Category: www.infosecurity-magazine.com

The Ontinue report draws from an extensive analysis of data collected from 600,000 endpoints This article has been indexed from www.infosecurity-magazine.com Read the original article: Research Shows IT and Construction Sectors Hardest Hit By Ransomware

Read more →

The UK’s National Cyber Security Centre wants to help organizations migrate their SCADA systems to the cloud This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Publishes Security Guidance For Cloud-Hosted SCADA

Read more →

The UK’s National Cyber Security Centre wants to help organizations migrate their SCADA systems to the cloud This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Publishes Security Guidance for Cloud-Hosted SCADA

Read more →

Trend Micro uncovers Chinese cyber-espionage campaign Earth Krahang This article has been indexed from www.infosecurity-magazine.com Read the original article: Prolific Chinese Threat Campaign Targets 100+ Victims

Read more →

Sandu Boris Diaconu was involved in conspiracy to commit access device and computer fraud This article has been indexed from www.infosecurity-magazine.com Read the original article: Moldovan Behind E-Root Marketplace Gets US Federal Prison Term

Read more →

The voluntary FCC program will allow smart device manufacturers to demonstrate to consumers that their product has met robust cybersecurity standards This article has been indexed from www.infosecurity-magazine.com Read the original article: FCC Agrees to Cyber Trust Mark for IoT…

Read more →

Seven years into its ethical hacking program, the Pentagon received its 50,000th vulnerability report on March 15 This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 50,000 Vulnerabilities Discovered in DoD Systems Through Bug Bounty Program

Read more →

The flaws, identified by KTrust, enable attackers to bypass rate limits and brute force protection mechanisms This article has been indexed from www.infosecurity-magazine.com Read the original article: Three New Critical Vulnerabilities Uncovered in Argo

Read more →

A Microsoft report found that 87% of UK organizations are either vulnerable or at high-risk of cyber-attacks, and urged investment in AI as a security tool This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft: 87% of…

Read more →

Scottish NHS trust reveals patient and staff data may have been taken in security breach This article has been indexed from www.infosecurity-magazine.com Read the original article: NHS Dumfries and Galloway Warns of “Significant” Data Theft

Read more →

The International Monetary Fund says it is still looking into a recent compromise of multiple email accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: IMF Investigates Serious Cybesecurity Breach

Read more →

Vulnerability data has stopped being added to the most widely used software vulnerability database for over a month, putting organizations at risk – and nobody knows why This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST National…

Read more →

An AppOmni researcher detailed a misconfiguration in the HSE COVID Vaccination Portal, exposing the health and personal data of over a million Irish citizens This article has been indexed from www.infosecurity-magazine.com Read the original article: HSE Misconfiguration Exposed Over a…

Read more →

The vote saw 352 members of Congress supporting the bill while only 65 opposed it This article has been indexed from www.infosecurity-magazine.com Read the original article: TikTok Faces US Ban as House Votes to Compel ByteDance to Sell

Read more →

DoControl said one in six employees was found to have shared company data via personal email This article has been indexed from www.infosecurity-magazine.com Read the original article: New Report Suggests Surge in SaaS Assets, Employee Data Sharing

Read more →

The US government will investigate whether protected healthcare information was breached in the Change Healthcare ransomware attack, and if the firm complied with HIPAA rules This article has been indexed from www.infosecurity-magazine.com Read the original article: US Government to Investigate…

Read more →

France’s employment agency suffered a massive breach, exposing the data of users who registered over the past 20 years This article has been indexed from www.infosecurity-magazine.com Read the original article: French Employment Agency Data Breach Could Affect 43 Million People

Read more →

Google revealed it paid $10m in bug bounty payments to more than 600 researchers in 2023, with the highest single payment being £113,337 This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Paid $10m in Bug Bounties…

Read more →

Fortinet has released security updates to fix several critical vulnerabilities in its products This article has been indexed from www.infosecurity-magazine.com Read the original article: Fortinet Patches Critical Bug in FortiClient EMS

Read more →

Meta is suing one of its former executives for stealing sensitive documents before leaving the company This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Sues Former VP After Defection to AI Startup

Read more →

Netcraft said the domains were found across 7000 IPs in January, a 25% increase from December 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Investment Scams Grow, 13,000 Domains Detected in January 2024

Read more →

Red Canary said cloud account compromise detections rose 16-fold in 2023, becoming the fourth most prevalent technique used by threat actors This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloud Account Attacks Surged 16-Fold in 2023

Read more →

Salt Security discovered GPT flaws affecting plugin installation, PluginLab and OAuth This article has been indexed from www.infosecurity-magazine.com Read the original article: New Research Exposes Security Risks in ChatGPT Plugins

Read more →

The new restriction to Google’s AI chatbot was first implemented in India, which holds elections in April, before being rolled across other nations This article has been indexed from www.infosecurity-magazine.com Read the original article: Google to Restrict Election-Related Answers on…

Read more →

No zero-day vulnerabilities to fix in this month’s Microsoft Patch Tuesday This article has been indexed from www.infosecurity-magazine.com Read the original article: Single RCE Bug Features Among 60 CVEs in March Patch Tuesday

Read more →

GitGuardian claims the number of secrets exposed via GitHub has quadrupled since 2021 This article has been indexed from www.infosecurity-magazine.com Read the original article: Nearly 13 Million Secrets Spilled Via Public GitHub Repositories

Read more →

Kaspersky said access control weaknesses and failures in data protection accounted for 70% of all flaws This article has been indexed from www.infosecurity-magazine.com Read the original article: Study Reveals Top Vulnerabilities in Corporate Web Applications

Read more →

The Office of the Director of National Intelligence (ODNI) has unveiled an unclassified version of its Annual Threat Assessment of the US Intelligence Community This article has been indexed from www.infosecurity-magazine.com Read the original article: US Intelligence Predicts Upcoming Cyber…

Read more →

Sysdig said the rise of the Meson Network in blockchain signals a new frontier for attackers This article has been indexed from www.infosecurity-magazine.com Read the original article: New Cloud Attack Targets Crypto CDN Meson Ahead of Launch

Read more →

Three-quarters of cyber-incidents Sophos responded to involved small businesses in 2023, with attackers’ main goal being data theft This article has been indexed from www.infosecurity-magazine.com Read the original article: Three-Quarters of Cyber Incident Victims Are Small Businesses

Read more →

An influential parliamentary committee claims government short-termism is exposing the country to ransomware catastrophe This article has been indexed from www.infosecurity-magazine.com Read the original article: Lawmakers Slam UK Government’s “Ostrich Strategy” for Cybersecurity

Read more →

Some 57,000 victims lost $47m in phishing scams targeting their cryptocurrency last month This article has been indexed from www.infosecurity-magazine.com Read the original article: Victims Lose $47m to Crypto Phishing Scams in February

Read more →

The actor utilizes custom Linux malware to pursue financial gain, according to Check Point Research This article has been indexed from www.infosecurity-magazine.com Read the original article: Magnet Goblin Exploits Ivanti Vulnerabilities

Read more →

GuidePoint said the threat actor gained initial access via vulnerabilities in a TeamCity server This article has been indexed from www.infosecurity-magazine.com Read the original article: BianLian Threat Actor Shifts Focus to Extortion-Only Tactics

Read more →

The advisory is associated with ten companion cybersecurity information sheets detailing how to implement each strategy This article has been indexed from www.infosecurity-magazine.com Read the original article: NSA Launches Top 10 Cloud Security Mitigation Strategies

Read more →

A British Library report found the most likely source of the incident was the compromise of third-party account credentials and no MFA was in place to stop the attackers This article has been indexed from www.infosecurity-magazine.com Read the original article:…

Read more →

Nurse practitioner pleads guilty to $136m Medicare fraud plot involving her telemedicine companies This article has been indexed from www.infosecurity-magazine.com Read the original article: Telemedicine Business Owner Faces 20 Years For $136m Fraud

Read more →

Threat group APT29 is using secrets stolen in an earlier attack to compromise Microsoft’s internal systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Russia’s Midnight Blizzard Accesses Microsoft Source Code

Read more →

Darktrace reveals a novel phishing campaign where attackers leveraged legitimate Dropbox infrastructure to steal credentials before bypassing MFA This article has been indexed from www.infosecurity-magazine.com Read the original article: Dropbox Used to Steal Credentials and Bypass MFA in Novel Phishing…

Read more →

UnitedHealth said it expects Change Healthcare’s key systems to be restored by March 18, amid reports it paid a $22m ransom to BlackCat This article has been indexed from www.infosecurity-magazine.com Read the original article: UnitedHealth Sets Timeline to Restore Change…

Read more →

Zscaler’s ThreatLabz discovered malware spreading SpyNote RAT to Android and NjRAT/DCRat to Windows This article has been indexed from www.infosecurity-magazine.com Read the original article: RATs Spread Via Fake Skype, Zoom, Google Meet Sites

Read more →

ESET researchers said the attackers strategically leveraged the Monlam Festival, targeting individuals associated with Tibetan Buddhism This article has been indexed from www.infosecurity-magazine.com Read the original article: Evasive Panda Targets Tibet With Trojanized Software

Read more →

Ransomware losses in the US rose by 74% to $59.6m in 2023, according to reported incidents to the FBI This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI: US Ransomware Losses Surge 74% to $59.6 Million in…

Read more →

AI scientist Inma Martinez predicts governments will start requiring ‘frontier’ AI labs full disclosure on the purpose of the tools they are developing This article has been indexed from www.infosecurity-magazine.com Read the original article: Governments Eye Disclosure Requirements for AI…

Read more →

Sensitive data from Switzerland government departments were leaked by the Play ransomware group after an attack on Xplain, including classified documents and log in credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attackers Leak Sensitive…

Read more →

Alleged Chinese spy Linwei Ding is accused of stealing proprietary IP from Google This article has been indexed from www.infosecurity-magazine.com Read the original article: Former Google Engineer Charged With Stealing AI Secrets

Read more →

Security experts warn of mass exploitation of critical TeamCity vulnerability This article has been indexed from www.infosecurity-magazine.com Read the original article: Hundreds of Rogue Users Added to Unpatched TeamCity Servers

Read more →

Proofpoint said TA4903 adopted new tactics, including lure themes referencing confidential docs and ACH payments This article has been indexed from www.infosecurity-magazine.com Read the original article: TA4903 Phishing Campaigns Evolve, Targets US Government

Read more →

Proofpoint said TA4903 adopted new tactics, including lure themes referencing confidential docs and ACH payments This article has been indexed from www.infosecurity-magazine.com Read the original article: TA4903 Phishing Campaigns Evolve, Target US Government

Read more →

Cado said the payloads facilitated RCE attacks by leveraging common misconfigurations and known vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Linux Malware Targets Docker, Apache Hadoop, Redis and Confluence

Read more →

The EU has agreed new rules to strengthen cyber incident response and recovery across member states, encompassing closer cooperation mechanisms This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Agrees ‘Cyber Solidarity Act’ to Bolster Incident Response…

Read more →

The UK’s Chartered Institute of Information Security warns that many professionals are prepared to moonlight for cybercrime groups This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Pros Turn to Cybercrime as Salaries Stagnate

Read more →

A new threat actor has been observed by Zscaler distributing remote access Trojans (RATs) via online meeting lures This article has been indexed from www.infosecurity-magazine.com Read the original article: Skype, Google Meet, and Zoom Used in New Trojan Scam Campaign

Read more →

The US Treasury has designated individuals and entities associated with Predator spyware developer, Intellexa This article has been indexed from www.infosecurity-magazine.com Read the original article: US Sanctions Predator Spyware Maker Intellexa

Read more →

The US Treasury has designated individuals and entities associated with Predator spyware developer, Intellexa This article has been indexed from www.infosecurity-magazine.com Read the original article: US Sanctions Predator Spyware-Maker Intellexa

Read more →

Cisco Talos uncovered two new tools developed by the group: the “GhostSec Deep Scan tool” and “GhostPresser” This article has been indexed from www.infosecurity-magazine.com Read the original article: GhostSec Evolves With Website Compromise Tools

Read more →

With a claimed 80% efficiency, the new AI detection tool will be used to inform the police during criminal investigations This article has been indexed from www.infosecurity-magazine.com Read the original article: South Korean Police Develops Deepfake Detection Tool Ahead of…

Read more →

Speculations about the shut down range from a potential exit scam to a rebranding initiative This article has been indexed from www.infosecurity-magazine.com Read the original article: ALPHV/BlackCat Ransomware Servers Go Down

Read more →

American Express has informed customers that their credit card details may have been compromised following a breach of a third-party merchant processor This article has been indexed from www.infosecurity-magazine.com Read the original article: American Express Warns Credit Card Data Exposed…

Read more →

Ukraine’s military intelligence service says it hacked and stole sensitive documents from Russia’s Ministry of Defense This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukraine Claims it Hacked Russian MoD

Read more →

JetBrains says on-premises TeamCity servers must be upgraded to mitigate two new bugs This article has been indexed from www.infosecurity-magazine.com Read the original article: TeamCity Users Urged to Patch Critical Vulnerabilities

Read more →

The researchers developed a worm, dubbed “Morris II,” which targets generative AI ecosystems through the use of adversarial self-replicating prompts This article has been indexed from www.infosecurity-magazine.com Read the original article: Self-Propagating Worm Created to Target Generative AI Systems

Read more →

Sekoia.io observed developments in the group’s DDoS tools, including updates enhancing compatibility with different processor architectures and OS This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacktivist Collective NoName057 Strikes European Targets

Read more →

Proofpoint warned the method could be used for data gathering and further malicious activities This article has been indexed from www.infosecurity-magazine.com Read the original article: TA577 Exploits NTLM Authentication Vulnerability

Read more →

Despite being exposed to human rights violations, the Predator spyware continues to be used across the world – including in new countries This article has been indexed from www.infosecurity-magazine.com Read the original article: Predator Spyware Targeted Mobile Phones in New…

Read more →

UK’s National Cyber Security Centre warns of dangers of insecure perimeter products This article has been indexed from www.infosecurity-magazine.com Read the original article: Securing Perimeter Products Must Be a Priority, Says NCSC

Read more →

German police have dismantled the country’s largest underground marketplace: Crimemarket This article has been indexed from www.infosecurity-magazine.com Read the original article: Drugs and Cybercrime Market Busted By German Cops

Read more →

President Biden warned that connected vehicles built in China could be used to steal sensitive data of US citizens and critical infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: Biden Warns Chinese Cars Could Steal US…

Read more →

Government agencies from the Five Eyes coalition said that Ivanti’s own tools are not sufficient to detect compromise This article has been indexed from www.infosecurity-magazine.com Read the original article: Five Eyes Warn of Ivanti Vulnerabilities Exploitation, Detection Tools Insufficient

Read more →

The Home Office failed to assess the privacy intrusion of the continuous collection of migrants’ location information in breach of UK data protection law, according to the ICO This article has been indexed from www.infosecurity-magazine.com Read the original article: UK…

Read more →

The breach was discovered on February 21 2024, according to an SEC filing published on the same day This article has been indexed from www.infosecurity-magazine.com Read the original article: Pharma Giant Cencora Reports Cybersecurity Breach

Read more →

Infoblox said Savvy Seahorse uses fake ChatGPT and WhatsApp bots to lure victims This article has been indexed from www.infosecurity-magazine.com Read the original article: Savvy Seahorse Targets Investment Platforms With DNS Scams

Read more →

Chainalysis study of crypto flows reveals darknet markets made $1.7bn in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Dark Web Market Revenues Rebound but Sector Fragments

Read more →

The US government advisory warns healthcare organizations are being targeted by BlackCat amid an ongoing cyber-incident affecting Change Healthcare This article has been indexed from www.infosecurity-magazine.com Read the original article: US Government Warns Healthcare is Biggest Target for BlackCat Affiliates

Read more →

The maker of the Mispadu Trojan started distributing a new infostealer with financial lures to Mexican users, Cisco Talos found This article has been indexed from www.infosecurity-magazine.com Read the original article: TimbreStealer Malware Targets Mexican Victims with Tax-Related Lures

Read more →

A new presidential executive order attempts to prevent the mass sales of personal data to countries like China and Russia This article has been indexed from www.infosecurity-magazine.com Read the original article: Biden Bans Mass Sale of Data to Hostile Nations

Read more →

The routers were hijacked to steal credentials, proxy traffic, and host phishing pages and custom tools This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Issues Alert on Russian Threats Targeting Ubiquiti Routers

Read more →

Kaspersky reported a 231% surge in compromised accounts from 4.7 million in 2021 to 15.5 million in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: 34 Million Roblox Credentials Exposed on Dark Web in Three Years

Read more →

The UK government provided a preview of its future Cybersecurity Governance Code of Practice, which aims to be the go-to cyber guideline for UK business leaders This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Unveils Draft…

Read more →

UK Information Commissioner John Edwards explains how the ICO is working to provide clarity around the lawful use of AI This article has been indexed from www.infosecurity-magazine.com Read the original article: UK ICO Vows to Safeguard Privacy in AI Era,…

Read more →

ISACA’s Rob Clyde and Pam Nigro discuss how to advance digital trust in a security context This article has been indexed from www.infosecurity-magazine.com Read the original article: How Security Leaders Can Break Down Barriers to Enable Digital Trust

Read more →

Cifas claims that most business decision makers are worried about fraudsters targeting employees This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half of UK Firms Concerned About Insider Threats

Read more →

Group-IB research warns of rising use of zero-day threats in targeted attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Ads for Zero-Day Exploit Sales Surge 70% Annually

Read more →

Ransomware and destabilization attacks rose in 2023, yet France’s National Cybersecurity Agency is most concerned about a diversification of cyber espionage campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: Industrial Cyber Espionage France’s Top Threat Ahead…

Read more →

NIST has made further tweaks to Version 2.0 of its Cybersecurity Framework following feedback from the cybersecurity community This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Releases Final Version of Cybersecurity Framework 2.0

Read more →

The flaw, discovered by Patchstack, stems from a lack of input sanitization and output escaping in the plugin’s code This article has been indexed from www.infosecurity-magazine.com Read the original article: Four Million WordPress Sites Vulnerable to LiteSpeed Plugin Flaw

Read more →

The Viakoo study also said 50% firms faced IoT cyber incidents in past year, 44% of which were severe This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of IT Leaders Identify IoT as Security Weak Point

Read more →

Synopsys report reveals 74% of codebases now contain risky open source components This article has been indexed from www.infosecurity-magazine.com Read the original article: Most Commercial Code Contains High-Risk Open Source Bugs

Read more →

Proofpoint found that 69% of organizations experienced a successful ransomware incident in the past year, with 60% hit on four or more occasions This article has been indexed from www.infosecurity-magazine.com Read the original article: 69% of Organizations Infected by Ransomware…

Read more →

Imperva finds attacks targeting API business logic increased to 27% in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Business Logic Abuse Dominates as API Attacks Surge

Read more →

A new White House report has urged software and hardware developers to adopt memory safe programming languages, and eliminate one of the most pervasive classes of bugs This article has been indexed from www.infosecurity-magazine.com Read the original article: White House…

Read more →

Known as Midnight Blizzard, the Dukes or Cozy Bear, the group has been identified as a Russian entity likely operating under the SVR This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Issues Alert on APT29’s Cloud…

Read more →

Kaspersky said that in 2023, the number of mobile attacks soared to nearly 33.8 million This article has been indexed from www.infosecurity-magazine.com Read the original article: Expert Warns of Growing Android Malware Activity

Read more →

What businesses should know about Operation Cronos and LockBit, one of the largest ransomware takedowns in history This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Takedown: What You Need to Know about Operation Cronos

Read more →

The FTC order found that Avast sold browsing data to advertisers that could reveal highly sensitive insights about users, misleading them about privacy protections in the process This article has been indexed from www.infosecurity-magazine.com Read the original article: Avast Faces…

Read more →

The UK’s National Cyber Security Centre is preparing a new cyber governance training pack for boards This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC to Offer Cyber Governance Guidance to Boards

Read more →

Moving giant U-Haul has revealed that 67,000 customers were caught in a data breach last year This article has been indexed from www.infosecurity-magazine.com Read the original article: U-Haul Informs Customers of Major Data Breach

Read more →

Law enforcement agencies involved in Operation Cronos have announced they have been in contact with the LockBit kingpin aka LockbitSupp This article has been indexed from www.infosecurity-magazine.com Read the original article: Operation Cronos: Who Are the LockBit Admins

Read more →

The UK’s ICO has ruled Serco Leisure’s use facial recognition technology and fingerprint scanning to monitor employee attendance is in breach of data protection law This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Bans Serco Leisure’s…

Read more →

Cybereason found that 78% of organizations who paid a ransom demand were hit by a second ransomware attack, often by the same threat actor This article has been indexed from www.infosecurity-magazine.com Read the original article: 78% of Organizations Suffer Repeat…

Read more →