Category: www.infosecurity-magazine.com

KPMG research finds money laundering accounted for the majority of fraud cases heard in the first half of 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Money Laundering Dominates UK Fraud Cases

Read more →

ESET uncovers a South Korean cyber-espionage campaign featuring a zero-day exploit for WPS Office This article has been indexed from www.infosecurity-magazine.com Read the original article: South Korean Spies Exploit WPS Office Zero-Day

Read more →

The flaw in Microsoft 365 Copilot allowed data theft using ASCII smuggling and prompt injection This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft 365 Copilot Vulnerability Exposes User Data Risks

Read more →

The Texas Dow Employees Credit Union told the Maine Attorney General the MOVEit data breach compromised information of over 500,000 members This article has been indexed from www.infosecurity-magazine.com Read the original article: MOVEit Hack Exposed Personal Data of Half Million…

Read more →

A US Justice Department watchdog has found “significant weaknesses” in the FBI’s physical and online media storage and disposal processes This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Flawed Data Handling Raises Security Concerns

Read more →

The Port of Seattle revealed system outages at the city’s airport may have been caused by a cyber-attack, affecting early Labor Day travel This article has been indexed from www.infosecurity-magazine.com Read the original article: Suspected Cyber-Attack Causes Travel Chaos at…

Read more →

The Dutch data protection regulator has imposed a €290m GDPR fine on Uber for storing driver data in the US without adequate safeguards This article has been indexed from www.infosecurity-magazine.com Read the original article: Uber Hit With €290m GDPR Fine

Read more →

AppOmni report claims number of companies suffering SaaS-related data breaches has jumped five percentage points over past year This article has been indexed from www.infosecurity-magazine.com Read the original article: A Third of Organizations Suffer SaaS Data Breaches

Read more →

Greasy Opal is a Czech Republic-based hacking group selling products that can be used for deploying cyber-attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Newly Discovered Group Offers CAPTCHA-Solving Services to Cybercriminals

Read more →

The National Security Agency has published a guide to help organizations defend against APT attacks that leverage living off the land techniques This article has been indexed from www.infosecurity-magazine.com Read the original article: NSA Releases Guide to Combat Living Off…

Read more →

The Chinese cyber espionage group was observed jailbreaking a Cisco switch appliance using a zero-day exploit This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Velvet Ant Uses Cisco Zero-Day to Deploy Custom Malware

Read more →

The US government has filed a lawsuit against Georgia Tech for alleged cybersecurity violations as a Department of Defense contractor This article has been indexed from www.infosecurity-magazine.com Read the original article: Georgia Tech Sued Over Cybersecurity Violations

Read more →

Browser credential harvesting is an unusual activity for a ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: Qilin Caught Red-Handed Stealing Credentials in Google Chrome

Read more →

YouTube’s new AI troubleshooting tool is designed to help users recover and secure their accounts after they’ve been hacked This article has been indexed from www.infosecurity-magazine.com Read the original article: YouTube Launches AI Tool to Recover Hacked Accounts

Read more →

Liverpool fans were the most frequent and highest-value targets for ticket scams last season, losing over £17,000 to fraudsters This article has been indexed from www.infosecurity-magazine.com Read the original article: Liverpool Fans Lose Big in Premier League Ticket Scams

Read more →

Cthulhu Stealer targets macOS, posing a major threat by disguising as legitimate software via DMG files This article has been indexed from www.infosecurity-magazine.com Read the original article: Cthulhu Stealer Malware Targets macOS With Deceptive Tactics

Read more →

The US FAA has proposed new rules for aircraft to address cyber vulnerabilities caused by the increased interconnectivity of critical systems This article has been indexed from www.infosecurity-magazine.com Read the original article: FAA Admits Gaps in Aircraft Cybersecurity Rules: New…

Read more →

The United States bore most of these cyber-threats, with a 46.15% rise in attacks compared to 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 3400 High and Critical Cyber Alerts Recorded in First Half of…

Read more →

FCC charges Lingo Telecom with $1m fine over voice deepfake during the 2024 New Hampshire primary election This article has been indexed from www.infosecurity-magazine.com Read the original article: Company Fined $1m for Fake Joe Biden AI Calls

Read more →

ESET claims new NGate Android malware relays NFC data to steal card details for ATM cash-out This article has been indexed from www.infosecurity-magazine.com Read the original article: Novel Android Malware Steals Card NFC Data For ATM Withdrawals

Read more →

The donation websites of the UK’s seven major political parties are missing critical security features to protect the accounts of donors, according to DataDome This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Flaws in UK Political…

Read more →

Quarklabs researchers claim millions of contactless key cards could be cloned via a backdoor This article has been indexed from www.infosecurity-magazine.com Read the original article: Backdoor in Mifare Smart Cards Could Open Doors Around the World

Read more →

The LiteSpeed Cache flaw may expose millions of WordPress sites to severe security risks This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical LiteSpeed Cache Plugin Flaw Exposes WordPress Sites

Read more →

The MoonPeak RAT as used by UAT-5394 showed a possible connection to North Korean threat Kimsuky This article has been indexed from www.infosecurity-magazine.com Read the original article: New MoonPeak RAT Linked to North Korean Threat Group UAT-5394

Read more →

Oregon Zoo revealed that an unauthorized actor potentially obtained payment card information used in transactions over six months This article has been indexed from www.infosecurity-magazine.com Read the original article: Oregon Zoo Warns Over 100,000 Customers of Payment Card Compromise

Read more →

Australia’s data protection watchdog has decided to stop its investigation into US facial recognition company Clearview AI This article has been indexed from www.infosecurity-magazine.com Read the original article: Australia Calls Off Clearview AI Investigation Despite Lack of Compliance

Read more →

The building, located in Washington, DC, will be the new home of the US Cybersecurity and Infrastructure Security This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA to Get New Headquarters as $524M Contract Awarded

Read more →

Healthcare has been the most targeted sector according to Barracuda analysis of 200 reported ransomware incidents from August 2023 to July 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Healthcare Hit by a Fifth of Ransomware…

Read more →

Malwarebytes report warns security teams to be on high alert for ransomware attacks at night This article has been indexed from www.infosecurity-magazine.com Read the original article: Most Ransomware Attacks Now Happen at Night

Read more →

US chip firm Microchip reveals operational disruption stemming from cyber incident This article has been indexed from www.infosecurity-magazine.com Read the original article: Microchip Technology Says IT Incident Impacted Operations

Read more →

ESET detected a new phishing technique using progressive web applications (PWAs) as part of a large-scale mobile financial scam This article has been indexed from www.infosecurity-magazine.com Read the original article: Novel Phishing Method Used in Android/iOS Financial Fraud Campaigns

Read more →

The Msupedge backdoor communicates with a command-and-control server by using DNS traffic This article has been indexed from www.infosecurity-magazine.com Read the original article: New DNS-Based Backdoor Threat Discovered at Taiwanese University

Read more →

TA453, also known as Charming Kitten, launched a targeted phishing attack using PowerShell malware BlackSmith This article has been indexed from www.infosecurity-magazine.com Read the original article: Iranian Group TA453 Launches Phishing Attacks with BlackSmith

Read more →

Ukraine detected cyber-attacks using malicious emails containing photos of alleged prisoners of war from the Kursk direction This article has been indexed from www.infosecurity-magazine.com Read the original article: Vermin Cyber-Attacks Target Ukraine, Exploiting Kursk Battle

Read more →

The ODNI, FBI and CISA confirmed Iran was behind a reported hack of a Trump campaign website as part of efforts to stoke discord and undermine the US elections This article has been indexed from www.infosecurity-magazine.com Read the original article:…

Read more →

Healthcare organization Jewish Home Lifecare has revealed that a 2024 data breach hit over 100,000 customers This article has been indexed from www.infosecurity-magazine.com Read the original article: Jewish Home Lifecare Notifies 100,000 Victims of Ransomware Breach

Read more →

Former US Representative George Santos pleads guilty to multiple fraud and identity theft charges This article has been indexed from www.infosecurity-magazine.com Read the original article: Former Congressman Santos Admits Identity Theft and Fraud

Read more →

The FBI and CISA said ransomware on local networks may cause delays but won’t impact voting system integrity This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI and CISA Assure Public on Election Ransomware Security

Read more →

Xeon Sender features SMS spam via APIs, Nexmo/Twilio credentials validation and phone number generation This article has been indexed from www.infosecurity-magazine.com Read the original article: New Tool Xeon Sender Enables Large-Scale SMS Spam Attacks

Read more →

Cisco Talos researchers found a flaw in eight Microsoft apps for macOS that could enable library injection attacks, putting sensitive data at risk This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Apps for macOS Exposed to…

Read more →

Cyber insurance claims in the UK have fallen by over a third between 2022 and 2024 as businesses refuse ransom payments This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Resilience Drives Down Cyber Insurance Claims

Read more →

The UK’s National Cyber Security Centre wants prospective auditors to check compliance with its Cyber Assessment Framework This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Opens Cyber Resilience Audit Scheme to Applicants

Read more →

Employees at crypto firm Unicoin couldn’t access Google services for four days during a recent breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Unicoin Staff Locked Out of G-Suite in Mystery Attack

Read more →

Two Congressmen fear that the Chinese government might use TP-Link Wi-Fi routers to deploy hacking and espionage campaigns in the US This article has been indexed from www.infosecurity-magazine.com Read the original article: US Bipartisan Committee Urges Investigation Into Chinese Wi-Fi…

Read more →

Microsoft is mandating MFA for all Azure sign-ins, with customers given 60-day advance notices to start implementation This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Mandates MFA for All Azure Sign-Ins

Read more →

The US data broker did not address the threat actor’s claim that the breach concerns 2.9 billion records This article has been indexed from www.infosecurity-magazine.com Read the original article: Florida-Based National Public Data Confirms Data Breach

Read more →

Radware found that Web DDoS attacks rose by 265% in H1 2024, driven by hacktivist groups amid rising geopolitical tensions This article has been indexed from www.infosecurity-magazine.com Read the original article: Geopolitical Tensions Drive Explosion in DDoS Attacks

Read more →

166 Olympics-related domains displayed signs of DNS abuse like keyword stuffing and typosquatting This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber-criminals Exploited Paris Olympics With Fake Domains

Read more →

Discovered by FortiGuard Labs, the ValleyRAT campaign targets Chinese Windows systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Advanced ValleyRAT Campaign Hits Windows Users in China

Read more →

Citizen Lab attributed the campaign to Coldriver, a notorious FSB subordinate team, and Coldwastrel, a new, Russian-aligned group This article has been indexed from www.infosecurity-magazine.com Read the original article: Russia’s FSB Behind Massive Phishing Espionage Campaign

Read more →

Ransom payments in the first half of 2024 hit $460m, according to Chainalysis This article has been indexed from www.infosecurity-magazine.com Read the original article: Another Record Year For Ransomware Beckons as Crypto Profits Hit $460m

Read more →

Google has highlighted sophisticated spearphishing attacks by Iranian state actor APT42 targeting individuals associated with the US Presidential campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Warns of Iranian Cyber-Attacks on Presidential Campaigns

Read more →

SolarWinds has discovered and fixed a critical remote code execution vulnerability in Web Help Desk This article has been indexed from www.infosecurity-magazine.com Read the original article: SolarWinds Urges Upgrade After Revealing Critical RCE Bug

Read more →

The phishing attack uses infostealer malware to target saved passwords, credit cards & Bitcoin info This article has been indexed from www.infosecurity-magazine.com Read the original article: New Phishing Attack Uses Sophisticated Infostealer Malware

Read more →

Manufacturing firm Orion revealed it has lost $60m in a business email compromise (BEC) scam, which targeted a non-executive employee This article has been indexed from www.infosecurity-magazine.com Read the original article: Manufacturing Firm Loses $60m in BEC Scam

Read more →

CVE-2024-38173 is a medium severity RCE flaw in Microsoft Outlook, similar to CVE-2024-30103 This article has been indexed from www.infosecurity-magazine.com Read the original article: Research Uncovers New Microsoft Outlook Vulnerability

Read more →

Tenable detailed two privilege escalation vulnerabilities in the Azure Health Bot Service, one of which has been rated critical This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Vulnerability Found in Microsoft’s AI Healthcare Chatbot

Read more →

A cyber-attack has hit several boroughs across Greater Manchester, England, leaving thousands of residents vulnerable to a phishing scam This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber-Attack Spreads Phishing Scam Across Greater Manchester Areas

Read more →

The UK’s National Cyber Security Centre wants to test the effectiveness of cyber-deception tactics This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Calls on UK Firms to Join Mass Cyber-Deception Initiative

Read more →

Microsoft’s August Patch Tuesday saw the tech giant address nine zero-day vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Nine Zero-Days on Patch Tuesday

Read more →

In a Monday filing with the ASX, Evolution Mining stated that the incident was contained This article has been indexed from www.infosecurity-magazine.com Read the original article: Gold Mining Firm in Australia Reports Ransomware Breach

Read more →

NIST has formalized three post-quantum cryptographic algorithms, with organizations urged to start the transition to quantum-secure encryption immediately This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Formalizes World’s First Post-Quantum Cryptography Standards

Read more →

The EVIT breach exposed the data of 208,717 individuals, including students, faculty and parents This article has been indexed from www.infosecurity-magazine.com Read the original article: East Valley Institute of Technology Data Breach Exposes Over 200,000 Records

Read more →

CERT-UA has warned that a mass phishing campaign impersonating Ukraine’s Security Services has infected more than 100 government devices This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Campaign Compromises 100+ Ukrainian Government Computers

Read more →

Belarusian national Maksim Silnikau, who was operating under the ‘J.P. Morgan’ moniker, is believed to be one of the world’s most prolific Russian-speaking cybercriminals This article has been indexed from www.infosecurity-magazine.com Read the original article: Prolific Belarusian Cybercriminal Arrested in…

Read more →

South Korea’s People Power Party calls for new legislation after data on spy planes and tanks is hacked by North Korea This article has been indexed from www.infosecurity-magazine.com Read the original article: South Korea Warns Pyongyang Has Stolen Spy Plane…

Read more →

The FBI and other law enforcers claim to have disrupted the Radar/Dispossessor ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Leads Effort to Dismantle Radar/Dispossessor Ransomware

Read more →

The CVE-2024-6768 flaw in the Windows CLFS.sys driver can lead to BSOD This article has been indexed from www.infosecurity-magazine.com Read the original article: Vulnerability in Windows Driver Leads to System Crashes

Read more →

Firms are introducing 300 services monthly, contributing to 32% of high or critical cloud exposures This article has been indexed from www.infosecurity-magazine.com Read the original article: High-Risk Cloud Exposures Surge Due to Rapid Service Growth

Read more →

DARPA awards $14 million to seven teams competing to develop AI systems capable of identifying and patching vulnerabilities in open-source software This article has been indexed from www.infosecurity-magazine.com Read the original article: DARPA Awards $14m to Seven Teams in AI…

Read more →

Many stakeholders said the future UN convention could allow authoritarian countries to stifle political opposition and violate human rights This article has been indexed from www.infosecurity-magazine.com Read the original article: UN Adopts Controversial Cybercrime Treaty

Read more →

Microsoft claims Iran is ramping up election interference activity in the US, as Trump campaign claims it was hacked This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Reveals Iranian US Election Interference Ops

Read more →

Arthur Petrov is accused of exporting US chips for manufacturers supplying weaponry and equipment to the Russian military This article has been indexed from www.infosecurity-magazine.com Read the original article: Man in Dock Accused of Breaking Hi-Tech Export Controls

Read more →

CISA Director Jen Easterly calls on organizations to drive cybersecurity improvements through a ‘Secure by Demand’ approach This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: CISA Encourages Organizations to Adopt a ‘Secure by Demand’ Strategy

Read more →

Leading AI companies have formed the Coalition for Secure AI (CoSAI) to address the growing cybersecurity risks posed by artificial intelligence This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: CoSAI, Combating AI Risks Through Industry Collaboration

Read more →

One primary concern is that the tool might turn ChatGPT users away from the product This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenAI Leadership Split Over In-House AI Watermarking Technology

Read more →

ReliaQuest found that Rclone, WinSCP and cURL were the top three data exfiltration tools utilized by threat actors over the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actors Favor Rclone, WinSCP and cURL…

Read more →

CISA Director Jen Easterly expressed strong confidence in the integrity of US election, despite ongoing cybersecurity threats to democratic processes This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: CISA Director Confident in US Election Security

Read more →

A ransomware tabletop exercise was conducted against a fictious hospital, aiming to educate attendees of how to fight against such threats This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Ransomware Drill Targets Healthcare in Operation 911

Read more →

After months of investigation, the SEC decided not to recommend any enforcement action against software provider Progress regarding the supply chain attack This article has been indexed from www.infosecurity-magazine.com Read the original article: SEC Investigation into Progress MOVEit Hack Ends…

Read more →

The LOTS attack uses trusted sites like Google Drawings and WhatsApp to trick users into sharing data This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Attack Exploits Google, WhatsApp to Steal Data

Read more →

Kimsuky was observed phishing university staff to steal valuable research for North Korea This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korea Kimsuky Launch Phishing Attacks on Universities

Read more →

CISA and FBI report claims the BlackSuit ransomware collective has extracted at least $500m from victims This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackSuit/Royal Ransomware Group Has Demanded $500m

Read more →

Hackers stole $12m in virtual currency from Ronin Network, which has previously suffered a massive $620m heist This article has been indexed from www.infosecurity-magazine.com Read the original article: Ethical Hackers Steal and Return $12m to Ronin Network

Read more →

US cybersecurity officials warn that the recent CrowdStrike outage serves as a stark reminder of potential widespread disruptions from cyber-attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: CrowdStrike Outage Serves as Dress Rehearsal for China-Led…

Read more →

A surge in new ransomware groups is fueling the cybercrime epidemic as financial incentives outweigh risks for attackers, despite law enforcement efforts This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: New Ransomware Groups Emerge Despite Crackdowns

Read more →

The Irish data protection watchdog accuses X Corp’s European subsidiary of breaching GDPR with Grok AI training This article has been indexed from www.infosecurity-magazine.com Read the original article: Ireland’s DPC Takes Twitter to Court Over AI User Data Concerns

Read more →

Microsoft 365’s anti-phishing tip can be hidden via CSS, as shown by Certitude’s Moody and Ettlinger This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft 365 Phishing Alert Can Be Hidden with CSS

Read more →

The CISA guidance prioritizes product security alongside the manufacturer’s enterprise security This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Releases Guide to Enhance Software Security Evaluations

Read more →

Boards need to understand where and why AI is being deployed within their organizations in order to mitigate risks This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: The Board Needs to Understand AI Deployment Risks

Read more →

DARPA’s AI Cyber Challenge is enlisting AI to fight software vulnerabilities, with the healthcare sector closely watching the semi-finals as a potential solution to rising cyber threats This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: DARPA’s…

Read more →

A new study from the Chartered Management Institute finds just half of firms offer regular security training This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Managers Improve Cyber Knowledge but Staff Lack Training

Read more →

The UK’s ICO wants to fine NHS partner Advanced £6m for failures that led to a major ransomware breach This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Prepares £6m Fine for NHS Supplier Advanced

Read more →

Of the 17.8m phishing emails detected, 62% bypassed DMARC checks and 56% evaded all security layers This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: 17.8m Phishing Emails Detected in First Half of 2024

Read more →

Only 0.91% of vulnerabilities of the reported CVEs were weaponized, but represent the most severe risks This article has been indexed from www.infosecurity-magazine.com Read the original article: CVEs Surge 30% in 2024, Only 0.91% Weaponized

Read more →

A new survey reveals that organizations are suffering an average of eight ransomware incidents per year and paying millions in ransom This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Ransom Payments Surge, Organizations Pay Average of…

Read more →

SecurityScorecard claims almost all of the world’s biggest public companies are connected to a supply chain breach This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: 99% of Global 2000 Firms Have Recently Breached Vendors

Read more →

Singapore’s Ministry of Education ordered the removal of Mobile Guardian from students’ Chromebooks and iPads after a cybersecurity breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Mobile Guardian Hack Leads to 13,000 Student Devices Wiped in…

Read more →

The Grand Palais is among French museums hit by ransomware attacks as the Paris 2024 Summer Olympic Games are underway This article has been indexed from www.infosecurity-magazine.com Read the original article: French Museums Hit By Ransomware Attack

Read more →

Interpol claims intervention saved one Singapore firm $42m stolen by scammers This article has been indexed from www.infosecurity-magazine.com Read the original article: Police Recover Over $40m Headed to BEC Scammers

Read more →