Category: www.infosecurity-magazine.com

Mandiant’s latest M-Trends report found that vulnerability exploitation was the most common initial infection vector in 2023, making up 38% of intrusions This article has been indexed from www.infosecurity-magazine.com Read the original article: Vulnerability Exploitation on the Rise as Attacker…

Read more →

Notorious APT44 group Sandworm launched a major campaign against Ukrainian critical infrastructure in March This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites

Read more →

Microsoft has warned of a long-running credential stealing campaign from Russia’s APT28 This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian APT28 Group in New “GooseEgg” Hacking Campaign

Read more →

The scheme was uncovered by Kaspersky and has been operational since November 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraudsters Exploit Telegram’s Popularity For Toncoin Scam

Read more →

The scheme was uncovered by Kaspersky and has been operational since November 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraudsters Exploit Telegram’s Popularity for Toncoin Scam

Read more →

This occurs when a private package fetches a similar public one, leading to exploit due to misconfigurations in package managers This article has been indexed from www.infosecurity-magazine.com Read the original article: Dependency Confusion Vulnerability Found in Apache Project

Read more →

CrushFTP is urging customers to download v11 of its file transfer platform, with attackers actively exploiting a vulnerability that allows them to download system files This article has been indexed from www.infosecurity-magazine.com Read the original article: CrushFTP File Transfer Vulnerability…

Read more →

The new document is the first release from NSA’s Artificial Intelligence Security Center (AISC), in partnership with other government agencies in the US and other Five Eyes countries This article has been indexed from www.infosecurity-magazine.com Read the original article: NSA…

Read more →

The UK’s National Cyber Security Centre will see Richard Horne take over as its new boss in the autumn This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Announces PwC’s Richard Horne as New CEO

Read more →

Non-profit MITRE says a sophisticated state group breached its network via two chained Ivanti zero-days This article has been indexed from www.infosecurity-magazine.com Read the original article: MITRE Reveals Ivanti Breach By Nation State Actor

Read more →

This drop represents a direct threat to US national cybersecurity infrastructure, said CyberSN representatives in their report This article has been indexed from www.infosecurity-magazine.com Read the original article: Alarming Decline in Cybersecurity Job Postings in the US

Read more →

A joint advisory from Europol and US and Dutch government agencies estimated that Akira made around $42m in ransomware proceeds from March 2023 to January 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Akira Ransomware Group…

Read more →

The figures come from Egress’s latest report, which also suggests secure email gateways lag behind tech advancements This article has been indexed from www.infosecurity-magazine.com Read the original article: Quishing Attacks Jump Tenfold, Attachment Payloads Halve

Read more →

Mandiant has confirmed that Sandworm is responsible for many cyber-attacks against Ukraine has close ties with a Russian hacktivist group This article has been indexed from www.infosecurity-magazine.com Read the original article: Russia’s Sandworm Upgraded to APT44 by Google’s Mandiant

Read more →

Zscaler also confirmed MadMxShell uses DLL sideloading and DNS tunneling for C2 communication This article has been indexed from www.infosecurity-magazine.com Read the original article: New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads

Read more →

A US government advisory sets out actions election officials need to take to mitigate the impact of nation-state influence campaigns ahead of the November elections This article has been indexed from www.infosecurity-magazine.com Read the original article: US Election Officials Told…

Read more →

Bridewell report reveals critical infrastructure firms are losing faith in their defensive tooling This article has been indexed from www.infosecurity-magazine.com Read the original article: Trust in Cyber Takes a Knock as CNI Budgets Flatline

Read more →

The Metropolitan Police and partners have disrupted the prolific LabHost phishing-as-a-service platform This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Police Lead Disruption of £1m Phishing-as-a-Service Site LabHost

Read more →

The attacks exploit CVE-2023-22518, a critical flaw in Atlassian Confluence Data Center and Server This article has been indexed from www.infosecurity-magazine.com Read the original article: Linux Cerber Ransomware Variant Exploits Atlassian Servers

Read more →

Proofpoint confirmed Kimsuky has directly contacted foreign policy experts since 2023 through seemingly benign email conversations This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Group Kimsuky Exploits DMARC and Web Beacons

Read more →