Category: www.infosecurity-magazine.com

New government grants for AI safety research are designed to fund work into deepfakes and other cyber risks This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Launches AI Safety Scheme to Tackle Deepfakes

Read more →

Researchers have discovered a new cyber-attack method called ConfusedPilot that can manipulate AI-generated responses by injecting malicious content into documents referenced by AI systems This article has been indexed from www.infosecurity-magazine.com Read the original article: New ConfusedPilot Attack Targets AI…

Read more →

Cyber threats surge ahead of the 2024 election, including phishing, ransomware and Darknet activity This article has been indexed from www.infosecurity-magazine.com Read the original article: Darknet Activity Increases Ahead of 2024 Presidential Vote

Read more →

The service, developed in collaboration with Cloudflare and Accenture, is available for UK schools and most education service providers This article has been indexed from www.infosecurity-magazine.com Read the original article: UK: NCSC Offers Education Organizations Free Cyber Services

Read more →

Most organizations are not prepared for the post-quantum threat, despite the recent publication of NIST’s first three finalized post-quantum encryption standards This article has been indexed from www.infosecurity-magazine.com Read the original article: Most Organizations Unprepared for Post-Quantum Threat

Read more →

Microsoft has observed nation states ramping up cooperation with cybercriminals to conduct operations in the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft: Nation-States Team Up with Cybercriminals for Attacks

Read more →

The sophisticate campaign, ErrorFather, employs keylogging, virtual networks and a domain generation algorithm to target Android users This article has been indexed from www.infosecurity-magazine.com Read the original article: Cerberus Android Banking Trojan Deployed in New Multi-Stage Malicious Campaign

Read more →

Coalition’s new service aims to mitigate the impact of growing UK corporate fraud losses This article has been indexed from www.infosecurity-magazine.com Read the original article: Insurer Aims to “Clawback” BEC Losses After £1.4m Success

Read more →

Zscaler has found more than 200 malicious apps on Google Play with over eight million installs This article has been indexed from www.infosecurity-magazine.com Read the original article: Eight Million Users Install 200+ Malicious Apps from Google Play

Read more →

Online scammers are targeting Booking.com and Airbnb users with Telekopye, a Telegram-based toolkit This article has been indexed from www.infosecurity-magazine.com Read the original article: Telekopye Scammers Target Booking.com and Airbnb Users

Read more →

CISA urged organizations to tackle security risks from unencrypted cookies in F5 BIG-IP LTM systems This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Encryption of Cookies in F5 BIG-IP Systems

Read more →

The US DoD has finalized the Cybersecurity Maturity Model Certification (CMMC) Program, which defense contractors must pass to bid for government contracts This article has been indexed from www.infosecurity-magazine.com Read the original article: US DoD Tightens Cybersecurity Standards for Defense…

Read more →

Personal data of over 2600 employees has been exposed and insider information about the Switch 2 and future Pokémon games leaked This article has been indexed from www.infosecurity-magazine.com Read the original article: Pokémon Developer Game Freak Suffers Data Breach

Read more →

Japanese electronics firm Casio has reported a ransomware attack and data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Casio Confirms Ransomware Outage and Data Breach

Read more →

Sophos claims that a lack of cybersecurity talent is considered a major risk by SMBs This article has been indexed from www.infosecurity-magazine.com Read the original article: Skills Shortages Now a Top-Two Security Risk for SMBs

Read more →

NHS England has issued an alert regarding a critical Veeam Backup & Replication vulnerability that is being actively exploited, potentially leading to remote code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: NHS England Warns of…

Read more →

Access Now announced that the US Customs and Border Protection agency released records on its app following the NGO’s lawsuit This article has been indexed from www.infosecurity-magazine.com Read the original article: US Border Agency Under Fire for App’s Handling of…

Read more →

Russian-backed APT29 has been spying on US and European organizations since at least 2021, a US-UK joint advisory said This article has been indexed from www.infosecurity-magazine.com Read the original article: Russia’s SVR Targets Zimbra, TeamCity Servers for Cyber Espionage

Read more →

A new Sonatype report reveals a 156% surge in open source malware, with over 704,102 malicious packages identified since 2019, as OSS adoption continues to skyrocket This article has been indexed from www.infosecurity-magazine.com Read the original article: Sonatype Reports 156%…

Read more →

Operation MiddleFloor targets Moldova’s October elections, spreading EU disinformation via email This article has been indexed from www.infosecurity-magazine.com Read the original article: Disinformation Campaign Targets Moldova Ahead of EU Referendum

Read more →

The data breach exposed more than 10m customer conversations from an AI call center platform in the Middle East This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 10m Conversations Exposed in AI Call Center Hack

Read more →

The EU’s Cyber Resilience Act requires cybersecurity standards for all connected products throughout their entire lifecycle This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Adopts Cyber Resilience Act for Connected Devices

Read more →

Marriott will pay $52m to 50 US states for a data breach impacting 131.5 million American customers, and has agreed to implement stronger security practices This article has been indexed from www.infosecurity-magazine.com Read the original article: Marriott Agrees $52m Settlement…

Read more →

The non-profit digital library was also hit by at least two DDoS attacks in two days This article has been indexed from www.infosecurity-magazine.com Read the original article: Internet Archive Breached, 31 Million Records Exposed

Read more →

Two former RAC employees have been handed suspended prison sentences for trading in personal data This article has been indexed from www.infosecurity-magazine.com Read the original article: Former RAC Employees Get Suspended Sentence for Data Theft

Read more →

Supply chain victim numbers surge as more than 240 million US residents are impacted by data breaches in Q3 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 240 Million US Breach Victims Recorded in Q3

Read more →

The privacy flaw in Apple’s iPhone mirroring feature enables personal apps on an iPhone to be listed in a company’s software inventory when the feature is used on work computers This article has been indexed from www.infosecurity-magazine.com Read the original…

Read more →

New BeaverTail malware targets tech job seekers via fake recruiters on LinkedIn and X This article has been indexed from www.infosecurity-magazine.com Read the original article: New BeaverTail Malware Targets Job Seekers via Fake Recruiters

Read more →

Barracuda researchers have identified a new wave of QR code phishing attacks that evade traditional security measures and pose a significant threat to email security This article has been indexed from www.infosecurity-magazine.com Read the original article: New Generation of Malicious…

Read more →

The UK government’s Cyber Team Competition offer applicants the chance to receive advanced training, mentorship and networking opportunities This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Launches New Competition to Spur Cybersecurity Careers

Read more →

The Australian government’s Cyber Security Bill 2024 will mandate cybersecurity standards for smart devices and introduce ransomware reporting requirements This article has been indexed from www.infosecurity-magazine.com Read the original article: Australia Introduces First Standalone Cybersecurity Law

Read more →

The Appeals Centre Europe is supported by Meta’s Oversight Board Trust and certified by Ireland’s media regulator This article has been indexed from www.infosecurity-magazine.com Read the original article: New EU Body to Centralize Complaints Against Facebook, TikTok, YouTube

Read more →

Ivanti’s Cloud Services Appliance is being targeted by threat actors exploiting three zero-day bugs This article has been indexed from www.infosecurity-magazine.com Read the original article: Ivanti: Three CSA Zero-Days Are Being Exploited in Attacks

Read more →

October’s Patch Tuesday saw Microsoft patch over 100 CVEs including five zero-day vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Five Zero-Days in October Patch Tuesday

Read more →

American Water, the largest water utility in the US, discovered a cyber-attack impacting internal systems on October 3 This article has been indexed from www.infosecurity-magazine.com Read the original article: American Water Hit by Cyber-Attack, Billing Systems Disrupted

Read more →

American Water, the largest water utility in the US, discovered a cyber-attack impacting internal systems on October 3 This article has been indexed from www.infosecurity-magazine.com Read the original article: American Water Hit by Cyberattack, Billing Systems Disrupted

Read more →

Tenable’s latest report reveals 38% of organizations face risks from a “toxic cloud triad” of security gaps This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloud Security Risks Surge as 38% of Firms Face Exposures

Read more →

Secureworks reports a 30% increase in active ransomware groups despite law enforcement efforts, with 31 new groups emerging in the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: 31 New Ransomware Groups Join the Ecosystem…

Read more →

Iran is targeting the US presidential race, China the congressional races, and Russia both This article has been indexed from www.infosecurity-magazine.com Read the original article: US Warns of Foreign Interference in Congressional Races Ahead of Election

Read more →

A UN report found that organized crime groups in the region have rapidly integrated malware, generative AI and deepfakes to enhance their fraud activities This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Fraud Cost up to…

Read more →

Europol claims its EMPACT operation has revealed dozens of human trafficking victims and suspects This article has been indexed from www.infosecurity-magazine.com Read the original article: Global Police Track Human Traffickers in Online Crackdown

Read more →

MoneyGram has issued a data breach notification to customers following a security incident This article has been indexed from www.infosecurity-magazine.com Read the original article: MoneyGram Reveals Data Breach After Incident Downed Services

Read more →

UMG, a major music corporation, reported a July 2024 data breach affecting 680 US residents This article has been indexed from www.infosecurity-magazine.com Read the original article: Universal Music Group Admits Data Breach

Read more →

GoldenJackal targeted air-gapped government systems from May 2022 to March 2024, ESET found This article has been indexed from www.infosecurity-magazine.com Read the original article: Advanced Threat Group GoldenJackal Exploits Air-Gapped Systems

Read more →

The UK NCSC found that there is a lot of confusion between board members and security leaders of who is responsible for cybersecurity within their organizations This article has been indexed from www.infosecurity-magazine.com Read the original article: Board-CISO Mismatch on…

Read more →

The UK’s ICO said the framework is designed to help businesses build trust and encourage a positive data protection culture This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Releases New Data Protection Audit Framework

Read more →

Risk managers association FERMA has warned that new EU cyber legislation means there is an inconsistent approach to incident reporting requirements This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Urged to Harmonize Incident Reporting Requirements

Read more →

A new O’Reilly survey showed a shortage of AI security skills, while AI-enabled security tools become tech professionals’ top priority for the coming year This article has been indexed from www.infosecurity-magazine.com Read the original article: Tech Professionals Highlight Critical AI…

Read more →

The Chartered Trading Standards Institute is concerned a new cap on fraud reimbursement is too low This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraud Repayment Rules Could Leave Victims Struggling, CTSI Claims

Read more →

The Chartered Trading Standards Institute is concerned a new cap on fraud reimbursement is too low This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraud Repayment Rules Could Leave Victims Struggling – Non-Profit

Read more →

A new scam detection tool from Get Safe Online uses AI to help individuals and small businesses protect themselves This article has been indexed from www.infosecurity-magazine.com Read the original article: Get Safe Online Launches New Scam Detector

Read more →

Infosecurity recently joined an Immersive Labs Cyber Drill to experience how organizations can enhance their preparedness through training and simulations This article has been indexed from www.infosecurity-magazine.com Read the original article: How Confidence Between Teams Impacts Cyber Incident Outcomes

Read more →

Cisco Talos has observed the financially motivated threat actor targeting organizations globally with a MedusaLocker ransomware variant called “BabyLockerKZ” This article has been indexed from www.infosecurity-magazine.com Read the original article: New MedusaLocker Ransomware Variant Deployed by Threat Actor

Read more →

A UK court has fined Sellafield Ltd £332,500 for cybersecurity failings related to the running of the Sellafield nuclear facility This article has been indexed from www.infosecurity-magazine.com Read the original article: Sellafield Fined for Cybersecurity Failures at Nuclear Site

Read more →

The Counter Ransomware Initiative has released new guidance discouraging organizations from making ransomware payments This article has been indexed from www.infosecurity-magazine.com Read the original article: CRI Releases Guidance on Avoiding Ransomware Payments

Read more →

The new LiteSpeed Cache flaw (CVE-2024-47374) allows unauthenticated code injection across more than six million active installations This article has been indexed from www.infosecurity-magazine.com Read the original article: Litespeed Cache Plugin Flaw Allows XSS Attack, Update Now

Read more →

Microsoft and the US government have collectively seized over 100 websites used by Russian nation-state actor Star Blizzard This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft and US Government Disrupt Russian Star Blizzard Operations

Read more →

China-aligned CeranaKeeper discovered targeting Thai govt institutions using cloud services for data exfiltration This article has been indexed from www.infosecurity-magazine.com Read the original article: CeranaKeeper Emerges as New Threat to Thai Government Networks

Read more →

A new report by Red Canary has found that while cybersecurity budgets have risen, many security leaders still feel overwhelmed by the growing threat landscape This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Spending on the…

Read more →

The ICO blamed the Police Service of Northern Ireland for procedural failings that exposed the personal data of 9843 personnel, putting police officers at risk This article has been indexed from www.infosecurity-magazine.com Read the original article: Northern Ireland Police Data…

Read more →

Researchers see an uptick in crypto-doubling investment scams following the first presidential debate This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto-Doubling Scams Surge Following Presidential Debate

Read more →

Egress found that attackers are becoming more adept at bypassing email security, such as using compromised accounts and the use of commodity campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: Email Phishing Attacks Surge as Attackers…

Read more →

Threat group FIN7 is hiding infostealer malware on sites promising AI deepnude downloads This article has been indexed from www.infosecurity-magazine.com Read the original article: FIN7 Gang Hides Malware in AI “Deepnude” Sites

Read more →

The ACSC, in collaboration with CISA and international partners, has released a guide for securing operational technology in critical sectors This article has been indexed from www.infosecurity-magazine.com Read the original article: ACSC and CISA Launch Critical OT Cybersecurity Guidelines

Read more →

North Korean APT Stonefly continues to launch cyber-attacks on US firms despite July indictment This article has been indexed from www.infosecurity-magazine.com Read the original article: Stonefly Group Targets US Firms With New Malware Tools

Read more →

A Black Kite report found that 67% of manufacturing firms have at least one vulnerability from CISA’s Known Exploited Vulnerabilities (KEV) catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: 80% of Manufacturing Firms Have Critical Vulnerabilities

Read more →

Meta has announced a new information-sharing partnership with UK financial institutions to target social media fraud This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Teams Up with Banks to Target Fraudsters

Read more →

Socura finds the percentage of women in cybersecurity positions has fallen seven percentage points since 2021 to 17% This article has been indexed from www.infosecurity-magazine.com Read the original article: Share of Women in UK Cyber Roles Now Just 17%

Read more →

UK hacker Robert Westbrook allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information This article has been indexed from www.infosecurity-magazine.com Read the original article: British Hacker Charged in the US For $3.75m Insider Trading…

Read more →

UMC in Lubbock, Texas, confirmed a ransomware attack last week, disrupting patient care and IT systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attack Forces UMC to Divert Emergency Patients

Read more →

The UK has sanctioned 16 members of the notorious Russian hacking group Evil Corp, exposing their links to the prolific LockBit ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: Evil Corp’s LockBit Ties Exposed in…

Read more →

T-Mobile will pay $15.75m to the US Treasury for multiple data breaches in 2021, 2022 and 2023 and has agreed to invest in improved cybersecurity defenses This article has been indexed from www.infosecurity-magazine.com Read the original article: T-Mobile to Pay…

Read more →

New Santander research claims 10 million UK consumers have suffered fraud since 2021, costing the economy £16bn This article has been indexed from www.infosecurity-magazine.com Read the original article: Ten Million Brits Hit By Fraud in Just Three Years

Read more →

New ISACA research reveals most cybersecurity teams are suffering from staffing and funding shortages This article has been indexed from www.infosecurity-magazine.com Read the original article: ISACA: European Security Teams Are Understaffed and Underfunded

Read more →

The vulnerability, discovered by Wiz researchers, affects both cloud-based and on-premises AI applications using the toolkit This article has been indexed from www.infosecurity-magazine.com Read the original article: NVIDIA Container Toolkit Vulnerability Exposes AI Systems to Risk

Read more →

The newly identified vulnerabilities exploit improper input validation when managing printer requests over the network This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical RCE Vulnerabilities Found in Common Unix Printing System

Read more →

A Deloitte and NASCIO survey found that a third of state CISOs do not have a dedicated cybersecurity budget This article has been indexed from www.infosecurity-magazine.com Read the original article: US State CISOs Struggling with Insufficient Cybersecurity Funding

Read more →

A survey by Ofqual found that 20% of English schools and colleges were unable to immediately recover after being hit by a cyber incident This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber-Attacks Hit Over a Third…

Read more →

PwC claims fewer than 50% of businesses involve their CISOs in strategic planning on cyber This article has been indexed from www.infosecurity-magazine.com Read the original article: PwC Urges Boards to Give CISOs a Seat at the Table

Read more →

Security agencies from the UK and US are urging individuals with Middle East links to beware of Iranian spear phishing attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: UK and US Warn of Growing Iranian Spear…

Read more →

Ireland’s Data Protection Commission fines Meta Platforms €91 million for mishandling user passwords and GDPR violations This article has been indexed from www.infosecurity-magazine.com Read the original article: Ireland’s DPC Hits Meta with €91 Million Penalty for GDPR Violation

Read more →

The US, UK, EU and other global partners have called for a global approach to strengthening the security of global communications and data This article has been indexed from www.infosecurity-magazine.com Read the original article: Governments Urge Improved Security and Resilience…

Read more →

The US has sanctioned Cryptex, PM2BTC and a Russian national for processing hundreds of millions of dollars derived from cybercrime This article has been indexed from www.infosecurity-magazine.com Read the original article: US Sanctions Crypto Exchanges for Facilitating Russian Cybercrime

Read more →

The suspect is an employee of Global Reach Technology, which provides some Wi-Fi services to Network Rail This article has been indexed from www.infosecurity-magazine.com Read the original article: Man Arrested Over UK Railway Station Wi-Fi Hack

Read more →

Russian cyber-attacks on Ukrainian servicemen underscore the escalating use of digital warfare tactics in the ongoing conflict This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Hackers Target Ukrainian Servicemen via Messaging Apps

Read more →

The data leak exposed personal data of 100m US citizens, resulting from a misconfigured database made accessible online This article has been indexed from www.infosecurity-magazine.com Read the original article: Data Breach at MC2 Data Leaves 100 Million at Risk of…

Read more →

A CybSafe survey found that 52% of workers have not yet received any training on safe AI use This article has been indexed from www.infosecurity-magazine.com Read the original article: Over a Third of Employees Secretly Sharing Work Info with AI

Read more →

The institute no longer requires regular password changes unless the authenticator has been compromised This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Scraps Passwords Complexity and Mandatory Changes in New Guidelines

Read more →

Researchers discover mobile crypto drainer malware hidden in WalletConnect app garnering 10,000 downloads This article has been indexed from www.infosecurity-magazine.com Read the original article: First Mobile Crypto Drainer Found on Google Play

Read more →

Bitdefender is warning League of Legends fans not to fall for a phishing campaign designed to spread Lumma Stealer malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Ads Hide Infostealer in League of Legends ‘Download’

Read more →

82% of all phishing sites target mobile devices, with 76% using HTTPS to appear secure This article has been indexed from www.infosecurity-magazine.com Read the original article: 82% of Phishing Sites Now Target Mobile Devices

Read more →

House GOP unveiled a bill to combat Chinese cyber threats to US infrastructure, led by CISA and FBI This article has been indexed from www.infosecurity-magazine.com Read the original article: US House Bill Addresses Growing Threat of Chinese Cyber Actors

Read more →

Some 3191 email addresses for congressional staff are available on the dark web This article has been indexed from www.infosecurity-magazine.com Read the original article: Thousands of US Congress Emails Exposed to Takeover

Read more →

Adam Meyers, CrowdStrike VP for counter-adversary operations, appeared before a US congressional committee to answer questions about its July faulty software update This article has been indexed from www.infosecurity-magazine.com Read the original article: CrowdStrike Apologizes for IT Outage, Defends Microsoft…

Read more →

CISA adds critical Ivanti bug to its Known Exploited Vulnerabilities catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Ivanti Authentication Bypass Bug Exploited in Wild

Read more →

Arkansas City’s water treatment facility faced a cyber incident on Sunday and has since switched to manual operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Incident Affects Arkansas City Water Treatment Facility

Read more →

Cybercriminals are increasingly prioritizing script-based phishing techniques over one based on traditional malicious documents This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actors Shift to JavaScript-Based Phishing Attacks

Read more →

Cybercriminals have been observed disguising Octo2 as legitimate apps like Google Chrome and NordVPN This article has been indexed from www.infosecurity-magazine.com Read the original article: New Octo2 Malware Variant Threatens Mobile Banking Security

Read more →

SonicWall found that data breaches caused by malware attacks on US healthcare organizations have affected 14 million people so far in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: 14 Million Patients Impacted by US Healthcare…

Read more →

The US Commerce Department wants to prohibit the sale or import of connected vehicles with Russian or Chinese-made hardware and software This article has been indexed from www.infosecurity-magazine.com Read the original article: US Mulls Ban on Russian, Chinese Parts in…

Read more →