Category: www.infosecurity-magazine.com

Cybersecurity leaders should prioritize response and recovery over prevention to effectively navigate the ever-evolving threat landscape, according to Gartner analysts This article has been indexed from www.infosecurity-magazine.com Read the original article: #GartnerSEC: Zero Failure Tolerance, A Cybersecurity Myth Holding Back…

Read more →

A new Europol report argues that AI tools could revolutionize policing across the region This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol: GenAI Offers “Treasure Trove of Possibilities”

Read more →

Pavel Durov says he will share details of “bad actors” and clean up Telegram’s search function This article has been indexed from www.infosecurity-magazine.com Read the original article: Telegram Boss Agrees to Closer Police Cooperation

Read more →

Kryptina, a free Ransomware-as-a-Service tool available on dark web forums, is now being used by Mallox ransomware affiliates This article has been indexed from www.infosecurity-magazine.com Read the original article: Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox

Read more →

The flaws are dangerous as the Houzez theme and Login Register plugin could allow privilege escalation by unauthenticated users This article has been indexed from www.infosecurity-magazine.com Read the original article: Vulnerabilities Found in Popular Houzez Theme and Plugin

Read more →

An overall rise in cyber incidents coming from Russian-aligned adversaries in 2024 was accompanied by a decrease in high and critical-severity incidents This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Cyber-Attacks Home in on Ukraine’s Military…

Read more →

The Information Commissioner’s Office says it’s pleased that LinkedIn has temporarily suspended its generative AI model training This article has been indexed from www.infosecurity-magazine.com Read the original article: LinkedIn Pauses GenAI Training Following ICO Concerns

Read more →

Officers in Germany have shut down 47 cryptocurrency exchanges they accused of facilitating cybercrime This article has been indexed from www.infosecurity-magazine.com Read the original article: German Police Shutter 47 Criminal Crypto Exchanges

Read more →

In its fourth annual report, the US Cyberspace Solarium Commission highlighted the need to focus on securing critical infrastructure and bolstering cyber resilience This article has been indexed from www.infosecurity-magazine.com Read the original article: US Cyberspace Solarium Commission Outlines Ten…

Read more →

A new report by Check Point Software highlights a significant increase in cloud security incidents, largely due to a lack of cybersecurity expertise and employee training This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Skills Gap…

Read more →

The bank giant and Quantinuum trialed the first application of quantum-secure technology for buying and selling tokenized physical gold This article has been indexed from www.infosecurity-magazine.com Read the original article: Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions

Read more →

Infostealer malware and digital identity exposure behind rise in ransomware, researchers find This article has been indexed from www.infosecurity-magazine.com Read the original article: Infostealers Cause Surge in Ransomware Attacks, Just One in Three Recover Data

Read more →

Cyber and law enforcement agencies across the “Five Eyes” countries issue warning about large-scale botnet linked to Chinese firm and Flax Typhoon group This article has been indexed from www.infosecurity-magazine.com Read the original article: Western Agencies Warn Risk from Chinese-Controlled…

Read more →

A Manchester law firm has filed a lawsuit against outsourcing giant Capita, representing nearly 8000 claimants who were affected by a cyber-attack in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: 8000 Claimants Sue Outsourcing Giant…

Read more →

US Schools and libraries have until November 1, 2024 to enrol for a three-year program during which participants will receive discounts on eligible cybersecurity services and equipment This article has been indexed from www.infosecurity-magazine.com Read the original article: FCC $200m…

Read more →

Group-IB claims to have found evidence of a new TeamTNT cryptojacking campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: Cryptojacking Gang TeamTNT Makes a Comeback

Read more →

Thales claims API insecurity and automated bot abuse is costing organizations an estimated $186bn annually This article has been indexed from www.infosecurity-magazine.com Read the original article: Insecure APIs and Bot Attacks Cost Global Firms $186bn

Read more →

Critical infrastructure security undermined by weakness in email protection, researchers warn This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Infrastructure at Risk From Email Security Breaches

Read more →

Attackers use Google Street View images to put pressure on victims of “sextortion” scams This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Street View Images Used For Extortion Scams

Read more →

The suspected creator of Ghost, an encrypted communication platform allegedly used by organized crime groups worldwide, has been arrested This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Taskforce Disrupts Global Criminal Network Through Supply Chain Attack

Read more →

Telco giant AT&T will pay the FCC $13m to resolve a cloud breach investigation This article has been indexed from www.infosecurity-magazine.com Read the original article: AT&T Agrees $13m FCC Settlement Over Cloud Data Breach

Read more →

The US Cybersecurity and Infrastructure Security Agency is trying to eradicate cross-site scripting vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Issues Advice to Help Eliminate XSS Bugs

Read more →

CISA project will align cybersecurity polices across the Federal Civilian Executive Branch of US government This article has been indexed from www.infosecurity-magazine.com Read the original article: US Looks to Align Security Across Government

Read more →

Online gambling site, Sky Betting and Gaming, found to have “unlawfully” processed data through advertising cookies This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Acts Against Sky Betting and Gaming Over Cookies

Read more →

83% of organizations use AI to generate code despite rising concerns from security leaders, found a Venafi survey This article has been indexed from www.infosecurity-magazine.com Read the original article: Most Cyber Leaders Fear AI-Generated Code Will Increase Security Risks

Read more →

The CyberBoost: Catalyse is supported by the Cyber Security Agency of Singapore, the National University of Singapore and UK-based innovation hub Plexal This article has been indexed from www.infosecurity-magazine.com Read the original article: Singapore Launches Accelerator for International Cybersecurity Startups

Read more →

The US Treasury has issued more sanctions against directors of notorious spyware developer Intellexa This article has been indexed from www.infosecurity-magazine.com Read the original article: US Ramps Up Sanctions on Spyware-Maker Intellexa

Read more →

Cohesity claims ransomware attacks are on the rise in the UK, with 59% of breached firms paying their extortionists This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half of Breached UK Firms Pay Ransom

Read more →

A new government report reveals that nearly half of UK businesses lack basic cybersecurity skills, while advanced skills like penetration testing and incident management are even more scarce This article has been indexed from www.infosecurity-magazine.com Read the original article: Half…

Read more →

White House issues new voluntary commitments to combat image-based sexual abuse in AI This article has been indexed from www.infosecurity-magazine.com Read the original article: White House to Tackle AI-Generated Sexual Abuse Images

Read more →

SIM swapping and “adversary-in-the-middle” can bypass security for accounts on X (formerly Twitter) This article has been indexed from www.infosecurity-magazine.com Read the original article: Advanced Phishing Attacks Put X Accounts at Risk

Read more →

Apple filed a motion to drop its lawsuit against NSO Group, fears key elements of its cyber defensive measures could be revealed to other spyware vendors This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple to Drop…

Read more →

Meta has unpaused a project to train AI on Facebook and Instagram posts, despite privacy concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Goes Ahead With Controversial AI Training in UK

Read more →

Under-fire DNA testing firm 23andMe will pay $30m to settle class action lawsuit This article has been indexed from www.infosecurity-magazine.com Read the original article: 23andMe Agrees to $30m Data Breach Settlement

Read more →

Nations participating in the event include the US, Canada, EU countries, India, Japan, Singapore, Ghana and Oman This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Hosts International Cyber Skills Conference

Read more →

An FBI and CISA alert highlighted false claims of breaches of voter registration databases, designed to undermine confidence in US elections This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Actors Spreading False US Voter Registration Breach…

Read more →

Over 600 patients and employees of Lehigh Valley Health Network in Pennsylvania had their medical record photos hacked and posted on the internet This article has been indexed from www.infosecurity-magazine.com Read the original article: Record $65m Settlement for Hacked Patient…

Read more →

Microsoft will introduce new security capabilities for solution providers outside of kernel mode, preventing events like the CrowdStrike global outage This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Vows to Prevent Future CrowdStrike-Like Outages

Read more →

Ireland’s Data Protection Commission launches inquiry into whether Google followed GDPR rules over AI model training This article has been indexed from www.infosecurity-magazine.com Read the original article: Irish Data Protection Regulator to Investigate Google AI

Read more →

TfL has revealed that some customer data was accessed in a recent cyber-attack, potentially including the bank details of 5000 people This article has been indexed from www.infosecurity-magazine.com Read the original article: TfL Confirms Customer Data Breach, 17-Year-Old Suspect Arrested

Read more →

Ransomware gangs are targeting schools and higher education, with victims facing soaring ransom and recovery costs This article has been indexed from www.infosecurity-magazine.com Read the original article: Schools Face Million-Dollar Bills as Ransomware Rises

Read more →

Mastercard aims to strengthen its cybersecurity capabilities by acquiring Recorded Future, a leading provider of threat intelligence This article has been indexed from www.infosecurity-magazine.com Read the original article: Mastercard Acquires Global Threat Intelligence Firm Recorded Future for $2.65bn

Read more →

Lazarus Group has been observed impersonating Capital One staff to lure developers into downloading malware on open source repositories This article has been indexed from www.infosecurity-magazine.com Read the original article: Lazarus Group Targets Developers in Fresh VMConnect Campaign

Read more →

The UK government has classified data centers as critical infrastructure in a move to protect UK data from cyber-attacks and prevent major IT blackouts This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Recognizes Data Centers as…

Read more →

New FBI data reveals BEC scams have cost businesses more than $55bn since 2013 This article has been indexed from www.infosecurity-magazine.com Read the original article: Business Email Compromise Costs $55bn Over a Decade

Read more →

Endor Labs claims security patches can break underlying open source software 75% of the time This article has been indexed from www.infosecurity-magazine.com Read the original article: Open Source Updates Have 75% Chance of Breaking Apps

Read more →

Excessive use of remote access tools is leaving operational technology devices vulnerable, with even basic security features missing This article has been indexed from www.infosecurity-magazine.com Read the original article: Operational Technology Leaves Itself Open to Cyber-Attack

Read more →

As the US presidential election draws near, polling company Gallup acts to block XSS vulnerability This article has been indexed from www.infosecurity-magazine.com Read the original article: Gallup: Pollster Acts to Close Down Security Threat

Read more →

The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) reported a 45% increase in cryptocurrency-related scams in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto Scams Reach New Heights, FBI Reports $5.6bn in Losses

Read more →

ISC2 found that the cybersecurity workforce gap is now at 4.8 million, a 19% increase from 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Workforce Gap Rises by 19% Amid Budget Pressures

Read more →

The Polish Supreme Court has ruled that a parliamentary commission investigating the previous government’s use of the Pegasus spyware was unconstitutional This article has been indexed from www.infosecurity-magazine.com Read the original article: Poland’s Supreme Court Blocks Pegasus Spyware Probe

Read more →

The Information Commissioner’s Office and National Crime Agency have cemented ties with a memorandum of understanding This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s ICO and NCA Sign Memorandum to Boost Reporting and Resilience

Read more →

September’s Patch Tuesday fix-list features scores of CVEs including four zero-day vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Four Actively Exploited Zero-Days

Read more →

Highline Public Schools in Washington State have now been closed for two days following the incident This article has been indexed from www.infosecurity-magazine.com Read the original article: Highline Public Schools Forced to Close By Cyber-Attack

Read more →

TIDRONE group targets military, drone and satellite industries in Taiwan This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Linked Threat Actors Target Taiwan Military Industry

Read more →

The Justice Department has begun the latest round of fraud reimbursement from the Western Union Remission Fund This article has been indexed from www.infosecurity-magazine.com Read the original article: DoJ Distributes $18.5m to Western Union Fraud Victims

Read more →

Researchers have warned that a critical SonicWall vulnerability is being exploited in ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical SonicWall SSLVPN Bug Exploited By Ransomware Actors

Read more →

Increasingly complex regulations are stretching governance and compliance in organizations, warns the IAPP This article has been indexed from www.infosecurity-magazine.com Read the original article: Technology Causes “Digital Entropy” as Firms Struggle With Governance

Read more →

Distributed denial of service attacks continue to increase, with government the most targeted vertical This article has been indexed from www.infosecurity-magazine.com Read the original article: DDoS Attacks Double With Governments Most Targeted

Read more →

A cyber-attack on Slim CD, which handles electronic payments for US and Canadian-based merchants, has potentially exposed the credit card details of 1.7 million people This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber-Attack on Payment Gateway…

Read more →

A North Carolina resident made over $10m in unlawful royalty payments by producing hundreds of thousands of fake songs listened to by bots using AI This article has been indexed from www.infosecurity-magazine.com Read the original article: Man Charged in AI-Generated…

Read more →

Rental hire company Avis has notified 300,000 customers of a data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Car Giant Avis Reveals Breach Impacted 300,000 Customers

Read more →

Transport for London has revealed several digital services are suspended after a cyber-attack last week This article has been indexed from www.infosecurity-magazine.com Read the original article: TfL Admits Some Services Are Down Following Cyber-Attack

Read more →

The secret web of at least 435 entities across 42 countries making up the spyware landscape facilitates unpunished security and human rights violations, the Atlantic Council found This article has been indexed from www.infosecurity-magazine.com Read the original article: Spyware Vendors’…

Read more →

The joint government advisory highlighted the cyber activities of Unit 29155, which has launched destructive cyber-attacks against critical infrastructure globally This article has been indexed from www.infosecurity-magazine.com Read the original article: US and Allies Accuse Russian Military of Destructive Cyber-Attacks

Read more →

Revival Hijack Python Package Index supply chain attack threatens 22,000 packages through malicious downloads This article has been indexed from www.infosecurity-magazine.com Read the original article: PyPI Revival Hijack Puts Thousands of Applications at Risk

Read more →

The first legally binding international treaty on AI was adopted by all 46 Council of Europe member states in May 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Signs Council of Europe AI Convention

Read more →

Despite rising threats researchers find a third of firms see flat or falling security budgets and hiring slows This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Budgets Come Under Pressure as “Hypergrowth” Ends

Read more →

A security flaw exploiting side channel attacks means some Yubikeys can be cloned This article has been indexed from www.infosecurity-magazine.com Read the original article: Researcher Finds Unfixable Yet Tricky to Exploit Flaw in Yubikeys

Read more →

Hackers interested in targeting OnlyFans users have themselves been singled out by an infostealing campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: OnlyFans Hackers Targeted With Infostealer Malware

Read more →

The DoJ says Russia paid a US company $10m to post disinformation that attracted millions of views online This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Blamed For Mass Disinformation Campaign Ahead of US Election

Read more →

The US White House Office of the National Cyber Director proposes improving internet security by protecting the Border Gateway Protocol This article has been indexed from www.infosecurity-magazine.com Read the original article: US Government Set Out to Improve Internet Routing Security

Read more →

US law enforcement is tracking aggressive social engineering attacks against cryptocurrency operations This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korea Targeting Crypto Industry, Says FBI

Read more →

Cisco Talos has assessed that red teaming tool MacroPack is being abused by various threat actors in different geographies to deploy malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Red Teaming Tool Abused for Malware Deployment

Read more →

The US-based facial recognition data company may even have to pay up to €5.1m in penalties for non-compliance This article has been indexed from www.infosecurity-magazine.com Read the original article: Clearview AI Fined €30.5m by Dutch Watchdog Over Illegal Data Collection

Read more →

Cyberint claims that initial access brokers target companies with average revenue of nearly $2bn This article has been indexed from www.infosecurity-magazine.com Read the original article: Initial Access Brokers Target $2bn Revenue Companies

Read more →

UK’s Financial Ombudsman warns fraud and scams hit a record high in Q2 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: APP Fraud Dominates as Scams Hit All-Time High

Read more →

Civil society and journalists’ organizations in Europe ask the EU to take steps to regulate spyware technologies This article has been indexed from www.infosecurity-magazine.com Read the original article: Civil Rights Groups Call For Spyware Controls

Read more →

Researchers say password reset attacks have grown fourfold in the last year and one in four password reset attempts are fraudulent This article has been indexed from www.infosecurity-magazine.com Read the original article: Rapid Growth of Password Reset Attacks Boosts Fraud…

Read more →

Searchlight Cyber observed a 56% rise in active ransomware groups in H1 2024, demonstrating the growing fragmentation of the ransomware landscape This article has been indexed from www.infosecurity-magazine.com Read the original article: Active Ransomware Groups Surge by 56% in 2024

Read more →

A variant of the WikiLoader malware was observed being delivered via SEO poisoning and spoofing Palo Alto Networks’ GlobalProtect VPN software This article has been indexed from www.infosecurity-magazine.com Read the original article: Palo Alto’s GlobalProtect VPN Spoofed to Deliver New…

Read more →

Three British men are facing jail after pleading guilty to running an MFA bypass site dubbed “OTP Agency” This article has been indexed from www.infosecurity-magazine.com Read the original article: Three Plead Guilty to Running MFA Bypass Site

Read more →

London’s transport body, TfL, is playing down the impact of a cybersecurity incident on its services This article has been indexed from www.infosecurity-magazine.com Read the original article: TfL Claims Cyber-Incident is Not Impacting Services

Read more →

Fota Wildlife Park in Co Cork has told visitors to its website to cancel credit and debit cards, following a cyber-attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Irish Wildlife Park Warns Customers to Cancel Credit…

Read more →

Agencies under the #Stopransomware banner publish details of RansomHub group’s tactics, indicators of compromise and essential mitigations This article has been indexed from www.infosecurity-magazine.com Read the original article: US Authorities Issue RansomHub Ransomware Alert

Read more →

The Asian country’s law enforcement suspects the instant messaging app of abetting deepfake sex crimes This article has been indexed from www.infosecurity-magazine.com Read the original article: South Korea Police Investigates Telegram Over Deepfake Porn

Read more →

The US FTC has proposed a $2.95m fine for security camera firm Verkada for alleged security failings that allowed hackers to access customers’ video footage This article has been indexed from www.infosecurity-magazine.com Read the original article: Verkada Facing $3m Penalty…

Read more →

Truesec claims new Cicada3301 ransomware-as-a-service group could have ties to ALPHV/BlackCat and Brutus This article has been indexed from www.infosecurity-magazine.com Read the original article: Cicada3301 Ransomware Group Emerges From the Ashes of ALPHV

Read more →

Proofpoint has uncovered a new cyber-espionage campaign deploying new malware dubbed “Voldemort” This article has been indexed from www.infosecurity-magazine.com Read the original article: Scores of Organizations Hit By Novel Voldemort Malware

Read more →

Forescout highlighted a 43% increase in published vulnerabilities in H1 2024, with attackers targeting flaws in VPNs and network infrastructure for initial access This article has been indexed from www.infosecurity-magazine.com Read the original article: Published Vulnerabilities Surge by 43%

Read more →

In a campaign targeting Mongolian government websites, Russian-backed APT29 leveraged exploits previously used by spyware vendors NSO Group and Intellexa This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Hackers Use Commercial Spyware Exploits to Target Victims

Read more →

North Korean groups exploited npm packages in coordinated attacks, targeting developers and cryptocurrency wallet browser extensions This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Hackers Launch New Wave of npm Package Attacks

Read more →

BlackByte, linked to the Conti group, exploited VMware ESXi CVE-2024-37085 to control virtual machines This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackByte Adopts New Tactics, Targets ESXi Hypervisors

Read more →

Threat actors are exploiting a vulnerability found in CCTV cameras used in critical infrastructure to spread a Mirai malware variant This article has been indexed from www.infosecurity-magazine.com Read the original article: Unpatched CCTV Cameras Exploited to Spread Mirai Variant

Read more →

Chainalysis report reveals a likely increase in new internet scams this year as fraudsters adapt to increasing enforcement efforts This article has been indexed from www.infosecurity-magazine.com Read the original article: Surge in New Scams as Pig Butchering Dominates

Read more →

CISA and the FBI warned that Iranian APT group, Fox Kitten, has helped ransomware groups to attack US organizations since 2017 This article has been indexed from www.infosecurity-magazine.com Read the original article: Iranian Hackers Secretly Aid Ransomware Attacks on US

Read more →

A virtual machine specialist was arrested after a foiled data extortion plot targeting his former employer This article has been indexed from www.infosecurity-magazine.com Read the original article: IT Engineer Charged For Attempting to Extort Former Employer

Read more →

Ransomware attacks on US schools and colleges have surged, with 491 incidents since 2018, affecting over 8000 institutions This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attacks Exposed 6.7 Million Records in US Schools

Read more →

LummaC2, a C-based MaaS tool first identified in 2022, has resurfaced to exfiltrate credentials and personal data This article has been indexed from www.infosecurity-magazine.com Read the original article: LummaC2 Infostealer Resurfaces With Obfuscated PowerShell Tactics

Read more →

The hacking subsidiary of the Iranian Islamic Revolutionary Guard Corps (RGC) has targeted satellite, communications, oil and gas and government sectors in the US and UAE This article has been indexed from www.infosecurity-magazine.com Read the original article: Iran-Backed Peach Sandstorm…

Read more →