSecurity Calls for Participants for New Measuring Inclusion Workshops

Read more →

North Korean hackers were a major cause This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Record $3.8bn Stolen Via Crypto in 2022

Read more →

Sophos found two fraudulent crypto trading apps This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Researchers Warn of Crypto Scam Apps on Apple App Store

Read more →

Critical trading software firm Ion is compromised This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: City of London on High Alert After Ransomware Attack

Read more →

The district’s superintendent Elizabeth Hallett announced the decision in an email to parents This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ransomware Attack Forces Closure of Nantucket Schools

Read more →

The company uses a combination of T-Mobile and US Cellular for network connectivity This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google Fi Confirms Data Breach, Hints At Link to T-Mobile Hack

Read more →

But only 15% of these vulnerabilities with available fixes are in packages loaded at runtime This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Researchers Claim High-Risk Vulnerabilities Found in 87% of All Container Images

Read more →

The latest supply chain security report from SecurityScorecard and the Cyentia Institute shows worrying findings This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Almost all Organizations are Working with Recently Breached Vendors

Read more →

Firebrick Ostrich has impersonated over 150 organizations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BEC Group Uses Open Source Tactics in Hundreds of Attacks

Read more →

Exam cheats, course leaks and fake certs offer career shortcuts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Thriving Dark Web Trade in Fake Security Certifications

Read more →

Vulnerability could be exploited by ransomware groups This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Nearly 30,000 QNAP Devices Exposed Via New Bug

Read more →

Revoking these certificates will invalidate some versions of GitHub Desktop for Mac and Atom This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: GitHub Confirms Signing Certificates Stolen in Cyber-Attack, Revokes Them

Read more →

Victims were redirected to a fake landing page to exfiltrate their Proofpoint credentials This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: DocuSign Brand Impersonation Attack Bypasses Security Measures, Targets Over 10,000

Read more →

API attacks, bad bots and DDoS attacks were the industry’s main security challenges This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Financial Services Targeted in 28% of UK Cyber-Attacks Last Year

Read more →

Retaliatory Russian attacks latest response to geopolitical moves This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Killnet Attackers DDoS US and Dutch Hospitals

Read more →

Claims submitted for medical equipment not needed by patients This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Two US Doctors Convicted of $30m Medicare Fraud

Read more →

Vulnerability affects QTS and QuTS Hero firmware This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: QNAP: Patch Critical Remote Code Injection Bug

Read more →

The cyber-attack hit the company between November 2018 and October 2020 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: JD Sports Confirms Breach Affected 10 Million Customers

Read more →

Threat actors used TrickGate to conduct between 40 and 650 attacks per week in the last two years This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hackers Use TrickGate Software to Deploy Emotet, REvil, Other Malware

Read more →

The data comes from 155 dark web forums analyzed between January 2020 and June 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Devs on Dark Web Forums Paid Up to $20,000 For Illicit Activities

Read more →

Over 20 million users install apps from Google Play This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Fake Money Apps Garner Millions of Android Downloads

Read more →