Category: www.infosecurity-magazine.com

Citrix customers are urged to patch their vulnerable NetScaler appliances, but “patching alone won’t cut it,” experts said This article has been indexed from www.infosecurity-magazine.com Read the original article: Citrix Patches Three NetScaler Zero Days as One Sees Active Exploitation

Read more →

EU security agency ENISA is being handed €36m to operate the EU Cybersecurity Reserve This article has been indexed from www.infosecurity-magazine.com Read the original article: ENISA to Coordinate €36m EU-Wide Incident Response Scheme

Read more →

Google is warning of a new credential theft campaign targeting Salesforce customers via Salesloft Drift This article has been indexed from www.infosecurity-magazine.com Read the original article: New Data Theft Campaign Targets Salesforce via Salesloft App

Read more →

Abnormal AI said the campaign, which lures victims into downloading legitimate RMM software, marks a major evolution in phishing tactics This article has been indexed from www.infosecurity-magazine.com Read the original article: New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over…

Read more →

A new version of the Hook Android banking Trojan features 107 remote commands, including ransomware overlays This article has been indexed from www.infosecurity-magazine.com Read the original article: New Android Trojan Variant Expands with Ransomware Tactics

Read more →

A global phishing campaign has been identified using personalized emails and fake websites to deliver malware via UpCrypter This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Campaign Uses UpCrypter to Deploy Remote Access Tools

Read more →

All previously scheduled mobility trips across Maryland for this week will be honored, said the state’s transportation administration This article has been indexed from www.infosecurity-magazine.com Read the original article: US: Maryland Confirms Cyber Incident Affecting State Transport Systems

Read more →

A new CIISec poll finds the majority of industry professionals would prefer more rigorous cybersecurity laws This article has been indexed from www.infosecurity-magazine.com Read the original article: CIISec: Most Security Professionals Want Stricter Regulations

Read more →

Data I/O has revealed operational disruption following a ransomware breach that forced it to take some systems offline This article has been indexed from www.infosecurity-magazine.com Read the original article: Tech Manufacturer Data I/O Hit by Ransomware

Read more →

A variant of the Atomic macOS Stealer (AMOS) targets macOS users via fake support sites in malvertising campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake macOS Help Sites Seek to Spread Infostealer in Targeted Campaign

Read more →

A Chinese developer has been sentenced to four years in prison after being found to deploy malicious code in his employer’s network, including a “kill switch” This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Developer Jailed…

Read more →

The US Cybersecurity and Infrastructure Security Agency is planning to launch an update to a 2021 guideline for SBOM requirements This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Seeks Biden Era’s SBOM Minimum Requirements Guideline Change

Read more →

Operation Serengeti 2.0 operators helped recover $97.4m stolen by cybercriminals This article has been indexed from www.infosecurity-magazine.com Read the original article: Interpol-Led African Cybercrime Crackdown Leads to 1209 Arrests

Read more →

Darktrace observed a coordinated campaign on customer SaaS accounts, all of which involved logins from IP addresses linked to VPS providers This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Abuse Virtual Private Servers to Compromise SaaS…

Read more →

All Apple users are encouraged to update their iPhones, iPads and macOS devices This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple Releases Patch for Likely Exploited Zero-Day Vulnerability

Read more →

Microsoft has set out a roadmap to complete transition to PQC in all its products and services by 2033, with roll out beginning by 2029 This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft to Make All…

Read more →

Russian state-backed hackers are exploiting a seven-year-old Cisco Smart Install vulnerability (CVE-2018-0171) in end-of-life devices, prompting warnings from the FBI and Cisco Talos This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Espionage Group Static Tundra Targets…

Read more →

Colt customers can request a list of filenames posted on the dark web via a dedicated call center This article has been indexed from www.infosecurity-magazine.com Read the original article: Colt Admits Customer Data Likely Stolen in Cyber-Attack

Read more →

A 22-year-old Oregon man has been charged with administering the Rapper Bot DDoS-for-hire Botnet This article has been indexed from www.infosecurity-magazine.com Read the original article: Oregon Man Charged in Rapper Bot DDoS-for-Hire Case

Read more →

Noah Urban, linked with the Scattered Spider cybercriminal gang, will also pay $13m in restitution to victims This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminal Linked to Notorious Scattered Spider Gang Gets 10-Year Sentence

Read more →

Orange Belgium revealed that a threat actor has compromised 850,000 customer accounts, with SIM card numbers among the data accessed This article has been indexed from www.infosecurity-magazine.com Read the original article: Orange Data Breach Raises SIM-Swapping Attack Fears

Read more →

NIST has released new guidelines examining the pros and cons of detection methods for face morphing software This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Unveils Guidelines to Help Spot Face Morphing Attempts

Read more →

Guardio reveals a new AI take on ClickFix dubbed “PromptFix” This article has been indexed from www.infosecurity-magazine.com Read the original article: “PromptFix” Attacks Could Supercharge Agentic AI Threats

Read more →

With Beacon Network, TRM Labs has brought together law enforcement and some of the largest crypto exchanges to fight against crypto crimes This article has been indexed from www.infosecurity-magazine.com Read the original article: TRM Launches Industry-Wide Platform to Fight Crypto…

Read more →

A new report has mapped the tactical evolution of mule operators in the META region from VPNs to advanced fraud networks This article has been indexed from www.infosecurity-magazine.com Read the original article: Mule Operators in META Adopt Advanced Fraud Schemes

Read more →

Researchers discovered two new phishing techniques where attackers split malicious QR codes or embed them into legitimate ones This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Weaponize QR Codes in New ‘Quishing’ Attacks

Read more →

Trend Micro highlighted a sophisticated post-compromise attack chain to deploy the Warlock ransomware in unpatched SharePoint on-prem environments This article has been indexed from www.infosecurity-magazine.com Read the original article: Warlock Ransomware Hitting Victims Globally Through SharePoint ToolShell Exploit

Read more →

The Better Business Bureau is urging business owners and influencers not to fall for a new type of podcast scam This article has been indexed from www.infosecurity-magazine.com Read the original article: Executives Warned About Celebrity Podcast Scams

Read more →

US director of national intelligence, Tulsi Gabbard, stated that her government persuaded the UK to withdraw its controversial demand This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Retreats on Apple Encryption Backdoor Demand Following US Pressure

Read more →

Microsoft has issued an emergency patch to fix Windows recovery problems for some users This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Issues Out-of-Band Update to Fix Recovery Issues

Read more →

ISACA has launched the new AAISM certification to equip security leaders with AI risk management expertise This article has been indexed from www.infosecurity-magazine.com Read the original article: ISACA Launches AI-Centric Security Management Certification

Read more →

A critical flaw in SAP NetWeaver AS Java is being widely exploited, allowing unauthenticated remote code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: Public Exploit Released for Critical SAP NetWeaver Flaw

Read more →

A cyber-attack on Allianz Life, linked to the ShinyHunters group, has exposed the personal information of 1.1 million customers This article has been indexed from www.infosecurity-magazine.com Read the original article: Allianz Life Data Breach Exposes Personal Data of 1.1 Million…

Read more →

The Canadian Investment Regulatory Organization (CIRO) said it will work to identify the personal information breached and notify those affected This article has been indexed from www.infosecurity-magazine.com Read the original article: Canadian Financial Regulator Hacked, Exposing Personal Data from Member…

Read more →

Red Canary observed the novel tactic in a cluster of activity targeting a legacy vulnerability to access cloud-based Linux systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Attacker “Patches” Vulnerability Post Exploitation to Lock Out Competition

Read more →

Researchers detected that FreeVPN.One, a longstanding Chrome Web Store VPN extension, recently turned into spyware This article has been indexed from www.infosecurity-magazine.com Read the original article: Legitimate Chrome VPN Extension Turns to Browser Spyware

Read more →

South Yorkshire Police have been reprimanded by the ICO after deleting 96,000 pieces of evidence from officers’ bodycams This article has been indexed from www.infosecurity-magazine.com Read the original article: South Yorkshire Police Deletes 96,000 Pieces of Digital Evidence

Read more →

Over 280,000 customers of Australian ISP iiNet have been impacted by a data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Australian ISP iiNet Suffers Breach of 280,000+ Records

Read more →

A multi-stage attack delivered via USB devices has been observed installing cryptomining malware using DLL hijacking and PowerShell This article has been indexed from www.infosecurity-magazine.com Read the original article: USB Malware Campaign Spreads Cryptominer Worldwide

Read more →

An incident involving the npm package eslint-config-prettier has been uncovered spreading Scavenger RAT This article has been indexed from www.infosecurity-magazine.com Read the original article: Popular npm Package Compromised in Phishing Attack

Read more →

Cisco Talos observed the newly identified group compromise a Taiwanese web hosting provider to conduct a range of malicious activities This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese APT Group Targets Web Hosting Services in Taiwan

Read more →

The Warlock ransomware gang has taken credit for the cyber-attack after the UK telco giant publicly confirmed an incident on August 14 This article has been indexed from www.infosecurity-magazine.com Read the original article: Colt Customers Face Prolonged Outages After Major…

Read more →

Al-Tahery Al-Mashriky has been sentenced to 20 months behind bars for hacktism-related offenses This article has been indexed from www.infosecurity-magazine.com Read the original article: Man Jailed for 20 Months After Compromising Millions of Accounts

Read more →

Workday has revealed a breach of its third-party CRM systems in what could be the latest ShinyHunters attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Workday Reveals CRM Breach

Read more →

Germany, the Netherlands and four of the Five Eyes countries share a common asset inventory for industrial cybersecurity This article has been indexed from www.infosecurity-magazine.com Read the original article: US and Five Global Partners Release First Unified OT Security Taxonomy

Read more →

Cisco has issued a software update to address the vulnerability, which can allow an unauthenticated, remote attacker to inject arbitrary shell commands This article has been indexed from www.infosecurity-magazine.com Read the original article: Cisco Discloses Critical RCE Flaw in Firewall…

Read more →

A new Checkmarx study reveals that AI-generated code now accounts for over 60% of codebases in some companies, much of which contains known vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Majority of Organizations Ship Vulnerable…

Read more →

A RUSI report warned that money mules are exploiting inadequate security controls in smaller payment service providers to move fraudulent transactions about This article has been indexed from www.infosecurity-magazine.com Read the original article: Authorized Push Payment Fraud a National Security…

Read more →

A flaw in KernelSU 0.5.7 allows attackers to impersonate its manager app and gain root access to Android devices This article has been indexed from www.infosecurity-magazine.com Read the original article: KernelSU v0.5.7 Flaw Lets Android Apps Gain Root Access

Read more →

An ongoing malware campaign has been observed using malvertising to deliver PS1Bot, a PowerShell-based framework This article has been indexed from www.infosecurity-magazine.com Read the original article: Malvertising Campaign Deploys Modular PowerShell Malware PS1Bot

Read more →

The Bureau’s Internet Crime Complaint Center has provided a list of indicators for potential cryptocurrency scam victims to avoid a double whammy This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Shares Tips to Spot Fake Lawyer…

Read more →

Abnormal AI said gaining access to such accounts provides opportunities for sophisticated fraud schemes that impersonate officials This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacked Law Enforcement and Government Email Accounts Sold on Dark Web for…

Read more →

Fortinet reveals details of a new critical-rated vulnerability in FortiSIEM circulating in the wild This article has been indexed from www.infosecurity-magazine.com Read the original article: Fortinet Warns Exploit Code Available for Critical Vulnerability

Read more →

The UK government has announced 10 new live facial recognition police vans to be deployed around the country This article has been indexed from www.infosecurity-magazine.com Read the original article: Campaigners Slam Expansion of Police Facial Recognition Schemes in UK

Read more →

A critical RCE vulnerability in Erlang’s OTP SSH daemon has been identified that allows unauthenticated command execution This article has been indexed from www.infosecurity-magazine.com Read the original article: Erlang/OTP SSH Vulnerability Sees Spike in Exploitation Attempts

Read more →

AI-powered trading platforms have been observed exploiting deepfake technology to trick investors with fake endorsements This article has been indexed from www.infosecurity-magazine.com Read the original article: Deepfake AI Trading Scams Target Global Investors

Read more →

The personal data of almost 145,000 people who were registered in Manpower’s systems was compromised This article has been indexed from www.infosecurity-magazine.com Read the original article: Staffing Company Manpower Discloses Large-Scale Data Breach

Read more →

Mayor of St. Paul, Minnesota, Melvin Carter, confirmed that employee data was published online by the Interlock ransomware gang This article has been indexed from www.infosecurity-magazine.com Read the original article: St. Paul’s Mayor Confirms Interlock Data Leak

Read more →

The US Department of Justice has announced the seizure of domains, servers and $1m in proceeds from the BlackSuit ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: US Authorities Seize $1m from BlackSuit Ransomware Group

Read more →

Microsoft announced updates for 107 vulnerabilities on Patch Tuesday, including one zero-day This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Over 100 CVEs on August Patch Tuesday

Read more →

In a new investigation launched at DEFCON 33, Analyst1’s Jon DiMaggio revealed probable Russian government involvement in the Kaseya attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacker Alleges Russian Government Role in Kaseya Cyber-Attack

Read more →

A new technique has bypassed GPT-5’s safety systems via narrative-driven steering to elicit harmful output This article has been indexed from www.infosecurity-magazine.com Read the original article: GPT-5 Safeguards Bypassed Using Storytelling-Driven Jailbreak

Read more →

Over 29,000 Microsoft Exchange servers remain unpatched against a vulnerability that could allow attackers to seize control of entire domains in hybrid cloud environments This article has been indexed from www.infosecurity-magazine.com Read the original article: 29,000 Servers Remain Unpatched Against…

Read more →

The sophisticated campaign aims to steal credentials of sponsor license holders to facilitate immigration fraud, extortion and other monetization schemes This article has been indexed from www.infosecurity-magazine.com Read the original article: Home Office Phishing Scam Targets UK Immigration Sponsors

Read more →

Rapid7 found that threat actors are able to purchase low-cost initial access broker services, with many packages offering a variety of options This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Exploit Low-Cost Initial Access Broker Market

Read more →

While “fairly primitive”, APT28’s LameHug was a testbed for future AI-powered attacks, said two MITRE experts during Black Hat USA 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: MITRE: Russian APT28’s LameHug, a Pilot for Future…

Read more →

New threat intelligence points to targeting of financial services and technology sectors by ShinyHunters group This article has been indexed from www.infosecurity-magazine.com Read the original article: Financial Services Could Be Next in Line for ShinyHunters

Read more →

Threat actors have stolen data on at least half a million cancer screening patients This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Raid Dutch Lab, Stealing Data on 500,000 Patients

Read more →

A flaw in WinRAR, tracked as CVE-2025-8088, has been exploited by the RomCom group to deploy malware This article has been indexed from www.infosecurity-magazine.com Read the original article: New WinRAR Zero-Day Exploited by RomCom Hackers

Read more →

A cyber-attack at Connex Credit Union has compromised data of 172,000 individuals, including sensitive information This article has been indexed from www.infosecurity-magazine.com Read the original article: Connex Credit Union Breach Exposes 172,000 Members’ Data

Read more →

Four senior members of a Ghana-based criminal network have been indicted for stealing over $100 million through romance scams and BEC frau This article has been indexed from www.infosecurity-magazine.com Read the original article: Ghanaian Nationals Extradited for Roles in $100M…

Read more →

TRM Labs observed crypto payments worth $34.2m moved from victims addresses to a range of destinations likely associated with the group This article has been indexed from www.infosecurity-magazine.com Read the original article: Embargo Ransomware Gang Amasses $34.2m in Attack Proceeds

Read more →

Eight European countries have yet to transpose NIS2 into law, exposing them to regulatory action This article has been indexed from www.infosecurity-magazine.com Read the original article: Eight Countries Face EU Action Over NIS2 Deadline Failings

Read more →

Commercial red team experts believe AI’s current impact on cyber is overstated This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Red Teamers “Deeply Skeptical” of AI

Read more →

The winners of the AI Cybersecurity Challenge (AIxCC), Team Atlanta, won a $4m prize This article has been indexed from www.infosecurity-magazine.com Read the original article: #DEFCON: AI Cyber Challenge Winners Revealed in DARPA’s $4M Cybersecurity Showdown

Read more →

Leaders of the US Cybersecurity and Infrastructure Agency (CISA) pushed back on layoff concerns and highlighted new initiatives This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: CISA Execs ‘Hopeful’ for Extension of Cybersecurity Information Sharing Act

Read more →

The Information Commissioner has applied for a civil penalty against Optus following the 2022 data breach that exposed the personal details of 9.5 million Australians This article has been indexed from www.infosecurity-magazine.com Read the original article: Australian Regulator Sues Optus…

Read more →

The judiciary announced stronger protections for its case management system following reports of a major breach of sensitive court documents in multiple states This article has been indexed from www.infosecurity-magazine.com Read the original article: US Federal Judiciary Tightens Security Following…

Read more →

Bouygues Telecom revealed the attackers stole personal data of 6.4 million customers, including contact details, contractual data and international bank account numbers This article has been indexed from www.infosecurity-magazine.com Read the original article: Bouygues Telecom Data Breach Exposes 6.4 Million…

Read more →

The NSA’s CAPT program, launched in 2024 with Horizon3.ai, now benefits 1000 of the 300,000 US Defense Industrial Base companies This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free…

Read more →

A new Microsoft AI agent, named Project Ire, is able to autonomously classify malware at a global scale with a high level of precision This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Microsoft Debuts AI Agent…

Read more →

Microsoft Exchange customers have been urged to apply fixes set out in a hybrid deployment security update published in April This article has been indexed from www.infosecurity-magazine.com Read the original article: New Microsoft Exchange Vulnerability Puts Hybrid Cloud Environments at…

Read more →

Google confirms it was among the victims of an ongoing data theft campaign targeting Salesforce instances, where publicly available business names and contact details were retrieved by the threat actor This article has been indexed from www.infosecurity-magazine.com Read the original…

Read more →

A UK government initiative to tackle Companies House fraud has raised security concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Alarmed by UK Government’s Companies House ID Checks

Read more →

SonicWall has claimed an uptick in Akira ransomware intrusions is due to legacy password use This article has been indexed from www.infosecurity-magazine.com Read the original article: SonicWall: Attacks Linked to Legacy Bug and Password Use

Read more →

Claroty researchers have uncovered four vulnerabilities in a proprietary protocol used by surveillance equipment manufacturer Axis Communications This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Security Researchers Uncover Critical Flaws in Axis CCTV Software

Read more →

According to Infoblox’s new report, the VexTrio cybercrime-enabling network originates from Italy and Eastern Europe This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Researchers Expose Infrastructure Behind Cybercrime Network VexTrio

Read more →

The incident, reported to be ransomware-related, has resulted in attackers stealing sensitive personal and clinical data, including lab test results This article has been indexed from www.infosecurity-magazine.com Read the original article: Clinical Data Stolen in Cyber-Attack on Kidney Dialysis Provider…

Read more →

A Nigerian man accused of hacking, fraud and identity theft has been extradited from France to the US to face charges This article has been indexed from www.infosecurity-magazine.com Read the original article: US Authorities Extradite Nigerian Man Accused of Hacking…

Read more →

GenAI company OpenAI has launched its first-ever open-weight models alongside a red teaming challenge This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: OpenAI Launches Red Teaming Challenge for New Open-Weight LLMs

Read more →

During the pre-Black Hat AI Summit, Sean Morgan, Protect AI’s Chief Architect, highlighted the three most prominent security risks of using AI agents This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Exploring the Top Cyber Threats…

Read more →

Adversaries are prioritizing stealth over scale, according to OPSWAT’s latest Threat Landscape Report This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Malware Complexity Jumps 127% in Six Months

Read more →

Trend Micro has released a temporary fix for the flaws, which enable remote code execution on on-prem Apex One machines This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Are Targeting Critical Apex One Vulnerabilities, Trend Micro…

Read more →

Ransomware actors deploy a range of activities to make it harder for victims to recover and increase the consequences of not paying demands This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Actors Expand Tactics Beyond Encryption…

Read more →

The UK’s National Cyber Security Centre has released the Cyber Assessment Framework 4.0 This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Updates Cyber Assessment Framework to Build UK CNI Resilience

Read more →

Chanel and Pandora have revealed data breaches reportedly linked to attacks on their Salesforce instances This article has been indexed from www.infosecurity-magazine.com Read the original article: Chanel and Pandora Breached as Salesforce Campaign Continues

Read more →

Experts, including Allan Friedman, CISA’s leading voice on SBOMs until July 2025, emphasized that AI BOMs should be standardized before being implemented This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Experts Urge Greater AI Supply Chain…

Read more →

SecAlliance highlighted the evolution in smishing campaigns orchestrated by Chinese syndicates, which exploit digital wallet tokenization This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Smishing Campaigns Compromise up to 115 Million US Payment Cards

Read more →

Critical vulnerabilities in NVIDIA’s Triton Inference Server, discovered by researchers, could allow unauthenticated attackers to gain full server control through remote code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Vulnerabilities Found in NVIDIA’s Triton…

Read more →

IANS found that stagnant budget growth rates have significantly impacted CISOs ability to increase their teams’ headcount This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Teams Hit by Lowest Budget Growth in Five Years

Read more →