Forescout has identified a sharp shift in enterprise cyber risk, with network infrastructure now surpassing traditional endpoints as the most vulnerable part of organisational environments. In its latest Riskiest Connected Devices in 2026 report, based on analysis of millions of…
MacOS Stealer MioLab Adds ClickFix Delivery, Wallet Theft and Team API Tools
A sophisticated macOS infostealer known as MioLab — also tracked as Nova — has emerged as one of the most advanced Malware-as-a-Service (MaaS) platforms targeting Apple users. Advertised on Russian-speaking underground forums, MioLab marks a shift in the threat landscape,…
Libyan Oil Refinery Hit in Long-Running Espionage Campaign Using AsyncRAT
A Libyan oil refinery, a telecoms organization, and a state institution fell victim to a coordinated espionage campaign between November 2025 and February 2026. The attacks delivered AsyncRAT, a publicly available remote access Trojan with a documented history of use…
IT Security News Hourly Summary 2026-03-23 18h : 14 posts
14 posts were published in the last hour 16:36 : FriendlyDealer mimics official app stores to push unvetted gambling apps 16:36 : Capital One Software Expands Databolt to Protect Unstructured Data for AI Use 16:36 : Case study: How predictive…
FriendlyDealer mimics official app stores to push unvetted gambling apps
Think you’re downloading from Google or Apple? 1,500+ fake app store sites look like the real thing, but push unvetted, cloned web-based casino apps. This article has been indexed from Malwarebytes Read the original article: FriendlyDealer mimics official app stores…
Capital One Software Expands Databolt to Protect Unstructured Data for AI Use
Capital One Software is expanding its Databolt data security platform with new capabilities aimed at making unstructured data safer to use in analytics and AI initiatives. The company announced the updates at RSAC 2026 in San Francisco. The headline feature…
Case study: How predictive shielding in Defender stopped GPO-based ransomware before it started
Microsoft Defender stopped a human-operated ransomware attack that abused Group Policy Objects (GPOs) to disable defenses and push encryption at scale. This case study breaks down the attacker’s playbook and shows how predictive shielding hardened 700 devices in time, resulting…
Tycoon2FA Phishing Service Resumes Activity Post-Takedown
Tycoon2FA phishing platform resumes activity post-takedown, leveraging AITM techniques to bypass MFA This article has been indexed from www.infosecurity-magazine.com Read the original article: Tycoon2FA Phishing Service Resumes Activity Post-Takedown
Most Cybersecurity Staff Don’t Know How Fast They Could Stop a Cyber-Attack on AI Systems
ISACA survey found that confusion over responsibility and lack of understanding around AI cyber-attacks makes containing them difficult This article has been indexed from www.infosecurity-magazine.com Read the original article: Most Cybersecurity Staff Don’t Know How Fast They Could Stop a…
Lockheed Martin targeted in alleged breach by pro-Iran hacktivist
The group is demanding millions of dollars to not sell the information to U.S. adversaries. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Lockheed Martin targeted in alleged breach by pro-Iran hacktivist
‘CanisterWorm’ Springs Wiper Attack Targeting Iran
A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran’s time zone or have…
Oblivion RAT Turns Fake Play Store Updates Into a Full-Service Android Spyware Operation
A newly discovered Android remote access trojan known as Oblivion RAT has emerged on cybercrime networks as a complete malware-as-a-service (MaaS) platform, turning fake Google Play Store update pages into a full-scale spyware operation. First reported by Certo Software, the…
RSAC 2026 Conference Announcements Summary (Pre-Event)
A summary of the announcements made by vendors in the days leading up to the RSAC 2026 Conference. The post RSAC 2026 Conference Announcements Summary (Pre-Event) appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
SecurityScorecard Debuts TITAN AI to Automate Third-Party Risk Management Workflows
RSAC 2026: SecurityScorecard is using RSA Conference week to roll out TITAN AI, a set of capabilities aimed at taking manual work out of third-party risk management (TPRM) and tying vendor oversight more directly to threat intelligence. The company says…
SOC 2 penetration testing requirements
For organisations pursuing SOC 2, demonstrating effective security controls is central to the audit process. While the framework does not prescribe specific technologies or testing frequencies, it does require evidence that risks are identified, assessed, and mitigated through appropriate controls.…
Global Law Enforcement Disrupts SocksEscort Proxy Network Powered by AVRecon Malware
Federal and regional police units, working alongside independent digital security experts, took down the SocksEscort hacking infrastructure. This setup used hacked gateway gadgets – infected by AVRecon – to route illicit online traffic through hidden channels. A team at…
AiLock Ransomware Hits England Hockey: 129GB Data Breach Under Probe
England Hockey, the national governing body for field hockey in England, is grappling with a serious cybersecurity incident as the ransomware group AiLock claims responsibility for stealing 129GB of sensitive data.The organization, which supports over 800 clubs, 150,000 players,…
High-Tech Sector Overtakes Finance as Top Target for Cyber-Attacks, Mandiant Reports
High tech was the most frequently targeted industry in Mandiant investigations in 2025, overtaking financial services which led in 2023 and 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: High-Tech Sector Overtakes Finance as Top Target…
Stryker confirms cyberattack is contained and restoration underway
An assurance letter from Palo Alto Networks provides insight into the forensic investigation at the medical technology firm. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Stryker confirms cyberattack is contained and restoration…
North Korean Hacker Lands Remote IT Job, Caught After VPN Slip
New research from LevelBlue reveals how a suspected North Korean operative landed a remote IT role to fund national weapons programmes. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More Read the original article:…
The March Madness scam playbook
Fans aren’t the only ones who show up for March Madness. Here’s how to spot all the different scams that turn up to major sporting events. This article has been indexed from Malwarebytes Read the original article: The March Madness…
FBI says Iranian hackers are using Telegram to steal data in malware attacks
Hackers working for Iran’s government are using Telegram in hacking operations that use malware to target dissidents, opposition groups, and journalists who oppose its regime, according to the FBI. This article has been indexed from Security News | TechCrunch Read…
Trivy Scanner Compromise Explained and What it Means For Your SaaS and CI/CD Security
The Trivy supply chain compromise gave attackers a way to deliver malicious infostealer code. Learn how it happened and required remediation steps to audit your environment. The post Trivy Scanner Compromise Explained and What it Means For Your SaaS and…
Quantum threats are already active and the defense response remains fragmented
Enterprises are moving toward post-quantum security at uneven speeds, and the gap between organizations that have built crypto-agility into their infrastructure and those that have adopted the label without the underlying capability is widening. Dr. Tan Teik Guan, CEO of…