Category: www.infosecurity-magazine.com

The US National Institute of Standards and Technology (NIST) published a white paper introducing a new metric called Likely Exploited Vulnerabilities (LEV) This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Introduces New Metric to Measure Likelihood…

Read more →

A new Europol-led operation has dismantled infrastructure for key initial access malware used to launch ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Law Enforcement Busts Initial Access Malware Used to Launch Ransomware

Read more →

Operation Raptor also resulted in the seizure of $184m and a record amount of illegal drugs, firearms and drug trafficking proceeds This article has been indexed from www.infosecurity-magazine.com Read the original article: Global Dark Web Sting Sees 270 Arrested

Read more →

Sophos has observed DragonForce attacking rival ransomware operators including RansomHub as it seeks to expand its reach in the cybercrime marketplace This article has been indexed from www.infosecurity-magazine.com Read the original article: DragonForce Engages in “Turf War” for Ransomware Dominance

Read more →

Malware campaign exploiting TikTok’s popularity has been observed using social engineering to spread Vidar and StealC This article has been indexed from www.infosecurity-magazine.com Read the original article: AI-Generated TikTok Videos Used to Distribute Infostealer Malware

Read more →

Kettering Health is facing significant disruptions from a cyber-attack that impacted patient care This article has been indexed from www.infosecurity-magazine.com Read the original article: Kettering Health Cyber-Attack Disrupts Services

Read more →

The US cryptocurrency exchange claimed that the breach occurred in December 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Coinbase Breach Affected Almost 70,000 Customers

Read more →

The unpatched vulnerabilities, with a CVSS score of 8.6 to 10.0, can lead to remote code execution via authentication bypass This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Zero-Days Found in Versa Networks SD-WAN/SASE Platform

Read more →

West Lothian Council confirmed that ransomware attackers have stolen personal and sensitive information held on its education network This article has been indexed from www.infosecurity-magazine.com Read the original article: Sensitive Personal Data Stolen in West Lothian Ransomware Attack

Read more →

Law enforcers worldwide have teamed up with Microsoft to disrupt the infrastructure behind Lumma Stealer This article has been indexed from www.infosecurity-magazine.com Read the original article: Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains

Read more →

NSA, NCSC and allies warn Western tech and logistics firms of Russian APT28 cyber-espionage threat This article has been indexed from www.infosecurity-magazine.com Read the original article: Western Logistics and Tech Firms Targeted by Russia’s APT28

Read more →

UK businesses should start to plan for required changes to their cybersecurity programs ahead of the Cyber Security and Resilience Bill This article has been indexed from www.infosecurity-magazine.com Read the original article: #Infosec2025: NCC Group Expert Warns UK Firms to…

Read more →

A new malware campaign disguised as Kling AI used fake Facebook ads and counterfeit websites to distribute an infostealer This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Mimic Kling AI to Distribute Infostealer Malware

Read more →

Patched privilege escalation flaw in Google Cloud Platform linked to wider cloud security concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: Flaw in Google Cloud Functions Sparks Broader Security Concerns

Read more →

The 19-year-old and his accomplices obtained key data for the extortion scheme in a 2022 breach of a US telco This article has been indexed from www.infosecurity-magazine.com Read the original article: US Teen to Plead Guilty in PowerSchool Extortion Campaign

Read more →

ITRC report finds that 39% of American consumers believe biometric use should be banned This article has been indexed from www.infosecurity-magazine.com Read the original article: Two-Fifths of Americans Want to Ban Biometric Use

Read more →

An M&S trading update estimates the ongoing cyber-incident will cost £300m, largely from lost sales due to the suspension of online orders This article has been indexed from www.infosecurity-magazine.com Read the original article: M&S Braces for £300 Million Cyber-Attack Costs

Read more →

A new NCSC guide offers useful information on how to safely and securely dispose of end-of-life assets This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Helps Firms Securely Dispose of Old IT Assets

Read more →

The Venice.ai chatbot gained traction in hacking forums for its uncensored access to advanced models This article has been indexed from www.infosecurity-magazine.com Read the original article: Uncensored AI Tool Raises Cybersecurity Alarms

Read more →

A data breach at Nationwide Recovery Services compromised data of 200,000 Harbin Clinic patients This article has been indexed from www.infosecurity-magazine.com Read the original article: Debt Collector Data Breach Affects 200,000 Harbin Clinic Patients

Read more →

Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian APT Groups Intensify Attacks in Europe with Zero-Day Exploits and Wipers

Read more →

Thales found that 73% of organizations are investing in AI-specific security tools, amid surging takeup of GenAI tools in enterprises This article has been indexed from www.infosecurity-magazine.com Read the original article: Mounting GenAI Cyber Risks Spur Investment in AI Security

Read more →

Around half of US and UK consumers have seen fraud ads and content on ‘refund hacks’ on social media This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Consumers Targeted by Social Media Fraud Ads

Read more →

Regeneron, which intends to acquire 23andMe for $256m, says data security and privacy will be a priority This article has been indexed from www.infosecurity-magazine.com Read the original article: New 23andMe Buyer Regeneron Promises to Prioritize Security

Read more →

Malicious dbgpkg package on PyPI poses as a debugging utility but acts as a delivery mechanism for a stealthy backdoor This article has been indexed from www.infosecurity-magazine.com Read the original article: New Malware on PyPI Poses Threat to Open-Source Developers

Read more →

RomethemeKit for Elementor has released a patch addressing an RCE vulnerability exposing 30,000 sites This article has been indexed from www.infosecurity-magazine.com Read the original article: RCE Vulnerability Found in RomethemeKit For Elementor Plugin

Read more →

Civil society groups and academics are calling for the EU’s GDPR to remain unchanged following the EU Commission’s plans to revisit it This article has been indexed from www.infosecurity-magazine.com Read the original article: GDPR Changes Risk Undermining its Principles, Civil…

Read more →

An Alabama man has been sentenced to 14 months for hacking the SEC’s X account This article has been indexed from www.infosecurity-magazine.com Read the original article: SEC SIM Swapper Gets 14 Months for X Account Hijack

Read more →

The UK government says that hackers accessed a “large amount” of personal information in attack on Legal Aid Agency This article has been indexed from www.infosecurity-magazine.com Read the original article: Legal Aid Agency Admits Major Breach of Applicant Data

Read more →

Security experts tell Infosecurity about the cloud attack trends in the past year, and how CISOs can mitigate evolving techniques This article has been indexed from www.infosecurity-magazine.com Read the original article: #Infosec2025: How CISOs Can Stay Ahead of Evolving Cloud…

Read more →

The FBI has warned about an ongoing smishing and vishing scheme using AI deepfakes to impersonate US officials This article has been indexed from www.infosecurity-magazine.com Read the original article: US Officials Impersonated Via SMS and Voice Deepfakes

Read more →

An analysis by Robert Walters found there are around 17,000 cybersecurity vacancies in the UK currently, with organizations struggling to fill open positions This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Cyber Vacancies Growing 12% Per…

Read more →

In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim’s webmail page This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Espionage Operation Targets Organizations…

Read more →

New data from Darktrace showed that cyber-attacks targeting healthcare organizations increased in intensity in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Healthcare Cyber-Attacks Intensify, Sector Now Prime Target

Read more →

Coinbase is offering a $20m reward to help catch the threat actor behind a cyber-attack that could cost it between $180-$400m This article has been indexed from www.infosecurity-magazine.com Read the original article: Coinbase Offers $20m Bounty to Take Down Cybercrime…

Read more →

A stealthy fileless PowerShell attack using Remcos RAT bypassed antivirus by operating in memory This article has been indexed from www.infosecurity-magazine.com Read the original article: PowerShell-Based Loader Deploys Remcos RAT in New Fileless Attack

Read more →

The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004 This article has been indexed from www.infosecurity-magazine.com Read the original article: SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers

Read more →

Dior confirmed a data breach compromising customer personal information, discovered on May 7 This article has been indexed from www.infosecurity-magazine.com Read the original article: Dior Confirms Data Breach Affecting Customer Information

Read more →

Researchers discovered over 3000 Linux vulnerabilities in 2024, the most of any category This article has been indexed from www.infosecurity-magazine.com Read the original article: New Linux Vulnerabilities Surge 967% in a Year

Read more →

The voluntary cybersecurity charter asks NHS suppliers to commit to eight cybersecurity pledges, amid rising attacks on healthcare This article has been indexed from www.infosecurity-magazine.com Read the original article: “Endemic” Ransomware Prompts NHS to Demand Supplier Action on Cybersecurity

Read more →

Most online merchants now believe customers pose as big a threat as professional fraudsters This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraud Losses Hit $11m Per Company as Customer Abuse Soars

Read more →

The ransomware landscape is more fragmented than ever, with no “market leader,” says William Lyne, Head of Intelligence at the NCA This article has been indexed from www.infosecurity-magazine.com Read the original article: #Infosec2025: Ransomware Enters ‘Post-Trust Ecosystem,’ NCA Cyber Expert…

Read more →

Android Enterprise introduced Device Trust to enhance mobile security on Android devices This article has been indexed from www.infosecurity-magazine.com Read the original article: Android Enterprise Launches Device Trust For Enhanced Security

Read more →

CISA paused plans to overhaul its advisory system after backlash from the infosec community This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Reverses Decision on Cybersecurity Advisory Changes

Read more →

Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical This article has been indexed from www.infosecurity-magazine.com Read the original article: New Fortinet and Ivanti Zero Days…

Read more →

While appearing unsophisticated on the surface, Chihuahua Stealer uses advanced methods This article has been indexed from www.infosecurity-magazine.com Read the original article: New ‘Chihuahua’ Infostealer Targets Browser Data and Crypto Wallet Extensions

Read more →

Law enforcers from multiple countries team up to dismantle a multimillion-euro fraud gang This article has been indexed from www.infosecurity-magazine.com Read the original article: European Police Bust €3m Investment Fraud Ring

Read more →

Microsoft has patched seven zero-day bugs, five of which were exploited in the wild This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Seven Zero-Days in May Patch Tuesday

Read more →

Marbled Dust has been exploiting a vulnerability in user accounts associated with the Kurdish military operating in Iraq for over a year, according to Microsoft This article has been indexed from www.infosecurity-magazine.com Read the original article: Turkey-Aligned Hackers Targeted Iraq-Based…

Read more →

Cyber espionage campaign linked to North Korean actor TA406 targeted Ukrainian government entities This article has been indexed from www.infosecurity-magazine.com Read the original article: DPRK-Backed TA406 Targets Ukraine With Malware Campaigns

Read more →

CISA won’t post standard cybersecurity updates on its website, shifting to email and social media This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Shifts Alert Distribution Strategy to Email, Social Media

Read more →

M&S Chief Executive, Stuart Machin, said that the firm has written to customers to inform them that some personal information was accessed by threat actors This article has been indexed from www.infosecurity-magazine.com Read the original article: M&S Confirms Customer Data…

Read more →

ENISA has officially launched the European Vulnerability Database as required by the NIS2 directive This article has been indexed from www.infosecurity-magazine.com Read the original article: European Vulnerability Database Launches Amid US CVE Chaos

Read more →

The UK government wants to hear feedback on a possible new standard or legislation to improve enterprise IoT security This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Considers New Enterprise IoT Security Law

Read more →

Hacktivist claims on Indian infrastructure raised alarms, but investigations showed minimal damage This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacktivist Attacks on India Overstated Amid APT36 Espionage Threat

Read more →

During Infosecurity Europe 2025 experts will explore how to strengthen organizational resilience against persistent third-party risks This article has been indexed from www.infosecurity-magazine.com Read the original article: #Infosec2025: Experts to Shine Light on Vendor Supply Chain Resilience Against Third-Party Risks

Read more →

The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet This article has been indexed from www.infosecurity-magazine.com Read the original article: Criminal Proxy Network Infects Thousands of IoT Devices

Read more →

She@Cyber training program is focused on improving the representation of women and other underrepresented groups in the cybersecurity industry This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Launches Free Entry-Level Cyber Training Program

Read more →

A global cryptocurrency phishing operation likely based in India or Sri Lanka has been stealing digital assets since at least 2022 This article has been indexed from www.infosecurity-magazine.com Read the original article: FreeDrain Phishing Scam Drains Crypto Hobbyists’ Wallets

Read more →

Hackers have compromised Japanese trading accounts in an apparent attempt to manipulate the stock market This article has been indexed from www.infosecurity-magazine.com Read the original article: Japanese Account Hijackers Make $2bn+ of Illegal Trades

Read more →

Germany’s BKA has seized the infrastructure behind the crypto swapping service eXch This article has been indexed from www.infosecurity-magazine.com Read the original article: German Police Shutter “eXch” Money Laundering Service

Read more →

The tech giant plans to leverage its Gemini Nano LLM on-device to enhance scam detection on Chrome This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Deploys On-Device AI to Thwart Scams on Chrome and Android

Read more →

The UNIDR Intrusion Path is designed to provide a simplified view of cyber-threats and security across the network perimeter This article has been indexed from www.infosecurity-magazine.com Read the original article: UN Launches New Cyber-Attack Assessment Framework

Read more →

The FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Sounds Alarm on Rogue Cybercrime Services Targeting Obsolete Routers

Read more →

Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action This article has been indexed from www.infosecurity-magazine.com Read the original article: US Federal Agencies Alert on “Unsophisticated” OT Cyber-Threats

Read more →

PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted This article has been indexed from www.infosecurity-magazine.com Read the original article: PowerSchool Admits Ransom…

Read more →

New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Group Launches LOSTKEYS Malware in Attacks

Read more →

The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Ransomware Hacked, Insider Secrets Exposed

Read more →

DigiCert survey finds only 5% of global businesses are using post-quantum cryptography This article has been indexed from www.infosecurity-magazine.com Read the original article: Just 5% of Enterprises Have Deployed Quantum-Safe Encryption

Read more →

The UK government is set to prioritize increasing the number of UK organizations who are Cyber Essentials certified over the coming year This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Cyber Essentials Certification Numbers Falling Short

Read more →

The UK government unveiled two new assessment schemes to boost confidence in the security of products and services during CYBERUK This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Launches New Cybersecurity Assessment Initiatives to Drive Secure…

Read more →

Researchers spot in-the-wild exploits of Samsung MagicInfo despite recent patch This article has been indexed from www.infosecurity-magazine.com Read the original article: Confusion Reigns as Threat Actors Exploit Samsung MagicInfo Flaw

Read more →

Organizations can start defending against deepfakes now, before efficient detectors are available This article has been indexed from www.infosecurity-magazine.com Read the original article: #Infosec2025: Combating Deepfake Threats at the Age of AI Agents

Read more →

Security researchers at Aon have discovered a threat actor who bypassed SentinelOne EDR protection to deploy Babuk ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacker Finds New Technique to Bypass SentinelOne EDR Solution

Read more →

Inferno Drainer returns, stealing millions from crypto wallets through phishing on Discord This article has been indexed from www.infosecurity-magazine.com Read the original article: Inferno Drainer Returns, Stealing Millions from Crypto Wallets

Read more →

NCSC CEO Richard Horne said the cyber agency has managed twice as many nationally significant cyber incidents in the period from September 2024 to May 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: “Nationally Significant” Cyber-Attacks…

Read more →

A prolific DDoS-for-hire network has been dismantled by Polish authorities as part of a coordinated international crackdown This article has been indexed from www.infosecurity-magazine.com Read the original article: DDoS-for-Hire Network Dismantled in International Operation

Read more →

The Israeli spyware maker must pay $444,719 in compensatory damages to Meta and $167.25m in punitive damages This article has been indexed from www.infosecurity-magazine.com Read the original article: NSO Group Hit with $168m Fine for WhatsApp Pegasus Spyware Abuse

Read more →

The UK government has announced that it will be replace its current SMS verification system with passkeys by the end of 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: Passkeys Set to Protect GOV.UK Accounts Against…

Read more →

Marsh says ransomware drove cyber insurance claims to second highest on record in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Cyber Insurance Claims Second Highest on Record

Read more →

UK government minister Pat McFadden said during CYBERUK that the incidents affecting M&S, Co-op and Harrods show that cybersecurity is a necessity This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Warns Retail Attacks Must Serve…

Read more →

Half of UK firms have over 10 cyber positions unfilled, according to Cisco This article has been indexed from www.infosecurity-magazine.com Read the original article: Talent Shortages Bite as 80% of UK Firms Hit with AI Threats

Read more →

The Alvin Independent School District in Texas has notified over 47,000 individuals affected by a data breach exposing sensitive personal information This article has been indexed from www.infosecurity-magazine.com Read the original article: Texas School District Notifies Over 47,000 People of…

Read more →

Global smishing campaigns linked to Chinese cybercriminals escalate with Smishing Triad’s new tools and techniques This article has been indexed from www.infosecurity-magazine.com Read the original article: Smishing Triad Upgrades Tools and Tactics for Global Attacks

Read more →

Individuals allegedly linked to the DragonForce cybercriminal syndicate have claimed the attack on the three UK retailers This article has been indexed from www.infosecurity-magazine.com Read the original article: Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks

Read more →

Prolific PhaaS operation Darcula uses Magic Cat software to steal over 800,000 cards in a seven-month period This article has been indexed from www.infosecurity-magazine.com Read the original article: Darcula Phishing as a Service Operation Snares 800,000+ Victims

Read more →

The National Cyber Security Centre has published advice for retailers while the Co-op admits customer data was stolen This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s NCSC Offers Security Tips as Co-op Confirms Data Loss

Read more →

Ireland’s data protection watchdog accuses the Chinese social media giant of violating GDPR with transfers of European users’ data to China This article has been indexed from www.infosecurity-magazine.com Read the original article: TikTok Fined €530m Over Transfers of European User…

Read more →

Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang “going dark” This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attacks Fall in April Amid RansomHub Outage

Read more →

The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Confirms Exploitation of SonicWall Vulnerabilities

Read more →

NSC’s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory” This article has been indexed from www.infosecurity-magazine.com Read the original article: White House Warns China of Cyber Retaliation Over Infrastructure…

Read more →

FIDO Alliance found an uptick in awareness and takeup of passkeys as an alternative method to passwords This article has been indexed from www.infosecurity-magazine.com Read the original article: Third of Online Users Hit by Account Hacks Due to Weak Passwords

Read more →

UK retailers including Harrods, M&S, and the Co-op are under a surge of cyber-attacks that may be linked by a common supplier or shared technological vulnerability This article has been indexed from www.infosecurity-magazine.com Read the original article: Harrods Latest UK…

Read more →

Anthropic has found its Claude chatbot is being used for automated political messaging, enabling AI-driven influence campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: Claude Chatbot Used for Automated Political Messaging

Read more →

Concerned about the fate of sensitive genetic information, the ICO and OPC have demanded that 23andMe prioritize customer data protection throughout its bankruptcy process This article has been indexed from www.infosecurity-magazine.com Read the original article: UK and Canadian Regulators Demand…

Read more →

A large-scale phishing campaign using DarkWatchman and Sheriff malware has been observed targeting companies in Russia and Ukraine This article has been indexed from www.infosecurity-magazine.com Read the original article: Large-Scale Phishing Campaigns Target Russia and Ukraine

Read more →

Bitdefender highlighted the growing use of subscription scams, in which victims are lured by adverts into recurring payments for fake products This article has been indexed from www.infosecurity-magazine.com Read the original article: Mystery Box Scams Deployed to Steal Credit Card…

Read more →

Alongside its new Meta AI app, Facebook’s parent company launched several new products to help secure open-source AI applications This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Unveils New Advances in AI Security and Privacy Protection

Read more →

The ICO has decided not to fine the British Library for a 2023 ransomware breach This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO: No Further Action on British Library Ransomware Breach

Read more →

The FBI has released details of 42,000 phishing domains associated with the LabHost operation, in order to help the security community This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Publishes 42,000 LabHost Phishing Domains

Read more →