Category: www.infosecurity-magazine.com

The UK National Cyber Security Centre thinks public disclosure programs could help mitigate AI safety threats This article has been indexed from www.infosecurity-magazine.com Read the original article: UK NCSC Supports Public Disclosure for AI Safeguard Bypass Threats

Read more →

Zscaler has emerged as the latest corporate victim of a supply chain attack targeting Salesforce data This article has been indexed from www.infosecurity-magazine.com Read the original article: Zscaler Customer Info Taken in Salesloft Breach

Read more →

Silver Fox APT abuses Microsoft-signed drivers to kill antivirus and deploy ValleyRAT remote-access backdoor This article has been indexed from www.infosecurity-magazine.com Read the original article: Silver Fox Exploits Signed Drivers to Deploy ValleyRAT Backdoor

Read more →

A vulnerability in the WordPress Paid Memberships Subscription plugin could lead to unauthenticated SQL injection on affected sites This article has been indexed from www.infosecurity-magazine.com Read the original article: High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users

Read more →

A vulnerability in the WordPress Paid Memberships Subscription plugin could lead to unauthenticated SQL injection on affected sites This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical SQLi Threat to WordPress Memberships Plugin Users

Read more →

Pennsylvania’s Attorney General confirmed the OAG had refused to pay a ransom demand to the attackers after files were encrypted This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attack on Pennsylvania’s AG Office Disrupts Court Cases

Read more →

The campaign shows APT29’s intentions to “cast a wider net in their intelligence collection efforts,” said Amazon This article has been indexed from www.infosecurity-magazine.com Read the original article: Amazon Stops Russian APT29 Watering Hole Attack Exploiting Microsoft Auth

Read more →

Adversaries targeting the Salesloft Drift application integration with Salesforce have also compromised Google Workspace accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Salesloft Attacks Target Google Workspace

Read more →

WhatsApp has fixed a zero-day vulnerability linked to a sophisticated cyber-attack This article has been indexed from www.infosecurity-magazine.com Read the original article: WhatsApp Patches Zero-Day, Zero-Click Flaw

Read more →

Pyongyang-backed hacking group APT37 leveraged an internal South Korean intelligence briefing in a spear phishing campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Hackers Weaponize Seoul Intelligence Files to Target South Koreans

Read more →

A software supply chain attack targeting Nx marks the first known case where attackers have leveraged developer AI assistants, according to StepSecurity This article has been indexed from www.infosecurity-magazine.com Read the original article: Npm Package Hijacked to Steal Data and…

Read more →

Recorded Future highlighted the vast capabilities of state actors to rapidly weaponize newly disclosed vulnerabilities for geopolitical purposes This article has been indexed from www.infosecurity-magazine.com Read the original article: State-Sponsored Hackers Behind Majority of Vulnerability Exploits

Read more →

The credit rating giant revealed that the breach, which occurred on July 28, was caused by unauthorized access to a third-party application This article has been indexed from www.infosecurity-magazine.com Read the original article: TransUnion Data Breach Impacts 4.5 Million US…

Read more →

Fake IT support lures are being used to trick employees into installing remote‑access tools via Microsoft Teams This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake IT Support Attacks Hit Microsoft Teams

Read more →

Salt Typhoon’s primary Dutch targets were small internet service providers and hosting providers This article has been indexed from www.infosecurity-magazine.com Read the original article: Netherlands Confirms China’s Salt Typhoon Targeted Small Dutch Telcos

Read more →

Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious VS Code Extensions Exploit Name Reuse Loophole

Read more →

Nevada’s CIO confirmed in a press conference that ransomware actors had exfiltrated data from state networks, amid an ongoing incident investigation This article has been indexed from www.infosecurity-magazine.com Read the original article: Nevada Confirms Ransomware Attack, State Data Stolen

Read more →

The US, UK and allies have called out China’s “commercial cyber ecosystem” for enabling large-scale Salt Typhoon campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Tech Firms Linked to Salt Typhoon Espionage Campaigns

Read more →

Chainalysis, OKX, Binance and Tether have managed to stop nearly $50m reaching romance baiting fraudsters This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto Companies Freeze $47m in Romance Baiting Funds

Read more →

Microsoft observed Storm-0501 pivot to the victim’s cloud environment to exfiltrate data rapidly and prevent the victim’s recovery This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure

Read more →