Beaming research reveals that nearly half of UK SMEs have lost data since 2019, costing billions This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of British SMEs Have Lost Data in Past Five Years
Tag: EN
The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy
Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and turning them into bots for the Faceless proxy service. TheMoon bots grew to over 40,000 in early 2024 and enabled Faceless to gain nearly 7,000 new…
2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now
Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including two zero-day exploits showcased at the prestigious Pwn2Own 2024 hacking competition. The update, which affects Chrome users on Windows, Mac, and Linux, elevates the browser version…
Android Malware Vultur Expands Its Wingspan
Authored by Joshua Kamp Executive summary The authors behind Android banking malware Vultur have been spotted adding new technical features, which allow the malware operator to further remotely interact with the victim’s mobile device. Vultur has also started masquerading more…
Coro, building cybersecurity for SMBs, locks down $100M at a $750M valuation
Enterprises and other large organizations have long been a lucrative and obvious target for cybercriminals, but in recent years — thanks to more sophisticated breach techniques and the rise of AI — small and medium businesses are now also very…
Calls to Incident Response Helpline Double in a Year
A rising volume of calls to the Scottish Cyber and Fraud Centre highlights surging threat levels This article has been indexed from www.infosecurity-magazine.com Read the original article: Calls to Incident Response Helpline Double in a Year
Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs
In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) students published by the National Bureau for Economic Research (NBER) found that 98% of them were willing to give away their friends’ email addresses in exchange for free pizza. “Whereas…
These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb
One might say this is a wurst case scenario The German Federal Office for Information Security (BIS) has issued an urgent alert about the poor state of Microsoft Exchange Server patching in the country.… This article has been indexed from…
Understanding ISO 27001:2022 Annex A.5 – Information Security Policies
We started the ISO 27001:2022 series with the promise of explaining how the 14 categories of controls can be implemented. We start today with A.5. Information Security Policies. Contents Toggle Importance of Information Security Policies Implementing Annex A.5 in…
AI hallucinates software packages and devs download them – even if potentially poisoned with malware
Simply look out for libraries imagined by ML and make them real, with actual malicious code. No wait, don’t do that In-depth Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI.… This…
Exvagos – 2,121,789 breached accounts
In July 2022, the direct download website Exvagos suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 2.1M unique email addresses along with IP addresses, usernames, dates of birth and…
Execs in Japan busted for winning dev bids then outsourcing to North Koreans
Government issues stern warning over despot money-making scheme Two executives were issued arrest warrants in Japan on Wednesday, reportedly for charges related to establishing a business that outsourced work to North Korean IT engineers.… This article has been indexed from…
Enterprises increasingly block AI transactions over security concerns
Enterprises must secure a transformation driven by generative AI (GenAI) bidirectionally: by securely adopting GenAI tools in the enterprise with zero trust while leveraging it to defend against the new AI-driven threat landscape, according to Zscaler. AI has already become…
Debunking compliance myths in the digital era
Despite recent economic fluctuations, the software-as-a-service (SaaS) market isn’t letting up. The industry is set to grow annually by over 18% and be valued at $908.21 billion by 2030. It’s evident the industry is fueled by an increasing reliance on…
Cyber Attack suspected behind Baltimore Bridge Collapse
The incident that shook Baltimore on March 26, 2024, when a cargo vessel collided with the Baltimore Bridge, resulting in its collapse into the Patapsco River, has sparked widespread speculation and concern. In the early hours of March 27, 2024,…
Ransomware attack on Big Issue and University of Winnipeg
The Qilin Ransomware group is under scrutiny for breaching the servers of the UK-based newspaper ‘The Big Issue Group.’ Reports indicate that the perpetrators successfully accessed confidential data from the victim and are now holding the entire database hostage, encrypting…
How CISOs tackle business payment fraud
In this Help Net Security video, Shai Gabay, CEO of Trustmi, discusses why payments are a source of cyber worry for CISOs. CISOs are worried about Business Email Compromise (BEC), cyber attackers’ use of AI, and securing the supply chain.…
AI weaponization becomes a hot topic on underground forums
The majority of cyberattacks against organizations are perpetrated via social engineering of employees, and criminals are using new methods including AI to supercharge their techniques, according to ReliaQuest. Some 71% of all attacks trick employees via the use of phishing,…
China encouraged armed offensive against Myanmar government to protest proliferation of online scams
Report claims Beijing is most displaced by junta’s failure to address slave labor scam settlements The military junta controlling Myanmar has struggled to control all of its territory thanks in part to China backing rebel forces as a way of…
Cybercriminals use cheap and simple infostealers to exfiltrate data
The rise in identity-based attacks can be attributed to a rapid increase in malware, according to SpyCloud. Researchers found that 61% of data breaches in 2023, involving over 343 million stolen credentials, were infostealer malware-related. Of these compromised identity records,…