Tag: www.infosecurity-magazine.com

RansomHub refines extortion strategy amid RaaS market fractures, expanding affiliate recruitment This article has been indexed from www.infosecurity-magazine.com Read the original article: RansomHub Refines Extortion Strategy as RaaS Market Fractures

Read more →

Microsoft has announced plans to expand cloud and AI infrastructure in the EU, increasing data center capacity by 40% by 2027 This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Expands Cloud, AI Footprint Across Europe

Read more →

The Co-op stores, quick commerce operations and funeral homes are trading as usual This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Retailer Co-op Confirms Hack, Reports “Small Impact” to Its Systems

Read more →

Kristi Noem said the Trump administration is introducing reforms to ensure CISA is focusing on the core security functions it was created for This article has been indexed from www.infosecurity-magazine.com Read the original article: DHS Head Accuses CISA of Acting…

Read more →

The legislation mandates a probe into foreign-made routers to identify risks for US national security This article has been indexed from www.infosecurity-magazine.com Read the original article: US House Approves Bill to Assess Security Threats Posed by Foreign-Made Routers

Read more →

JPMorgan’s CISO has argued that SaaS apps represent a growing risk to businesses, “quietly enabling cyber attackers” This article has been indexed from www.infosecurity-magazine.com Read the original article: JPMorgan CISO Urges SaaS Security Reset

Read more →

The French government has criticized Russia’s APT28 group for attacking 12 entities in a long-running espionage campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: France Slams Russia’s APT28 for Four-Year Cyber-Espionage Campaign

Read more →

New WordPress malware disguised as a plugin gives attackers persistent access and injects malicious code enabling administrative control This article has been indexed from www.infosecurity-magazine.com Read the original article: New WordPress Malware Masquerades as Plugin

Read more →

A new ransomware campaign is automating LockBit deployment via the Phorpiex botnet, according to Cybereason This article has been indexed from www.infosecurity-magazine.com Read the original article: Phorpiex Botnet Delivers LockBit Ransomware with Automated Tactics

Read more →

Administrators of a Telegram channel named CoderSharp have been advertising Gremlin Stealer since March 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: New Gremlin Infostealer Distributed on Telegram

Read more →

Dvuln researchers highlighted the growing impact of infostealers on the cybercrime landscape, enabling attackers to bypass traditional defenses This article has been indexed from www.infosecurity-magazine.com Read the original article: Infostealers Harvest Over 30,000 Australian Banking Credentials

Read more →

Google claims 19% more zero-day bugs were exploited in 2024 than 2022 as threat actors focus on security products This article has been indexed from www.infosecurity-magazine.com Read the original article: Zero-Day Exploitation Figure Surges 19% in Two Years

Read more →

Europol has launched a new initiative designed to combat recruitment of youngsters into violent organized crime groups This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Creates “Violence-as-a-Service” Taskforce

Read more →

Members of the World Uyghur Congress living in exile were targeted with a spear phishing campaign deploying surveillance malware, according to the Citizen Lab This article has been indexed from www.infosecurity-magazine.com Read the original article: Uyghur Diaspora Group Targeted with…

Read more →

50% of mobile devices run outdated operating systems, increasing vulnerability to cyber-attacks, according to the latest report from Zimperium This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Mobile Devices Run Outdated Operating Systems

Read more →

According to the 2025 Global Threat Landscape Report from FortiGuard, threat actors are executing 36,000 scans per second This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Note 16.7% Increase in Automated Scanning Activity

Read more →

An ISACA survey found that just 5% of organizations have a defined strategy to defend against quantum-enabled threats This article has been indexed from www.infosecurity-magazine.com Read the original article: ISACA Highlights Critical Lack of Quantum Threat Mitigation Strategies

Read more →

The US authorities have asked the public to help them unmask China’s Salt Typhoon threat actors This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Asks for Help Tracking Chinese Salt Typhoon Actors

Read more →

The UK government says it will ban the possession or supply of SIM farms, in a fraud crackdown This article has been indexed from www.infosecurity-magazine.com Read the original article: Government Set to Ban SIM Farms in European First

Read more →

Increased law enforcement pressure has forced ransomware groups like DragonForce and Anubis to move away from traditional affiliate models This article has been indexed from www.infosecurity-magazine.com Read the original article: Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

Read more →

A maximum severity flaw affecting SAP NetWeaver has been exploited by threat actors This article has been indexed from www.infosecurity-magazine.com Read the original article: SAP Fixes Critical Vulnerability After Evidence of Exploitation

Read more →

British retailer M&S continues to tackle a cyber incident with online orders now paused for customers This article has been indexed from www.infosecurity-magazine.com Read the original article: M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

Read more →

Researchers have found a Chrome extension that can act on the user’s behalf by using a popular AI agent orchestration protocol This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Experts Flag Chrome Extension Using AI Engine…

Read more →

Panaseer’s latest cybersecurity study revealed that US companies have paid $155M in data breach lawsuit settlements over just six months This article has been indexed from www.infosecurity-magazine.com Read the original article: US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures

Read more →

Backslash Security found that naïve prompts resulted in code vulnerable to at least four of the of the 10 most common vulnerabilities across popular LLMs This article has been indexed from www.infosecurity-magazine.com Read the original article: Popular LLMs Found to…

Read more →

ELENOR-corp ransomware, a new version of Mimic, is targeting healthcare organizations using advanced capabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: ELENOR-corp Ransomware Targets Healthcare Sector

Read more →

A misconfigured tracking tool has exposed protected health information of 4.7 million Blue Shield members to Google Ads This article has been indexed from www.infosecurity-magazine.com Read the original article: Blue Shield of California Data Breach Affects 4.7 Million Members

Read more →

A critical path traversal vulnerability in Commvault’s backup and replication solutions has been reported This article has been indexed from www.infosecurity-magazine.com Read the original article: Highest-Risk Security Flaw Found in Commvault Backup Solutions

Read more →

While the Verizon annual report showed that ransomware is rising, it also found that ransom payments are in decline This article has been indexed from www.infosecurity-magazine.com Read the original article: Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks

Read more →

NCC Group found that ransomware attacks fell by 32% in March compared to February, but described this finding as a “red herring” This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attacks Fall Sharply in March

Read more →

ETSI’s says new technical specification for securing AI models and systems sets international benchmark This article has been indexed from www.infosecurity-magazine.com Read the original article: ETSI Unveils New Baseline Requirements for Securing AI

Read more →

Ofcom’s Protection of Children Codes and Guidance lists 40 new child safety measures for tech firms This article has been indexed from www.infosecurity-magazine.com Read the original article: Ofcom Lays Down the Law with Child Safety Rules for Tech Giants

Read more →

After a 180% rise in last year’s report, the exploitation of vulnerabilities continues to grow, now accounting for 20% of all breaches This article has been indexed from www.infosecurity-magazine.com Read the original article: Verizon’s DBIR Reveals 34% Jump in Vulnerability…

Read more →

The FBI found that cybercrime losses climbed by 33% compared to 2023, driven by tactics like investment fraud and BEC This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Reveals “Staggering” $16.6bn Lost to Cybercrime in 2024

Read more →

Mandiant’s M-Trends report found that credential theft rose significantly in 2024, driven by the growing use of infostealers This article has been indexed from www.infosecurity-magazine.com Read the original article: Vulnerability Exploitation and Credential Theft Now Top Initial Access Vectors

Read more →

Marks and Spencer has confirmed that it has been managing a cyber incident for the past few days which affected its contactless payments and click and collect services This article has been indexed from www.infosecurity-magazine.com Read the original article: M&S…

Read more →

The latest ITRC data finds breach volumes remained flat in Q1 but victim numbers increased 26% annually This article has been indexed from www.infosecurity-magazine.com Read the original article: US Data Breach Victim Count Surges 26% Annually

Read more →

Dutch intelligence report warns of growing Russian aggression with hybrid warfare This article has been indexed from www.infosecurity-magazine.com Read the original article: Dutch Warn of “Whole of Society” Russian Cyber-Threat

Read more →

Barclays found that romance scam victims lost £8000 on average in 2024, a significant increase from the previous year This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Romance Scams Spike 20% as Online Dating Grows

Read more →

The tech giant has released its second Secure Future Initiative (SFI) progress report, showcasing its ongoing efforts to improve cybersecurity This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Reports 92% Adoption Rate for Phishing-Resistant MFA Among…

Read more →

A new malware campaign utilizing NFC-relay techniques has been identified carrying out unauthorized transactions through POS systems and ATMs This article has been indexed from www.infosecurity-magazine.com Read the original article: SuperCard X Enables Contactless ATM Fraud in Real-Time

Read more →

Billbug, a China-linked espionage group, has been observed targeting critical sectors in Southeast Asia with new tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Billbug Espionage Group Deploys New Tools in Southeast Asia

Read more →

Darktrace and Cado said the new campaign highlights a shift towards alternative methods of mining cryptocurrencies This article has been indexed from www.infosecurity-magazine.com Read the original article: New Cryptojacking Malware Targets Docker with Novel Mining Technique

Read more →

Security firm Human lifts the lid on prolific new ad fraud scheme dubbed “scallywag” This article has been indexed from www.infosecurity-magazine.com Read the original article: Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily

Read more →

The UN has warned that Southeast Asian fraud groups are expanding their operations This article has been indexed from www.infosecurity-magazine.com Read the original article: $40bn Southeast Asian Scam Sector Growing “Like a Cancer”

Read more →

Russian state actor Midnight Blizzard is using fake wine tasting events as a lure to spread malware for espionage purposes, according to Check Point This article has been indexed from www.infosecurity-magazine.com Read the original article: Midnight Blizzard Targets European Diplomats…

Read more →

An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild This article has been indexed from www.infosecurity-magazine.com Read the original article: NTLM Hash Exploit Targets Poland and Romania Days…

Read more →

Bipartisan support grows in Congress to extend Cybersecurity Information Sharing Act for 10 years This article has been indexed from www.infosecurity-magazine.com Read the original article: Senators Urge Cyber-Threat Sharing Law Extension Before Deadline

Read more →

IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en masse This article has been indexed from www.infosecurity-magazine.com Read the original article: Identity Attacks Now Comprise a Third of Intrusions

Read more →

Microsoft has blocked fraud worth $4bn as threat actors ramp up AI use This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Thwarts $4bn in Fraud Attempts

Read more →

MITRE will be able to keep running the CVE program for at least the next 11 months This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Throws Lifeline to CVE Program with Last-Minute Contract Extension

Read more →

Sophos found that compromise of network edge devices, such as VPN appliances, accounted for 30% of incidents impacted SMBs in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Network Edge Devices the Biggest Entry Point for…

Read more →

A UK Law firm has been fined £60,000 after data stolen during a 2022 cyber-attack was published on the dark web This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Issues Merseyside-Based Law Firm £60,000 Fine After…

Read more →

Hertz has confirmed a data breach exposing customer data after a zero-day attack targeting file transfer software from Cleo Communications This article has been indexed from www.infosecurity-magazine.com Read the original article: Hertz Data Breach Exposes Customer Information in Cleo Zero-Day…

Read more →

NVISO discovered new variants of the BRICKSTORM backdoor, initially designed for Linux, on Windows systems This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses

Read more →

Study reveals 92% of mobile apps use insecure cryptographic methods, exposing millions to data risks This article has been indexed from www.infosecurity-magazine.com Read the original article: 92% of Mobile Apps Found to Use Insecure Cryptographic Methods

Read more →

Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database This article has been indexed from www.infosecurity-magazine.com Read the original article: Chaos Reigns as MITRE Set to Cease CVE and CWE Operations

Read more →

DataDome warns that DYI bots are snapping up driving test places en masse This article has been indexed from www.infosecurity-magazine.com Read the original article: Scalper Bots Fueling DVSA Driving Test Black Market

Read more →

Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database This article has been indexed from www.infosecurity-magazine.com Read the original article: Chaos Reins as MITRE Set to Cease CVE and CWE Operations

Read more →

Posing as potential employers, Slow Pisces hackers conceal malware in coding challenges sent to cryptocurrency developers on LinkedIn This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Hackers Exploit LinkedIn to Infect Crypto Developers with Infostealers

Read more →

Regulatory compliance and data protection were the biggest cybersecurity challenges cited by UK financial organizations, according to a Bridewell survey This article has been indexed from www.infosecurity-magazine.com Read the original article: Compliance Now Biggest Cyber Challenge for UK Financial Services

Read more →

Pentesting firm Cobalt has found that organizations fix less than half of exploited vulnerabilities, with just 21% of generative AI flaws addressed This article has been indexed from www.infosecurity-magazine.com Read the original article: Organizations Found to Address Only 21% of…

Read more →

Thales report reveals bots now account for 51% of all web traffic, surpassing human activity This article has been indexed from www.infosecurity-magazine.com Read the original article: Bot Traffic Overtakes Human Activity as Threat Actors Turn to AI

Read more →

A UK man has been sentenced to over eight years for masterminding £100m phishing platform LabHost This article has been indexed from www.infosecurity-magazine.com Read the original article: LabHost Phishing Mastermind Sentenced to 8.5 Years

Read more →

Flaw in SureTriggers plugin allows unauthenticated users to create admin accounts on WordPress sites This article has been indexed from www.infosecurity-magazine.com Read the original article: Major WordPress Plugin Flaw Exploited in Under 4 Hours

Read more →

Through the SYS Initiative, Prodaft is offering a secure, anonymous channel for individuals to share information about ongoing cybercrime activities This article has been indexed from www.infosecurity-magazine.com Read the original article: Prodaft Offers “No Judgment” Deal to Buy Dark Web…

Read more →

ResolverRAT targets healthcare organizations using advanced evasion techniques and social engineering This article has been indexed from www.infosecurity-magazine.com Read the original article: New Malware ResolverRAT Targets Healthcare and Pharma Sectors

Read more →

CA/Browser Forum members have voted in favor of shortening TLS/SSL certificate lifespans to 47 days This article has been indexed from www.infosecurity-magazine.com Read the original article: Digital Certificate Lifespans to Fall to 47 Days by 2029

Read more →

The US government has implemented a program that applies export controls on data transactions to certain countries of concern, including China and Russia This article has been indexed from www.infosecurity-magazine.com Read the original article: US Blocks Foreign Governments from Acquiring…

Read more →

Experts have warned that threat actors could hijack AI hallucinations in “slopsquatting” attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: AI Hallucinations Create “Slopsquatting” Supply Chain Threat

Read more →

The NVD program manager has announced undergoing process improvements to catch up with its growing vulnerability backlog This article has been indexed from www.infosecurity-magazine.com Read the original article: NVD Revamps Operations as Vulnerability Reporting Surges

Read more →

Experts at the Google Cloud Next event set out how security teams need to adapt their focuses in the wake of trends such as rising cyber-attacks and advances in AI This article has been indexed from www.infosecurity-magazine.com Read the original…

Read more →

Rockwell Automation, Hitachi Energy and Inaba Denki Sangyo have products affected by critical vulnerabilities carrying severity ratings as high as 9.9 This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems

Read more →

Google Cloud’s Sandra Joyce said that Chinese state actors’ advanced techniques and ability to stay undetected pose huge challenges This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Cloud: China Achieves “Cyber Superpower” Status

Read more →

Google Cloud announced a number of security products designed to reduce complexity for security leaders This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity

Read more →

The Cyber Security Breaches Survey 2025 has been released by the UK Home Office and DSIT today, reporting a slight decline in incidents compared to 2024 report This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 40%…

Read more →

A new Android malware campaign uses fake Google Play pages to distribute the SpyNote Trojan This article has been indexed from www.infosecurity-magazine.com Read the original article: SpyNote Malware Targets Android Users with Fake Google Play Pages

Read more →

A new AI-powered framework dubbed “AkiraBot” has successfully spammed 80,000 websites since September 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: AI-Powered AkiraBot Evades CAPTCHA to Spam 80,000 Websites

Read more →

Police have made more arrests in the ongoing Operation Endgame, cracking down on malware customers This article has been indexed from www.infosecurity-magazine.com Read the original article: Operation Endgame Continues with Smokeloader Customer Arrests

Read more →

WK Kellogg breach exposed employee data after attackers exploited flaws in Cleo software This article has been indexed from www.infosecurity-magazine.com Read the original article: WK Kellogg Confirms Data Breach Tied to Cleo Software Exploit

Read more →

New phishing method targets high-value accounts using real-time email validation This article has been indexed from www.infosecurity-magazine.com Read the original article: Precision-Validated Phishing Elevates Credential Theft Risks

Read more →

While ransomware attack claims are at an all-time high, financial losses from actual attacks may be reducing This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attacks Hit All-Time High as Payoffs Dwindle

Read more →

73% of respondents in an Armis survey said they worried about nation-state actors using AI for cyber-attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Three-Quarters of IT Leaders Fear Nation-State AI Cyber Threats

Read more →

Microsoft has issued security updates to fix 130+ vulnerabilities this month, including one zero-day This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Over 130 CVEs in April Patch Tuesday

Read more →

The UK and allies have warned of new mobile spyware targeting Uyghur, Tibetan and Taiwanese communities This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Warns of Spyware Targeting Chinese and Taiwanese Diaspora

Read more →

Google’s latest Android update fixes 62 flaws, including two zero-days previously used in limited targeted attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Releases April Android Update to Address Two Zero-Days

Read more →

NIST marks CVEs pre-2018 as “Deferred” in the NVD as agency focus shifts to managing emerging threats This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Defers Pre-2018 CVEs to Tackle Growing Vulnerability Backlog

Read more →

Armis survey reveals that the growing threat of nation-state cyber-attacks is disrupting digital transformation This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Firms Stall Digital Projects as Cyber Warfare Risk Surges

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-31161 to its Known Exploited Vulnerabilities (KEV) catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Warns of CrushFTP Vulnerability Exploitation in the Wild

Read more →

The British government has launched a new code of practice designed to boost corporate cyber governance This article has been indexed from www.infosecurity-magazine.com Read the original article: Boards Urged to Follow New Cyber Code of Practice

Read more →

Security researchers from ExtensionTotal have found nine malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign

Read more →

A rise in smishing campaigns impersonating toll service providers has been linked to China’s Smishing Triad This article has been indexed from www.infosecurity-magazine.com Read the original article: Smishing Triad Fuels Surge in Toll Payment Scams in US, UK

Read more →

Xanthorox AI, a self-contained system for offensive cyber operations, has emerged on darknet forums This article has been indexed from www.infosecurity-magazine.com Read the original article: Darknet’s Xanthorox AI Offers Customizable Tools for Hackers

Read more →

Vodafone Business has urged the UK government to implement policy changes, including improvements to the Cyber Essentials scheme and tax incentives for cybersecurity This article has been indexed from www.infosecurity-magazine.com Read the original article: Vodafone Urges UK Cybersecurity Policy Reforms…

Read more →

Osney Capital’s new fund is the first to focus exclusively on early-stage UK cybersecurity This article has been indexed from www.infosecurity-magazine.com Read the original article: Government Backs Britain’s First Cyber Seed Fund, Worth £50m

Read more →

Cyber-attacks on Australian superannuation funds leave some savers out of pocket This article has been indexed from www.infosecurity-magazine.com Read the original article: Aussie Pension Savers Hit with Wave of Credential Stuffing Attacks

Read more →

A joint cybersecurity advisory warns organizations globally about the defense gap in detecting and blocking fast flux techniques, which are exploited for malicious activities This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Agencies Warn of Fast…

Read more →

Mandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw

Read more →

The threat actors initially attempted to compromise projects associated with the Coinbase cryptocurrency exchange, said Palo Alto Networks This article has been indexed from www.infosecurity-magazine.com Read the original article: Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise

Read more →

An international law enforcement operation has shut down Kidflix, a platform for child sexual exploitation with 1.8m registered users This article has been indexed from www.infosecurity-magazine.com Read the original article: Major Online Platform for Child Exploitation Dismantled

Read more →