Category: www.infosecurity-magazine.com

OpenSSF, in collaboration with the US Government, has developed Protobom, a open source tool designed to simplify SBOM management for organizations This article has been indexed from www.infosecurity-magazine.com Read the original article: US Government and OpenSSF Partner on New SBOM…

Read more →

This year’s EU elections will be a stress test to see whether the newly adopted Digital Services Act can efficiently mitigate misinformation threats This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Elections: Pro-Russian Propaganda Exploits Meta’s…

Read more →

Ivanti has fixed two critical vulnerabilities in its Avalanche MDM product which could lead to remote code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: Ivanti Patches Two Critical Avalanche Flaws in Major Update

Read more →

Cifas reveals 14% rise in dishonest employees, driven mainly by financial necessity last year This article has been indexed from www.infosecurity-magazine.com Read the original article: Insider Threats Surge 14% Annually as Cost-of-Living Crisis Bites

Read more →

WithSecure researchers said it is likely Russian state group Sandworm has added a novel backdoor dubbed ‘Kapeka’ to its arsenal This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Sandworm Group Using Novel Backdoor to Target Ukraine…

Read more →

According to Pentera, firms are allocating 13% of their total IT security budgets to pentesting This article has been indexed from www.infosecurity-magazine.com Read the original article: Report Suggests 93% of Breaches Lead to Downtime and Data Loss

Read more →

Orca Security said the issue mirrors a previously identified vulnerability in Azure CLI This article has been indexed from www.infosecurity-magazine.com Read the original article: LeakyCLI Flaw Exposes AWS and Google Cloud Credentials

Read more →

An open letter signed by 50 cybersecurity practitioners requires the US Congress to support NIST in restoring operations at the National Vulnerability Database This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Pros Urge US Congress to…

Read more →

New Check Point data found Microsoft was impersonated in 38% of all brand phishing attacks in Q1 2024, up from 33% in Q4 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Most Impersonated Brand in…

Read more →

Two open source organizations have revealed attempts to socially engineer project takeovers This article has been indexed from www.infosecurity-magazine.com Read the original article: Open Source Leaders Warn of XZ Utils-Like Takeover Attempts

Read more →

Malicious bots now represent a third of all internet traffic, says Imperva This article has been indexed from www.infosecurity-magazine.com Read the original article: Bad Bots Drive 10% Annual Surge in Account Takeover Attacks

Read more →

An international team of researchers published the first-ever index ranking countries by cybercrime threat level This article has been indexed from www.infosecurity-magazine.com Read the original article: Russia and Ukraine Top Inaugural World Cybercrime Index

Read more →

Kaspersky also uncovered the use of the SessionGopher script to extract saved passwords This article has been indexed from www.infosecurity-magazine.com Read the original article: New LockBit Variant Exploits Self-Spreading Features

Read more →

Designated CVE-2024-3400 and with a CVSS score of 10.0, the flaw enables unauthorized actors to execute arbitrary code on affected firewalls This article has been indexed from www.infosecurity-magazine.com Read the original article: Palo Alto Networks Zero-Day Flaw Exploited in Targeted…

Read more →

Nexperia confirmed its IT servers were accessed by attackers, with the Dunghill ransomware group claiming to have stolen chip designs and other sensitive documents This article has been indexed from www.infosecurity-magazine.com Read the original article: Chipmaker Giant Nexperia Confirms Cyber-Attack…

Read more →

The Feds have received thousands of complaints about phishing texts from fake road toll collection services This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Warns of Massive Toll Services Smishing Scam

Read more →

Nine arrests and millions of euros seized in bid to bust JuicyFields investment scammers This article has been indexed from www.infosecurity-magazine.com Read the original article: Police Swoop on €645m Cannabis Investment Fraud Gang

Read more →

The breach affecting business analytics provider Sisense could lead to a wide-scale supply chain attack This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Immediate Credential Reset After Sisense Breach

Read more →

A fix for CVE-2024-3400 is scheduled on April 4, Palo Alto Networks announced This article has been indexed from www.infosecurity-magazine.com Read the original article: Palo Alto Networks Warns About Critical Zero-Day in PAN-OS

Read more →

The revision points out companies like NSO Group, known for surveillance tools like Pegasus This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple Boosts Spyware Alerts For Mercenary Attacks

Read more →

These records belonged to Dublin-based iCabbi, a dispatch and fleet management technology provider This article has been indexed from www.infosecurity-magazine.com Read the original article: Data Breach Exposes 300k Taxi Passengers’ Information

Read more →

A new cyber espionage campaign, called ‘eXotic Visit,’ targeted Android users in South Asia via seemingly legitimate messaging apps This article has been indexed from www.infosecurity-magazine.com Read the original article: New Android Espionage Campaign Spotted in India and Pakistan

Read more →

Distribution vectors of the Raspberry Robin worm now include Windows Script Files (WSF) alongside other methods like USB drives This article has been indexed from www.infosecurity-magazine.com Read the original article: Raspberry Robin Distributed Through Windows Script Files

Read more →

Checkmarx warns of GitHub search result manipulation designed to promote malicious repositories This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actors Game GitHub Search to Spread Malware

Read more →

The number of publicly reported data breaches and leaks grew 90% in the first three months of the year This article has been indexed from www.infosecurity-magazine.com Read the original article: US Data Breach Reports Surge 90% Annually in Q1

Read more →

Proofpoint said it is the first time this threat actor has been seen using LLM-generated PowerShell scripts This article has been indexed from www.infosecurity-magazine.com Read the original article: Rhadamanthys Malware Deployed By TA547 Against German Targets

Read more →

The issues identified permit unauthorized access to the TV’s root system by bypassing authorization mechanisms This article has been indexed from www.infosecurity-magazine.com Read the original article: LG TV Vulnerabilities Expose 91,000 Devices

Read more →

A WiCyS report detailed the causes of disparities in the experiences of women working in cybersecurity compared to men, including respect and exclusion This article has been indexed from www.infosecurity-magazine.com Read the original article: Women Experience Exclusion Twice as Often…

Read more →

A flaw in the Rust standard library exposes Windows systems to command injection attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Windows: New ‘BatBadBut’ Rust Vulnerability Given Highest Severity Score

Read more →

The DoJ says it has seized $1.4bn and charged 3500 defendants in COVID fraud cases since 2021 This article has been indexed from www.infosecurity-magazine.com Read the original article: US Claims to Have Recovered $1.4bn in COVID Fraud

Read more →

April’s Patch Tuesday saw fixes for 150 CVEs, including two being actively exploited in the wild This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Patches 150 Flaws Including Two Zero-Days

Read more →

The UK Government’s latest Cyber Security Breaches Survey found a large increase in the proportion of businesses impacted by a cyber-attack or breach in the past 12 months This article has been indexed from www.infosecurity-magazine.com Read the original article: Half…

Read more →

Mandiant research details how Chinese espionage groups are deploying new tools post-exploitation of recently patched Ivanti vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities

Read more →

Wiz researchers found architecture flaws in generative AI models available on the AI hub Hugging Face This article has been indexed from www.infosecurity-magazine.com Read the original article: Wiz Discovers Flaws in GenAI Models Enabling Customer Data Theft

Read more →

A Microsoft report found that China-affiliated actors are publishing AI-generated content on social media to amplify controversial domestic issues in the US This article has been indexed from www.infosecurity-magazine.com Read the original article: China Using AI-Generated Content to Sow Division…

Read more →

A Trend Micro report shows a clear drop in the number of actual infections associated with the LockBit ransomware following Operation Cronos This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Scrambles After Takedown, Repopulates Leak Site…

Read more →

A state of emergency was declared, caused by operational inconsistencies across digital infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: Jackson County IT Systems Hit By Ransomware Attack

Read more →

First found in 2019, JSOutProx combines JavaScript and .NET functionalities to infiltrate systems This article has been indexed from www.infosecurity-magazine.com Read the original article: New JSOutProx Malware Targets Financial Firms in APAC, MENA

Read more →

Leicester City Council confirmed around 25 sensitive documents have been leaked online, including personal ID information, following claims by the Inc Ransom gang This article has been indexed from www.infosecurity-magazine.com Read the original article: Leicester Council Confirms Confidential Documents Leaked…

Read more →

Infosecurity Europe 2024 will feature a keynote presentation by deepfake expert Henry Ajder, exploring the implications of generative AI on cybersecurity This article has been indexed from www.infosecurity-magazine.com Read the original article: Deepfake Expert Henry Ajder to Keynote Infosecurity Europe…

Read more →

Threat actor IntelBroker claims to have classified intelligence stolen from US government tech supplier Acuity This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actor Claims Classified Five Eyes Data Theft

Read more →

UK privacy regulator, the ICO, urges social media and video sharing firms to do more to protect children’s data This article has been indexed from www.infosecurity-magazine.com Read the original article: Firms Must Work Harder to Guard Children’s Privacy, Says UK…

Read more →

A report has highlighted multiple security failings by Microsoft that allowed Chinese threat actors to access US government officials’ email accounts in the Summer of 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Safety Review…

Read more →

The compromised data includes names or other identifying information in combination with driver’s license numbers This article has been indexed from www.infosecurity-magazine.com Read the original article: Prudential Financial Notifies 36,000 Individuals of Data Breach

Read more →

The findings from Netskope also show a shift in the retail sector’s use of cloud applications This article has been indexed from www.infosecurity-magazine.com Read the original article: Infostealers Prevalent in Retail Sector Cybercrime Trends

Read more →

The UK and the US have signed a partnership to coordinate the work of their respective AI Safety Institutes This article has been indexed from www.infosecurity-magazine.com Read the original article: UK and US to Build Common Approach on AI Safety

Read more →

Sophos reveals “unprecedented” levels of RDP compromise in ransomware attacks in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: RDP Abuse Present in 90% of Ransomware Breaches

Read more →

Proofpoint has spotted a new infostealer campaign using malicious links in YouTube video descriptions This article has been indexed from www.infosecurity-magazine.com Read the original article: YouTube Video Game ‘Hacks’ Contain Malware Links

Read more →

The telecommunications giant said that the published dataset comprises information from 2019 or earlier This article has been indexed from www.infosecurity-magazine.com Read the original article: AT&T Confirms 73 Million Customer Data Breach Linked to Dark Web

Read more →

Kaspersky said cybercriminals harvested 50.9 login credentials per infected device in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Report Sevenfold Increase in Data Theft Cases

Read more →

A backdoor in XZ Utils, a widely used file-compressing software in Linux systems, could have led to a critical supply chain attack had a Microsoft researcher not spotted it in time This article has been indexed from www.infosecurity-magazine.com Read the…

Read more →

Hundreds of Indians forced into cybercrime by Cambodian gangs have been rescued This article has been indexed from www.infosecurity-magazine.com Read the original article: Indian Authorities Rescue Hundreds Trafficked For Cybercrime

Read more →

FTC figures reveal a three-fold increase in losses from impersonation scams over the past three years This article has been indexed from www.infosecurity-magazine.com Read the original article: Impersonation Scams Net Fraudsters $1.1bn in a Year

Read more →

CISA has revealed the first draft for an update of the Cyber Incident Reporting for Critical Infrastructure (CIRCIA) Act of 2022 This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Launches New Cyber Incident Reporting Rules for…

Read more →

The US Treasury report sets out recommendations for financial institutions on addressing immediate AI-related operational risk, cybersecurity and fraud challenges This article has been indexed from www.infosecurity-magazine.com Read the original article: US Treasury Urges Financial Sector to Address AI Cybersecurity…

Read more →

After weeks of speculation, NIST has finally confirmed its intention to establish an industry consortium to develop the NVD in the future This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Unveils New Consortium to Operate its…

Read more →

After months of speculation, NIST has finally confirmed its intention to establish an industry consortium to develop the NVD in the future This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Unveils New Consortium to Manage its…

Read more →

Flashpoint recorded a 34.5% rise in reported data breaches in 2023, with ransomware a major driver of this increase This article has been indexed from www.infosecurity-magazine.com Read the original article: 17 Billion Personal Records Exposed in Data Breaches in 2023

Read more →

Beaming research reveals that nearly half of UK SMEs have lost data since 2019, costing billions This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of British SMEs Have Lost Data in Past Five Years

Read more →

A rising volume of calls to the Scottish Cyber and Fraud Centre highlights surging threat levels This article has been indexed from www.infosecurity-magazine.com Read the original article: Calls to Incident Response Helpline Double in a Year

Read more →

NHS Dumfries and Galloway confirmed that patient clinical data was leaked following the attack on its systems earlier in March 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: NHS Trust Confirms Clinical Data Leaked by “Recognized…

Read more →

Google detected nearly 100 zero-day vulnerabilities exploited in the wild in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Zero-Day Vulnerabilities Surged by Over 50% Annually, Says Google

Read more →

Cisco scored just 3% of organizations as having a ‘mature’ level of readiness to cyber threats, a significant decline from the previous year This article has been indexed from www.infosecurity-magazine.com Read the original article: Only 3% of Businesses Resilient Against…

Read more →

Palo Alto Networks’ Unit 42 observed two Chinese-affiliated APT groups recently conducting cyber espionage campaigns targeting ASEAN organizations This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers Target ASEAN Entities in Espionage Campaign

Read more →

British police have swooped on 400 fraud suspects and seized £19m This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Law Enforcers Arrest 400 in Major Fraud Crackdown

Read more →

The Diligent and Bitsight report found that stronger cybersecurity measures equate to significantly higher financial performance for businesses This article has been indexed from www.infosecurity-magazine.com Read the original article: Only 5% of Boards Have Cybersecurity Expertise, Despite Financial Benefits

Read more →

The cryptocurrency-powered iris-scanning project led by OpenAI CEO Sam Altman must halt collecting data for 90 days in Portugal This article has been indexed from www.infosecurity-magazine.com Read the original article: Portugal Forces Sam Altman’s Worldcoin to Stop Collecting Biometric Data

Read more →

The US Treasury has designated several Russian blockchain and virtual currency firms for sanctions evasion This article has been indexed from www.infosecurity-magazine.com Read the original article: US Targets Crypto Firms Aiding Russia Sanctions Evasion

Read more →

The US government wants developers to get serious about tackling SQL injection bugs This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA and FBI Urge Renewed Effort to Eliminate SQL Injection Flaws

Read more →

Discovered by Sekoia in 2023, the kit is associated with Adversary-in-The-Middle (AiTM) attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: New Tycoon 2FA Phishing Kit Raises Cybersecurity Concerns

Read more →

The UK’s NCSC assesses that China-backed APT31 was “almost certainly” responsible for hacking the email accounts of UK parliamentarians This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Blames China for 2021 Hack Targeting Millions of Voters’…

Read more →

Kaspersky’s findings revealed phishing pages posing as vendors, enticing users with discounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Ozempic Deals on the Rise as Experts Warn of Phishing Scams

Read more →

Law enforcers have arrested nine suspected members of a prolific cyber-fraud gang This article has been indexed from www.infosecurity-magazine.com Read the original article: Police Bust Multimillion-Dollar Holiday Fraud Gang

Read more →

Mandiant observes what it claims is the first ever APT29 campaign aimed at political parties This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Cozy Bear Group Targets German Politicians

Read more →

SentinelLabs researchers identified the malware as a new variant of AcidRain, which shut down thousands of Viasat satellites in Ukraine and Western Europe in 2022 This article has been indexed from www.infosecurity-magazine.com Read the original article: New AcidPour Wiper Targeting…

Read more →

The joint advisory sets out how to mitigate and respond to DDoS attacks, limiting disruption to critical services This article has been indexed from www.infosecurity-magazine.com Read the original article: US Government Releases New DDoS Attack Guidance for Public Sector

Read more →

The campaign notably included attempts to impersonate legitimate media outlets This article has been indexed from www.infosecurity-magazine.com Read the original article: US Treasury Targets Russian Entities in Cyber Influence Campaign

Read more →

The US House of Representatives approved the new bill with an overwhelming vote of 414-0 This article has been indexed from www.infosecurity-magazine.com Read the original article: US Legislation Targets Data Sharing With Foreign Adversaries

Read more →

Most decision-makers have experienced API security problems over the past year, yet many haven’t invested in a robust API security strategy, Fastly reveals This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Leaders Acknowledge API Security Gaps…

Read more →

The ICO said it is assessing the reported breach of Kate Middleton’s medical records at The London Clinic This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Probes Kate Middleton Medical Record Breach

Read more →

Secureworks is warning of fake obituary sites which expose visitors to fake AV scams This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Obituary Sites Send Grievers to Porn and Scareware Pages

Read more →

The Synacktiv team won its second Tesla car for finding one of 19 zero-day bugs on the first day of Pwn2Own Vancouver This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Researchers Win Second Tesla At Pwn2Own

Read more →

The agency has issued a fact sheet about the threat actor, emphasizing the importance of cyber-risk as a core business concern This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Warns Critical Infrastructure Leaders of Volt Typhoon

Read more →

Thales latest report also suggests less than half of organizations have a formal ransomware response plan This article has been indexed from www.infosecurity-magazine.com Read the original article: Study Uncovers 27% Spike in Ransomware; 8% Yield to Demands

Read more →

A new UK government report finds that 75% of businesses and 79% of charities experienced a cyber incident in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government: 75% of UK Businesses Experienced a Cyber…

Read more →

Police in Kharkiv arrest three men suspected of hacking 100 million Instagram and email accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukrainian Police Arrest Suspected Brute-Force Account Hijackers

Read more →

The Biden administration is inviting state representatives to urgently discuss the security of the water sector This article has been indexed from www.infosecurity-magazine.com Read the original article: White House Convenes States to Discuss Water Sector Breaches

Read more →