Category: www.infosecurity-magazine.com

A man suspected of breaching hundreds of Snowflake accounts has been arrested This article has been indexed from www.infosecurity-magazine.com Read the original article: Snowflake Hacking Suspect Arrested in Canada

Read more →

Interpol claims an international policing operation has shuttered 22,000 IPs connected with cybercrime This article has been indexed from www.infosecurity-magazine.com Read the original article: Global Operation Takes Down 22,000 Malicious IPs

Read more →

ClickFix exploits fake error messages across multiple platforms, such as Google Meet and Zoom This article has been indexed from www.infosecurity-magazine.com Read the original article: ClickFix Exploits Users with Fake Errors and Malicious Code

Read more →

ToxicPanda malware targets banking apps on Android, spreading through Italy, Portugal and Spain This article has been indexed from www.infosecurity-magazine.com Read the original article: ToxicPanda Malware Targets Banking Apps on Android Devices

Read more →

A joint US government advisory warned about increasing foreign influence efforts designed to undermine the legitimacy of the Presidential Election This article has been indexed from www.infosecurity-magazine.com Read the original article: US Voters Urged to Use Official Sources for Election…

Read more →

APT36 evolved its remote access trojan, ElizaRAT, along with introducing a new stealer payload called ApoloStealer This article has been indexed from www.infosecurity-magazine.com Read the original article: Pakistani Hackers Targeted High-Profile Indian Entities using Custom RAT

Read more →

Lloyds Bank has revealed that Oasis fans comprise the vast majority of ticket scam victims it deals with This article has been indexed from www.infosecurity-magazine.com Read the original article: Oasis Fans Losing Up to £1000 Each to Ticket Scammers

Read more →

A Which? report outlines serious privacy concerns with smart device products including air fryers This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Air Fryers May Be Spying on Consumers, Which? Warns

Read more →

The City of Columbus, Ohio, informed the Maine Attorney General’s Office that approximately 55% of its residents were affected by the breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Columbus Ransomware Attack Exposes Data of 500,000…

Read more →

Cybercriminals are exploiting DocuSign APIs to send fake invoices, bypassing security filters and mimicking well-known brands This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Exploit DocuSign APIs to Send Fake Invoices

Read more →

A US district court sentenced a Nigerian man for an elaborate ‘man-in-the-middle’ phishing campaign, which resulted in $12m in losses from real-estate transactions This article has been indexed from www.infosecurity-magazine.com Read the original article: Nigerian Handed 26-Year Sentence for Real…

Read more →

The flaw, an exploitable stack buffer underflow in SQLite, was found by Google’s Big Sleep team using a large language model (LLM) This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Researchers Claim First Vulnerability Found Using…

Read more →

US government agencies said the video, widely shared on social media, is part of Russia’s broader strategy of undermining the integrity of the Presidential Election This article has been indexed from www.infosecurity-magazine.com Read the original article: US Says Russia Behind…

Read more →

Checkmarx has observed a novel npm supply chain attack using Ethereum smart contracts to manage command-and-control (C2) operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Supply Chain Attack Uses Smart Contracts for C2 Ops

Read more →

Several UK council websites are back online after being disrupted by Russian hacktivist DDoS attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Council Sites Recover Following Russian DDoS Blitz

Read more →

Sophos provided details of changing tactics by Chinese APT groups over a five-year period, involving a shift towards stealthy, targeted attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Sophos Warns Chinese Hackers Are Becoming Stealthier

Read more →

Multiple vulnerabilities in Rockwell Automation and Mitsubishi products could allow ICS cyber-attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Warns of Critical Software Vulnerabilities in Industrial Devices

Read more →

US and Israeli government agencies have warned that the Iranian state-sponsored threat actor Cotton Sandstorm is deploying new tradecraft to expand its operations This article has been indexed from www.infosecurity-magazine.com Read the original article: US and Israel Warn of Iranian…

Read more →

New phishing kit Xiu Gou, featuring a unique “doggo” mascot, targets users in US, UK, Spain, Australia and Japan with 2000+ scam websites This article has been indexed from www.infosecurity-magazine.com Read the original article: New Xiu Gou Phishing Kit Targets…

Read more →

Emeraldwhale breach allowed access to over 10,000 repositories and resulted in the theft of more than 15,000 cloud service credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Misconfigured Git Configurations Targeted in Emeraldwhale Attack

Read more →

EMERALDWHALE breach allowed access to over 10,000 repositories and resulted in the theft of more than 15,000 cloud service credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Misconfigured Git Configurations Targeted in EMERALDWHALE Attack

Read more →

A report by the Canadian Centre for Cyber Security described China as the most sophisticated cyber threat to Canada, also identified India as an emerging threat This article has been indexed from www.infosecurity-magazine.com Read the original article: Canadian Government Data…

Read more →

Palo Alto Networks’ Unit 42 has observed the first-ever collaboration between North Korean-backed Jumpy Pisces and Play ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Hackers Collaborate with Play Ransomware

Read more →

Malware-related attacks against global government organizations increased 236% year-on-year in Q1 2024, according to SonicWall This article has been indexed from www.infosecurity-magazine.com Read the original article: Government Sector Suffers 236% Surge in Malware Attacks

Read more →

ITRC data finds 81% of US small businesses have suffered a data or security breach over the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 80% of US Small Businesses Have Been Breached

Read more →

The LiteSpeed Cache vulnerability allows administrator-level access, risking security for over 6 million WordPress sites This article has been indexed from www.infosecurity-magazine.com Read the original article: LiteSpeed Cache Plugin Vulnerability Poses Admin Access Risk

Read more →

The new FakeCall variant uses advanced vishing tactics, featuring Bluetooth for device monitoring This article has been indexed from www.infosecurity-magazine.com Read the original article: Updated FakeCall Malware Targets Mobile Devices with Vishing

Read more →

In a major security update, Apple has fixed dozens of bugs and vulnerabilities across its operating systems and services This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple Rolls Out Major Security Update to Patch macOS and…

Read more →

CISA’s 2025-2026 International Strategic Plan aims to strengthen external partnerships to reduce risks to critical infrastructure relied on in the US This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Launches First International Cybersecurity Plan

Read more →

Comparitech warns that voters could be misled as most local government sites are failing on basic security This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half of US County Websites “Could Be Spoofed”

Read more →

Microsoft has spotted a major spearphishing campaign from the Russian APT29 group using RDP for compromise This article has been indexed from www.infosecurity-magazine.com Read the original article: Midnight Blizzard Spearphishing Campaign Targets Thousands with RDP Files

Read more →

Microsoft has spotted a major spearphishing campaign from the Russian APT29 group using RDP for compromise This article has been indexed from www.infosecurity-magazine.com Read the original article: APT29 Spearphishing Campaign Targets Thousands with RDP Files

Read more →

ThreatFabric researchers have discovered significant updates to the LightSpy spyware, featuring plugins designed to interfere with device functionality This article has been indexed from www.infosecurity-magazine.com Read the original article: New LightSpy Spyware Targets iOS with Enhanced Capabilities

Read more →

The phishing campaign targeted users via texts impersonating Amazon, linked to the threat actor Chenlun This article has been indexed from www.infosecurity-magazine.com Read the original article: Chenlun’s Evolving Phishing Tactics Target Trusted Brands

Read more →

Operation Magnus took down infrastructure used to run the Redline and Meta infostealers, widely used tools in cybercriminal activities This article has been indexed from www.infosecurity-magazine.com Read the original article: Law Enforcement Operation Takes Down Redline and Meta Infostealers

Read more →

A Veeam report found that businesses are prioritizing NIS2 compliance, with 95% of applicable firms diverting funds from other areas of the business This article has been indexed from www.infosecurity-magazine.com Read the original article: NIS2 Compliance Puts Strain on Business…

Read more →

Global Witness uncovered a network of 71 suspicious accounts on X supporting the Azeri government This article has been indexed from www.infosecurity-magazine.com Read the original article: Suspicious Social Media Accounts Deployed Ahead of COP29

Read more →

The UK has joined forces with its Five Eyes peers to offer cybersecurity guidance to startups This article has been indexed from www.infosecurity-magazine.com Read the original article: Five Eyes Agencies Launch Startup Security Initiative

Read more →

The UK’s information commissioner claims most adults in the country have had their personal data exposed or compromised This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO: 55% of UK Adults Have Had Data Lost or Stolen

Read more →

Evasive Panda’s CloudScout uses MgBot to steal session cookies, infiltrating cloud data in Taiwan This article has been indexed from www.infosecurity-magazine.com Read the original article: Evasive Panda’s CloudScout Toolset Targets Taiwan

Read more →

The surge in job scams targets vulnerable individuals, mirroring pig butchering fraud tactics This article has been indexed from www.infosecurity-magazine.com Read the original article: New Type of Job Scam Targets Financially Vulnerable Populations

Read more →

Google researchers have observed Russian threat actor UNC5812 using a malware campaign via Telegram to access the devices of Ukrainian military recruits This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Malware Campaign Targets Ukrainian Recruits Via…

Read more →

Trend Micro’s Zero Day Initiative hands out over $1m in awards for Pwn2Own competitors, who found more than 70 zero-day flaws This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Discover Over 70 Zero-Day Bugs at Pwn2Own…

Read more →

Vipre research reveals that 10% of emails targeting the manufacturing sector are BEC attempts This article has been indexed from www.infosecurity-magazine.com Read the original article: AI-Powered BEC Scams Zero in on Manufacturers

Read more →

Updated figures from the HHS revealed that 100 million patients have been notified that their data was breached in the Change Healthcare ransomware attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Change Healthcare Breach Affects 100…

Read more →

CERT-UA said the phishing campaign lures victims into downloading malware used to exfiltrate files containing sensitive personal data This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukraine Warns of Mass Phishing Campaign Targeting Citizens Data

Read more →

LinkedIn violated the EU’s GDPR in how it processes its users personal data for behavioral purposes This article has been indexed from www.infosecurity-magazine.com Read the original article: Irish Data Protection Watchdog Fines LinkedIn $336m

Read more →

A new ISACA study reveals that pay inequity and a lack of female leadership are significant issues noted by women in the digital trust sector This article has been indexed from www.infosecurity-magazine.com Read the original article: Inequity Challenges Women in…

Read more →

An unidentified threat actor has attempted to develop ransomware targeting macOS devices, posing as LockBit This article has been indexed from www.infosecurity-magazine.com Read the original article: MacOS-Focused Ransomware Attempts Leverage LockBit Brand

Read more →

Lazarus Group exploited Google Chrome zero-day, infecting systems with Manuscrypt malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Lazarus Group Exploits Google Chrome Flaw in New Campaign

Read more →

Penn State will pay $1.25m for failing federal cybersecurity standards in DoD and NASA contracts This article has been indexed from www.infosecurity-magazine.com Read the original article: Penn State Settles for $1.25M Over Cybersecurity Violations

Read more →

The National Security Memorandum on AI sets out actions for the federal government to ensure the safe, secure and trustworthy development of AI This article has been indexed from www.infosecurity-magazine.com Read the original article: White House Issues AI National Security…

Read more →

This high-severity flaw, dubbed FortiJump by security researcher Kevin Beaumont, has been added to CISA’s KEV catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: Fortinet Confirms Exploitation of Critical FortiManager Zero-Day Vulnerability

Read more →

The Data (Use and Access) Bill governs digital verification services and the use of personal data in public services, and will revamp the Information Commissioner’s Office This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Introduces…

Read more →

A new ISACA study has revealed that cybersecurity professionals are often overlooked in the development of AI policies This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Teams Largely Ignored in AI Policy Development

Read more →

On the 10th anniversary since Cyber Essentials was introduced, the UK government has highlighted the impact the scheme has had in preventing attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Urges Organizations to Get…

Read more →

While Internet Archive’s services slowly resume, the data breach reveals the non-profit’s security failures This article has been indexed from www.infosecurity-magazine.com Read the original article: Internet Archive Secures Zendesk Account, Works Toward Full-Service Restoration

Read more →

70% of leaders see cyber knowledge gap; AI attacks are harder to detect, 60% expect more victims This article has been indexed from www.infosecurity-magazine.com Read the original article: 70% of Leaders See Cyber Knowledge Gap in Employees

Read more →

Former UK PM David Cameron called for stronger defenses against Chinese cyber espionage while advocating collaboration with Beijing, coinciding with the BRICS Summit This article has been indexed from www.infosecurity-magazine.com Read the original article: Former British PM Cameron Calls for…

Read more →

The recently discovered Embargo ransomware group is using Rust-based custom tools to overcome victims’ security defenses, ESET researchers have observed This article has been indexed from www.infosecurity-magazine.com Read the original article: Embargo Ransomware Gang Deploys Customized Defense Evasion Tools

Read more →

WarmCookie malware, aka BadSpace, spreads via malspam, malvertising and enables persistent access This article has been indexed from www.infosecurity-magazine.com Read the original article: New Malware WarmCookie Targets Users with Malicious Links

Read more →

The US government has issued guidance for federal agencies on the use of Traffic Light Protocol, designed to boost intelligence sharing with the cybersecurity community This article has been indexed from www.infosecurity-magazine.com Read the original article: US Government Pledges to…

Read more →

While Internet Archive’s services slowly resume, the data breach reveals the non-profit’s security failures This article has been indexed from www.infosecurity-magazine.com Read the original article: Internet Archive Secures Zendesk Account, Works Toward Full-Service Restoration

Read more →

70% of leaders see cyber knowledge gap; AI attacks are harder to detect, 60% expect more victims This article has been indexed from www.infosecurity-magazine.com Read the original article: 70% of Leaders See Cyber Knowledge Gap in Employees

Read more →

Former UK PM David Cameron called for stronger defenses against Chinese cyber espionage while advocating collaboration with Beijing, coinciding with the BRICS Summit This article has been indexed from www.infosecurity-magazine.com Read the original article: Former British PM Cameron Calls for…

Read more →

The recently discovered Embargo ransomware group is using Rust-based custom tools to overcome victims’ security defenses, ESET researchers have observed This article has been indexed from www.infosecurity-magazine.com Read the original article: Embargo Ransomware Gang Deploys Customized Defense Evasion Tools

Read more →

The British Minister for Security Dan Jarvis said at Recorded Future’s Predict 2024 that the new government was considering reforming the 1990 legislation This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Weighs Review of Computer…

Read more →

45% of security breaches in the energy sector in the past year were third-party related, according to a report by Security Scorecard and KPMG This article has been indexed from www.infosecurity-magazine.com Read the original article: US Energy Sector Vulnerable to…

Read more →

Cloud attacks surged in 2024 as attackers exploited cloud resources at unprecedented levels This article has been indexed from www.infosecurity-magazine.com Read the original article: LLMjacking and Open-Source Tool Abuse Surge in 2024 Cloud Attacks

Read more →

Four current and former publicly trading tech companies have agreed to pay civil penalties in relation to the SEC charges This article has been indexed from www.infosecurity-magazine.com Read the original article: SEC Charges Tech Firms Over Misleading SolarWinds Hack Disclosures

Read more →

75% of US Senate campaign sites lack DMARC, risking cybersecurity and email safety This article has been indexed from www.infosecurity-magazine.com Read the original article: 75% of US Senate Campaign Websites Fail to Implement DMARC

Read more →

A phishing attack targeting Transak employees led to a data breach, compromising the information of 92,554 users This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Attack Impacts Over 92,000 Transak Users

Read more →

Meta is testing facial recognition technology to tackle celeb-bait ad scams and enable the recovery of compromised accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta to Fight Celeb-Bait Scams with Facial Recognition

Read more →

RUSI and Chatham House recommended global standards to combat commercial cyber tool abuse This article has been indexed from www.infosecurity-magazine.com Read the original article: Think Tanks Urge Action to Curb Misuse of Spyware and Hack-for-Hire

Read more →

AI tools are being used to launch over half a million cyber-attacks daily on retailers, according to a new report This article has been indexed from www.infosecurity-magazine.com Read the original article: AI-Powered Attacks Flood Retail Websites

Read more →

The cryptographic vulnerabilities were found in Sync, pCloud, Icedrive and Seafile by ETH Zurich This article has been indexed from www.infosecurity-magazine.com Read the original article: Severe Flaws Discovered in Major E2EE Cloud Storage Services

Read more →

A threat actor claimed to get hold of an exposed GitLab configuration file containing Zendesk API access tokens This article has been indexed from www.infosecurity-magazine.com Read the original article: Stolen Access Tokens Lead to New Internet Archive Breach

Read more →

The August ransomware attack stole 50,000+ documents from Nidec, leaked after ransom refusal This article has been indexed from www.infosecurity-magazine.com Read the original article: 50,000 Files Exposed in Nidec Ransomware Attack

Read more →

The malware loader taken down by Europol in May 2024 could be back with a vengeance This article has been indexed from www.infosecurity-magazine.com Read the original article: Netskope Reports Possible Bumblebee Loader Resurgence

Read more →

Businesses in Australia must update their privacy policies with clear and transparent information about their use of AI, said the regulator This article has been indexed from www.infosecurity-magazine.com Read the original article: Australia’s Privacy Watchdog Publishes Guidance on Commercial AI…

Read more →

Long-lived credentials in the cloud put organizations at high risk of breaches, a report from Datadog has found This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Organizations Have Unmanaged Long-Lived Cloud Credentials

Read more →

Internet Archive founder confirmed the allegedly exposed data was “safe” This article has been indexed from www.infosecurity-magazine.com Read the original article: Internet Archive and Wayback Machine Resurrect After DDoS Wave

Read more →

Microsoft urges macOS users to apply a fix for the vulnerability, which it believes may be under active exploitation by the Adload malware family This article has been indexed from www.infosecurity-magazine.com Read the original article: macOS Vulnerability Could Expose User…

Read more →

Instagram has announced new security features to protect users from sextortion scams, including hiding follower lists, preventing screenshots, and launching an awareness campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: Instagram Rolls Out New Sextortion Protection…

Read more →

The Redmond-based firm was the most impersonated brand in the third quarter of 2024, while Alibaba entered the Top 10 for the first time This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Named Most Imitated Brand…

Read more →

US authorities have charged a man for involvement in the SEC X account hack in January 2024, which falsely announced the approval of Bitcoin Exchange Traded Funds This article has been indexed from www.infosecurity-magazine.com Read the original article: US Arrest…

Read more →

Cicada3301 ransomware has targeted critical sectors in US/UK, leaking data from 30 firms in three months This article has been indexed from www.infosecurity-magazine.com Read the original article: Cicada3301 Ransomware Targets Critical Sectors in US and UK

Read more →

US authorities have charged two Sudanese linked to DDoS cybercrime group, Anonymous Sudan, which caused $10m in damages This article has been indexed from www.infosecurity-magazine.com Read the original article: US Charges Anonymous Sudan Members in DDoS Cybercrime Case

Read more →

The ongoing campaign targets multiple critical infrastructure sectors, including healthcare, government, information technology, engineering, and energy This article has been indexed from www.infosecurity-magazine.com Read the original article: Iranian Hackers Target Critical Infrastructure with Brute Force Attacks

Read more →

Secureworks said it had observed a case where a fake North Korean IT contractor exfiltrated proprietary data before issuing a ransom demand to their former employer This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korea Escalates…

Read more →

Symantec data reveals RansomHub claimed more attacks than any other group in Q3 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: RansomHub Overtakes LockBit as Most Prolific Ransomware Group

Read more →

Netskope claims 66% of malware attacks last year were backed by nation states This article has been indexed from www.infosecurity-magazine.com Read the original article: Two-thirds of Attributable Malware Linked to Nation States

Read more →

CISA is asking for feedback on future guidance outlining bad security practices in product development as part of its Secure by Design initiative This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Seeks Feedback on Upcoming Product…

Read more →

NIS2 will be enforced as of October 17, yet many organizations and even EU member states appear completely unprepared for implementation This article has been indexed from www.infosecurity-magazine.com Read the original article: NIS2 Confusion: Concerns Over Readiness as Deadline Reached

Read more →

CISA released the third edition of SBOM guidelines to enhance software component transparency This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Improvements in US Software Supply Chain Transparency

Read more →

A new Bugcrowd study shows 71% of ethical hackers now see AI boosting hacking value, up from 21% in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Ethical Hackers Embrace AI Tools Amid Rising Cyber Threats

Read more →

A surge in phishing emails claiming to be from Starbucks is offering recipients a “free Coffee Lovers Box” in an attempt to steal personal or install malware on devices This article has been indexed from www.infosecurity-magazine.com Read the original article:…

Read more →

New NCSC CEO Dr Richard Horne warned in a speech that there is a widening gap between escalating threats and society’s ability to defend against them This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Threats Escalating…

Read more →

The new set of specifications could enable users to securely move passkeys and all other credentials across providers This article has been indexed from www.infosecurity-magazine.com Read the original article: FIDO Alliance Proposes New Passkey Exchange Standard

Read more →

DigiCert says imminent crypto threat from quantum computing has been over-hyped This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Play Down Significance of Chinese Quantum “Hack”

Read more →