Category: www.infosecurity-magazine.com

The malware issues commands via a hardcoded charcode table and Microsoft COM object interfaces This article has been indexed from www.infosecurity-magazine.com Read the original article: New APT CloudSorcerer Malware Hits Russian Targets

Read more →

Trend Micro said the trojan has been observed masquerading as communications from tax agencies This article has been indexed from www.infosecurity-magazine.com Read the original article: Mekotio Trojan Targets Latin American Banking Credentials

Read more →

Cisco has told customers that 42 of its products are impacted by the OpenSSH regreSSHion vulnerability, with a further 51 products being investigated This article has been indexed from www.infosecurity-magazine.com Read the original article: Cisco Warns regreSSHion Vulnerability Impacts Multiple…

Read more →

The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens This article has been indexed from www.infosecurity-magazine.com Read the original article: Russia Blocks VPN Services in Information Crackdown

Read more →

Higher average token prices are the likely cause of the surge rather than a change in the crypto threat landscape This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto Thefts Double to $1.4 Billion, TRM Labs Finds

Read more →

A Cybernews investigation found that nearly 10 billion unique passwords have been posted on a popular hacking forum, putting users worldwide at risk of account compromises This article has been indexed from www.infosecurity-magazine.com Read the original article: 10 Billion Passwords…

Read more →

The Lithuanian data protection authority has imposed a fine of almost $2.5m on second-hand specialist Vinted for breaching GDPR This article has been indexed from www.infosecurity-magazine.com Read the original article: Vinted Fined €2.3m Over Data Protection Failure

Read more →

The EU’s Digital Europe Programme (DEP) will provide over €210m in funding for cybersecurity and digital skills projects This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Opens Applications for Cybersecurity and Digital Skills Funding

Read more →

Law Enforcement Agencies can’t intercept communications without an agreement disabling PET in home routing This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Warns of Home Routing Challenges For Lawful Interception

Read more →

The action comes in response to concerns over the company’s updated privacy policy This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Faces Suspension of AI Data Training in Brazil

Read more →

Certik observed the loss of $1.1bn worth of cryptocurrency across Web3 platforms in the first half of 2024, with phishing the most common vector This article has been indexed from www.infosecurity-magazine.com Read the original article: Over $1bn in Cryptocurrency Lost…

Read more →

Roll20 confirmed its administrative website account was accessed by a “bad actor,” leaving its users’ personal information exposed This article has been indexed from www.infosecurity-magazine.com Read the original article: Gamers’ Data Exposed in RPG Platform Roll20 Breach

Read more →

Researchers claim the Volcano Demon ransomware group personally phone victims to pressure them into paying This article has been indexed from www.infosecurity-magazine.com Read the original article: New Ransomware Group Phones Execs to Extort Payment

Read more →

Global law enforcers have share intelligence leading to the takedown of hundreds of IP addresses hosting Cobalt Strike This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s NCA Leads Major Cobalt Strike Takedown

Read more →

The attack exploits the polyfill.io domain, which was recently acquired by Funnull, a China-based entity This article has been indexed from www.infosecurity-magazine.com Read the original article: WordPress Plugins at Risk From Polyfill Library Compromise

Read more →

The vulnerabilities stem from manipulable custom classes in PanelView Plus This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Uncovers Major Flaws in Rockwell PanelView Plus

Read more →

Orange Cyberdefense’s latest Cy-Xplorer report shows a 77% rise in cyber extortion, with SMBs impacted 4.2 times more often than large enterprises This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Extortion Soars: SMBs Hit Four Times…

Read more →

A ThinkCyber survey conducted at Infosecurity Europe 2024 found that half of employees are afraid of reporting security mistakes This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Employees Fear Punishment for Reporting Security Mistakes

Read more →

Payments professionals have highlighted authorized push payment (APP) fraud as the top threat facing businesses and consumers This article has been indexed from www.infosecurity-magazine.com Read the original article: APP Fraud Singled Out as Biggest Financial Crime Threat

Read more →

A new report reveals the hidden mental health toll of ransomware attacks on victims, urging a focus on well-being alongside data and system recovery This article has been indexed from www.infosecurity-magazine.com Read the original article: New RUSI Report Exposes Psychological…

Read more →

Police have arrested 54 suspected members of a vishing group who stole the life savings of scores of victims This article has been indexed from www.infosecurity-magazine.com Read the original article: Dozens of Arrests Disrupt €2.5m Vishing Gang

Read more →

Proofpoint highlighted how smishing, impersonation and spam are eroding trust in mobile messaging This article has been indexed from www.infosecurity-magazine.com Read the original article: Mobile Political Spam Surges Threefold For 2024 Election

Read more →

The move follows a series of reported compliance failures and lack of progress in addressing publicly disclosed incidents This article has been indexed from www.infosecurity-magazine.com Read the original article: Chrome Update Will Block Entrust Certificates by November 2024

Read more →

Comparitech calculated that the average ransom demand was over $5.2m in the first six months of 2024, with 421 confirmed incidents during this period This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attack Demands Reach a…

Read more →

The former CEO and COO of a health startup will spend years in jail after conducting a large-scale fraud scheme This article has been indexed from www.infosecurity-magazine.com Read the original article: Health Tech Execs Get Jail Time For $1bn Fraud…

Read more →

Cisco has patched a zero-day vulnerability exploited by a Chinese APT group to compromise Nexus switches This article has been indexed from www.infosecurity-magazine.com Read the original article: Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group

Read more →

The EU Commission said Meta’s pay or consent model means users cannot freely consent to their personal data being collected for advertising purposes This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta’s ‘Pay or Consent’ Data Model…

Read more →

A newly discovered RCE vulnerability, which can lead to full system compromise, has put over 14 million OpenSSH server instances are potentially at risk, according to Qualys This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical OpenSSH…

Read more →

Evil twin Wi-Fi access points mimicked legitimate networks to capture personal data from unsuspecting victims who mistakenly connected to them This article has been indexed from www.infosecurity-magazine.com Read the original article: Australian Police Arrest Suspect in Fake Wi-Fi Scam Targeting…

Read more →

Insurance broker Howden says premiums are falling as security best practice takes hold This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber-Insurance Premiums Decline as Firms Build Resilience

Read more →

Outsourcer Infosys McCamish Systems has revealed millions of victims were impacted by a ransomware attack last year This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Six Million Hit by Ransomware Breach at Infosys McCamish Systems

Read more →

Remote software provider TeamViewer has revealed it has been hit by a cyber-attack that it attributes to Russian state actor Midnight Blizzard This article has been indexed from www.infosecurity-magazine.com Read the original article: TeamViewer Cyber-Attack Attributed to Russian APT Midnight…

Read more →

From an average of one cybersecurity expert for 1285 employees in 2023, large organizations now have one for every 1086 employees, according to Wavestone This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Workforce Grows 15% at…

Read more →

Google warned of high levels of activity from Chinese influence operator Dragon Bridge, which is increasingly experimenting with generative AI tools to create content This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Thwarts Over 10,000 Attempts…

Read more →

The data from Bugcrowd also reveals 40% of them think most firms don’t understand breach risks This article has been indexed from www.infosecurity-magazine.com Read the original article: CISOs Reveal Firms Prioritize Savings Over Long-Term Security

Read more →

The operation, orchestrated by Interpol, resulted in the arrest of 3950 suspects This article has been indexed from www.infosecurity-magazine.com Read the original article: Operation First Light Seizes $257m in Global Scam Bust

Read more →

A CISA analysis in collaboration with international partners concluded most critical open source projects potentially contain memory safety vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Majority of Critical Open Source Projects Contain Memory Unsafe Code

Read more →

The US government is offering up to $10m for information on Amin Timovich Stigal’s location or his malicious cyber activity This article has been indexed from www.infosecurity-magazine.com Read the original article: US Charges Russian Individual for Pre-Invasion Ukraine Hack

Read more →

Corelight study claims many IT leaders see benefit of GenAI but similar share are concerned about data exposure This article has been indexed from www.infosecurity-magazine.com Read the original article: IT Leaders Split on Using GenAI For Cybersecurity

Read more →

A new report warns that Chinese APT groups are using ransomware to conceal cyber-espionage activity This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese State Actors Use Ransomware to Conceal Real Intent

Read more →

Two authentication bypass vulnerabilities affect Progress Software’s MOVEit Transfer SFTP service in a default configuration and MOVEit Gateway This article has been indexed from www.infosecurity-magazine.com Read the original article: Progress Discloses Two New Vulnerabilities in MOVEit Products

Read more →

A novel malware strain, Snowblind, bypasses security measures in banking apps on Android, leading to financial losses and fraud, according to Promon This article has been indexed from www.infosecurity-magazine.com Read the original article: Novel Banking Malware Targets Customers in Southeast…

Read more →

A growing number of malware operators have turned to cloud-based command and control servers to deploy malicious campaigns, Fortinet researchers found This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Attackers Turn to Cloud Services to Deploy…

Read more →

Identity-related crimes declined 16% annually in 2023 with the majority related to compromised credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Identity Crime Reports Drop 16% Annually but Job Scams Surge

Read more →

The FBI has urged cryptocurrency scam victims to be on the alert for fraudsters posing as lawyers This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Law Firms Con Victims of Crypto Scams, Warns FBI

Read more →

Cleafy identified five different botnets operated by affiliates, each targeting different geographical areas This article has been indexed from www.infosecurity-magazine.com Read the original article: New Medusa Trojan Variant Emerges with Enhanced Stealth Features

Read more →

According to Resecurity, a significant portion of the stolen data was found on the XSS underground forum This article has been indexed from www.infosecurity-magazine.com Read the original article: Dark Web Sees 230% Rise in Singapore Identity Theft

Read more →

A Thales report found that 44% of organizations have experienced a cloud data breach, with human error and misconfigurations the leading root causes This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloud Breaches Impact Nearly Half of…

Read more →

The framework aims to improve automated vulnerability discovery approaches This article has been indexed from www.infosecurity-magazine.com Read the original article: Google’s Naptime Framework to Boost Vulnerability Research with AI

Read more →

CoinStats has revealed a likely state-sponsored attack impacting over 1500 users This article has been indexed from www.infosecurity-magazine.com Read the original article: Suspected North Korean Attack Drains $2m from CoinStats Wallets

Read more →

Levi’s reveals major credential stuffing attack impacting over 72,000 customer accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Credential Stuffing Attack Hits 72,000 Levi’s Accounts

Read more →

The group has been observed exploiting vulnerabilities through SQL injection attacks since 2022 This article has been indexed from www.infosecurity-magazine.com Read the original article: Modular Malware Boolka’s BMANAGER Trojan Exposed

Read more →

An earlier publication by Check Point Research had already linked Rafel to the APT-C-35/DoNot Team This article has been indexed from www.infosecurity-magazine.com Read the original article: Android Users Warned of Rising Malware Threat From Rafel RAT

Read more →

The likely Chinese state-sponsored group ran espionage campaigns against Taiwan’s government, academia and diplomacy from Fuzhou, China This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Based RedJuliett Targets Taiwan in Cyber Espionage Campaign

Read more →

Polish prosecutors investigating a massive political spying operation have seized Pegasus from a government agency This article has been indexed from www.infosecurity-magazine.com Read the original article: Polish Prosecutors Step Up Probe into Pegasus Spyware Operation

Read more →

UK’s most hazardous nuclear site, Sellafield, has admitted criminal charges related to IT security failings This article has been indexed from www.infosecurity-magazine.com Read the original article: Sellafield Pleads Guilty to Historic Cybersecurity Offenses

Read more →

CISA has informed chemical facilities that its Chemical Security Assessment Tool (CSAT) was infiltrated by a malicious actor, and potentially exfiltrated sensitive data This article has been indexed from www.infosecurity-magazine.com Read the original article: Chemical Facilities Warned of Possible Data…

Read more →

Kaspersky “poses an undue or unacceptable risk to national security,” according to the US Commerce Department’s Bureau of Industry and Security This article has been indexed from www.infosecurity-magazine.com Read the original article: US Bans Kaspersky Over Alleged Kremlin Links

Read more →

Ransomware group Qilin has reportedly published nearly 400GB of data stolen following the attack on NHS provider Synnovis in early June This article has been indexed from www.infosecurity-magazine.com Read the original article: Synnovis Attackers Publish NHS Patient Data Online

Read more →

The LockBit ransomware group returned the fold to launch 176 attacks in May 2024 following a law enforcement takedown, NCC Group found This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Most Prominent Ransomware Actor in May…

Read more →

The French cybersecurity agency has warned that Russian-aligned threat actor has been targeting public organizations for years This article has been indexed from www.infosecurity-magazine.com Read the original article: French Diplomatic Entities Targeted by Russian-Aligned Nobelium

Read more →

A cryptocurrency exchange claims to have been extorted after ‘researchers’ exploited a vulnerability to steal millions This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto Firm Kraken Calls the Cops After Researchers Attempt “Extortion”

Read more →

Notorious threat actor IntelBroker is claiming to have stolen data from Apple and AMD This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actor Claims AMD and Apple Breaches

Read more →

Cyber threat intelligence provider Cyble observed a new malicious QR code phishing campaign targeting Chinese citizens This article has been indexed from www.infosecurity-magazine.com Read the original article: Quishing Campaign Targets Chinese Citizens via Fake Official Documents

Read more →

The G7 nations agree to develop a cybersecurity framework for key technologies used to operate electricity, oil and natural gas systems This article has been indexed from www.infosecurity-magazine.com Read the original article: G7 to Develop Cybersecurity Framework for Energy Sector

Read more →

Hack The Box research claims employee burnout could be costing hundreds of millions in lost productivity This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Burnout Costing Firms $700m+ Annually

Read more →

The Chartered Institute of Information Security has issued a new guide to help firms recruit more talent This article has been indexed from www.infosecurity-magazine.com Read the original article: CIISec Urges Employers to Target Young Talent in Gaming Centers

Read more →

A Barracuda report found that 92% of organizations experienced an average of six credential compromises caused by email-based social engineering attacks in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: 92% of Organizations Hit by Credential…

Read more →

Recorded Future has found that Vortax, a purported virtual meeting software, is actually malicious software spreading three information stealers This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Meeting Software Spreads macOS Infostealer

Read more →

VMware has disclosed critical vulnerabilities impacting its VMware vSphere and VMware Cloud Foundation products, with patches available for customers This article has been indexed from www.infosecurity-magazine.com Read the original article: VMware Discloses Critical Vulnerabilities, Urges Immediate Remediation

Read more →

Salt Security study finds 23% of organizations suffered a breach via production APIs in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Quarter of Firms Suffer an API-Related Breach

Read more →

Action1 reveals cybercriminals are increasingly targeting NGINX and Citrix load balancers This article has been indexed from www.infosecurity-magazine.com Read the original article: Report Reveals Record Exploitation Rate For Load Balancers

Read more →

Los Angeles County Department of Public Health revealed a data breach impacting more than 200,000 individuals, with personal, medical and financial data potentially stolen This article has been indexed from www.infosecurity-magazine.com Read the original article: Los Angeles Public Health Department…

Read more →

Researchers from the Rochester Institute of Technology introduced a benchmark designed to assess large language models’ performance in cyber threat intelligence applications This article has been indexed from www.infosecurity-magazine.com Read the original article: Academics Develop Testing Benchmark for LLMs in…

Read more →

Meta has delayed plans to train its LLMs using public content shared by adults on Facebook and Instagram following a request by Ireland’s data protection regulator This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Pauses European…

Read more →

New report reveals China’s attempts to access leading AI research for military purposes This article has been indexed from www.infosecurity-magazine.com Read the original article: China Attempted Covert Military Drone Tie-Up With UK University – Report

Read more →

Ransomware attack on an NHS supplier forced the health service to rearrange 1000+ operations and appointments This article has been indexed from www.infosecurity-magazine.com Read the original article: London Ransomware Attack Led to 1500 Cancelled Appointments and Operations

Read more →

Governments should “police the content rather than the technology used to create it,” Matthew Feeney from the Centre for Policy Studies argued in a new paper This article has been indexed from www.infosecurity-magazine.com Read the original article: UK General Election:…

Read more →

Microsoft President Brad Smith told US Congress that the tech giant accepts responsibility for security failings regarding the 2023 China hack This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Admits Security Failings Allowed China to Access…

Read more →

Healthcare firm Ascension said that ransomware attackers gained access to its systems after an employee accidently downloaded a malicious file This article has been indexed from www.infosecurity-magazine.com Read the original article: Ascension Attack Caused by Employee Downloading Malicious File

Read more →

ESET detected five cyber espionage campaigns targeting Android users with trojanized apps deploying ‘AridSpy’ spyware This article has been indexed from www.infosecurity-magazine.com Read the original article: Arid Viper Hackers Spy in Egypt and Palestine Using Android Spyware

Read more →

A series of vulnerabilities could enable an attacker to bypass the Chinese manufacturer’s biometric access systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Kaspersky Finds 24 Flaws in Chinese Biometric Hardware Provider

Read more →

Insurance firm Marsh received over 1800 cyber claim reports from clients in the US and Canada in 2023, higher than any other year This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Insurance Claims Hit Record High…

Read more →

Ukrainian police appear to have arrested a cryptor specialist with links to major ransomware groups This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukrainian Cyber Police Identify Suspected LockBit and Conti Member

Read more →

The US Cybersecurity and Infrastructure Security Agency has observed an uptick in vishing scams This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Warns Phone Scammers Are Impersonating its Staff

Read more →

In a new report, WithSecure found that higher severity vulnerabilities in edge services and infrastructure devices are rising fast This article has been indexed from www.infosecurity-magazine.com Read the original article: WithSecure Reveals Mass Exploitation of Edge Software and Infrastructure Appliances

Read more →

GuidePoint has assessed with high confidence that the notorious Scattered Spider group has become an affiliate of RaaS operator RansomHub This article has been indexed from www.infosecurity-magazine.com Read the original article: Scattered Spider Now Affiliated with RansomHub Following BlackCat Exit

Read more →

Bitdefender found that 70% of cybersecurity professionals often have to work weekends to address security concerns at their organization This article has been indexed from www.infosecurity-magazine.com Read the original article: 70% of Cybersecurity Pros Often Work Weekends, 64% Looking for…

Read more →

The ELF backdoor, initially thought to be a variant of existing malware, has a Windows and a Linux version This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers Leveraging ‘Noodle RAT’ Backdoor

Read more →

June Patch Tuesday sees Microsoft fix over 50 bugs, including one already publicly disclosed This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Patches One Critical and One Zero-Day Vulnerability

Read more →

Dutch authorities reveal that a cyber-espionage campaign using novel “Coathanger” malware was much more extensive than first thought This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese FortiGate Espionage Campaign Snares 20,000+ Victims

Read more →

Phishing campaigns targeting European organizations rose by a staggering 112% between 2023 and 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Attacks Targeting US and European Organizations Double

Read more →

Mandiant warns that a financially-motivated threat actor stole a significant volume of customer data from Snowflake, and is extorting many of the victims This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actor Breaches Snowflake Customers, Victims…

Read more →

Two individuals are believed to have used a homemade mobile antenna to send thousands of SMS phishing messages This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Police Arrest Two People for Smishing via Fake Cell Tower

Read more →

Chip giants NVIDIA and Arm have released details of new vulnerabilities including a zero-day bug This article has been indexed from www.infosecurity-magazine.com Read the original article: NVIDIA and Arm Urge Customers to Patch Bugs

Read more →

The ICO and OPC have launched a joint investigation into an October 2023 breach at 23andMe This article has been indexed from www.infosecurity-magazine.com Read the original article: UK and Canadian Privacy Regulators Investigate 23andMe

Read more →

A new Forescout report found that IoT devices containing vulnerabilities surged 136% compared to a year ago, becoming a key focus for attackers This article has been indexed from www.infosecurity-magazine.com Read the original article: IoT Vulnerabilities Skyrocket, Becoming Key Entry…

Read more →

An anonymous 4Chan user is claiming to have shared a trove of source code stolen from the New York Times This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actor Claims to Leak 270GB of New York…

Read more →

London hospitals continue to suffer the after-effects of a major ransomware attack last week This article has been indexed from www.infosecurity-magazine.com Read the original article: NHS Appeals For Blood and Volunteers After Cyber-Attack

Read more →

The flaw enables attackers to gain control over the AI service by submitting harmful prompts This article has been indexed from www.infosecurity-magazine.com Read the original article: EmailGPT Exposed to Prompt Injection Attacks

Read more →