Tag: www.infosecurity-magazine.com

Germany, the Netherlands and four of the Five Eyes countries share a common asset inventory for industrial cybersecurity This article has been indexed from www.infosecurity-magazine.com Read the original article: US and Five Global Partners Release First Unified OT Security Taxonomy

Read more →

Cisco has issued a software update to address the vulnerability, which can allow an unauthenticated, remote attacker to inject arbitrary shell commands This article has been indexed from www.infosecurity-magazine.com Read the original article: Cisco Discloses Critical RCE Flaw in Firewall…

Read more →

A new Checkmarx study reveals that AI-generated code now accounts for over 60% of codebases in some companies, much of which contains known vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Majority of Organizations Ship Vulnerable…

Read more →

A RUSI report warned that money mules are exploiting inadequate security controls in smaller payment service providers to move fraudulent transactions about This article has been indexed from www.infosecurity-magazine.com Read the original article: Authorized Push Payment Fraud a National Security…

Read more →

A flaw in KernelSU 0.5.7 allows attackers to impersonate its manager app and gain root access to Android devices This article has been indexed from www.infosecurity-magazine.com Read the original article: KernelSU v0.5.7 Flaw Lets Android Apps Gain Root Access

Read more →

An ongoing malware campaign has been observed using malvertising to deliver PS1Bot, a PowerShell-based framework This article has been indexed from www.infosecurity-magazine.com Read the original article: Malvertising Campaign Deploys Modular PowerShell Malware PS1Bot

Read more →

The Bureau’s Internet Crime Complaint Center has provided a list of indicators for potential cryptocurrency scam victims to avoid a double whammy This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Shares Tips to Spot Fake Lawyer…

Read more →

Abnormal AI said gaining access to such accounts provides opportunities for sophisticated fraud schemes that impersonate officials This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacked Law Enforcement and Government Email Accounts Sold on Dark Web for…

Read more →

Fortinet reveals details of a new critical-rated vulnerability in FortiSIEM circulating in the wild This article has been indexed from www.infosecurity-magazine.com Read the original article: Fortinet Warns Exploit Code Available for Critical Vulnerability

Read more →

The UK government has announced 10 new live facial recognition police vans to be deployed around the country This article has been indexed from www.infosecurity-magazine.com Read the original article: Campaigners Slam Expansion of Police Facial Recognition Schemes in UK

Read more →

A critical RCE vulnerability in Erlang’s OTP SSH daemon has been identified that allows unauthenticated command execution This article has been indexed from www.infosecurity-magazine.com Read the original article: Erlang/OTP SSH Vulnerability Sees Spike in Exploitation Attempts

Read more →

AI-powered trading platforms have been observed exploiting deepfake technology to trick investors with fake endorsements This article has been indexed from www.infosecurity-magazine.com Read the original article: Deepfake AI Trading Scams Target Global Investors

Read more →

The personal data of almost 145,000 people who were registered in Manpower’s systems was compromised This article has been indexed from www.infosecurity-magazine.com Read the original article: Staffing Company Manpower Discloses Large-Scale Data Breach

Read more →

Mayor of St. Paul, Minnesota, Melvin Carter, confirmed that employee data was published online by the Interlock ransomware gang This article has been indexed from www.infosecurity-magazine.com Read the original article: St. Paul’s Mayor Confirms Interlock Data Leak

Read more →

The US Department of Justice has announced the seizure of domains, servers and $1m in proceeds from the BlackSuit ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: US Authorities Seize $1m from BlackSuit Ransomware Group

Read more →

Microsoft announced updates for 107 vulnerabilities on Patch Tuesday, including one zero-day This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Over 100 CVEs on August Patch Tuesday

Read more →

In a new investigation launched at DEFCON 33, Analyst1’s Jon DiMaggio revealed probable Russian government involvement in the Kaseya attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacker Alleges Russian Government Role in Kaseya Cyber-Attack

Read more →

A new technique has bypassed GPT-5’s safety systems via narrative-driven steering to elicit harmful output This article has been indexed from www.infosecurity-magazine.com Read the original article: GPT-5 Safeguards Bypassed Using Storytelling-Driven Jailbreak

Read more →

Over 29,000 Microsoft Exchange servers remain unpatched against a vulnerability that could allow attackers to seize control of entire domains in hybrid cloud environments This article has been indexed from www.infosecurity-magazine.com Read the original article: 29,000 Servers Remain Unpatched Against…

Read more →

The sophisticated campaign aims to steal credentials of sponsor license holders to facilitate immigration fraud, extortion and other monetization schemes This article has been indexed from www.infosecurity-magazine.com Read the original article: Home Office Phishing Scam Targets UK Immigration Sponsors

Read more →

Rapid7 found that threat actors are able to purchase low-cost initial access broker services, with many packages offering a variety of options This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Exploit Low-Cost Initial Access Broker Market

Read more →

While “fairly primitive”, APT28’s LameHug was a testbed for future AI-powered attacks, said two MITRE experts during Black Hat USA 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: MITRE: Russian APT28’s LameHug, a Pilot for Future…

Read more →

New threat intelligence points to targeting of financial services and technology sectors by ShinyHunters group This article has been indexed from www.infosecurity-magazine.com Read the original article: Financial Services Could Be Next in Line for ShinyHunters

Read more →

Threat actors have stolen data on at least half a million cancer screening patients This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Raid Dutch Lab, Stealing Data on 500,000 Patients

Read more →

A flaw in WinRAR, tracked as CVE-2025-8088, has been exploited by the RomCom group to deploy malware This article has been indexed from www.infosecurity-magazine.com Read the original article: New WinRAR Zero-Day Exploited by RomCom Hackers

Read more →

A cyber-attack at Connex Credit Union has compromised data of 172,000 individuals, including sensitive information This article has been indexed from www.infosecurity-magazine.com Read the original article: Connex Credit Union Breach Exposes 172,000 Members’ Data

Read more →

Four senior members of a Ghana-based criminal network have been indicted for stealing over $100 million through romance scams and BEC frau This article has been indexed from www.infosecurity-magazine.com Read the original article: Ghanaian Nationals Extradited for Roles in $100M…

Read more →

TRM Labs observed crypto payments worth $34.2m moved from victims addresses to a range of destinations likely associated with the group This article has been indexed from www.infosecurity-magazine.com Read the original article: Embargo Ransomware Gang Amasses $34.2m in Attack Proceeds

Read more →

Eight European countries have yet to transpose NIS2 into law, exposing them to regulatory action This article has been indexed from www.infosecurity-magazine.com Read the original article: Eight Countries Face EU Action Over NIS2 Deadline Failings

Read more →

Commercial red team experts believe AI’s current impact on cyber is overstated This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Red Teamers “Deeply Skeptical” of AI

Read more →

The winners of the AI Cybersecurity Challenge (AIxCC), Team Atlanta, won a $4m prize This article has been indexed from www.infosecurity-magazine.com Read the original article: #DEFCON: AI Cyber Challenge Winners Revealed in DARPA’s $4M Cybersecurity Showdown

Read more →

Leaders of the US Cybersecurity and Infrastructure Agency (CISA) pushed back on layoff concerns and highlighted new initiatives This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: CISA Execs ‘Hopeful’ for Extension of Cybersecurity Information Sharing Act

Read more →

The Information Commissioner has applied for a civil penalty against Optus following the 2022 data breach that exposed the personal details of 9.5 million Australians This article has been indexed from www.infosecurity-magazine.com Read the original article: Australian Regulator Sues Optus…

Read more →

The judiciary announced stronger protections for its case management system following reports of a major breach of sensitive court documents in multiple states This article has been indexed from www.infosecurity-magazine.com Read the original article: US Federal Judiciary Tightens Security Following…

Read more →

Bouygues Telecom revealed the attackers stole personal data of 6.4 million customers, including contact details, contractual data and international bank account numbers This article has been indexed from www.infosecurity-magazine.com Read the original article: Bouygues Telecom Data Breach Exposes 6.4 Million…

Read more →

The NSA’s CAPT program, launched in 2024 with Horizon3.ai, now benefits 1000 of the 300,000 US Defense Industrial Base companies This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: 1000 DoD Contractors Now Covered by NSA’s Free…

Read more →

A new Microsoft AI agent, named Project Ire, is able to autonomously classify malware at a global scale with a high level of precision This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Microsoft Debuts AI Agent…

Read more →

Microsoft Exchange customers have been urged to apply fixes set out in a hybrid deployment security update published in April This article has been indexed from www.infosecurity-magazine.com Read the original article: New Microsoft Exchange Vulnerability Puts Hybrid Cloud Environments at…

Read more →

Google confirms it was among the victims of an ongoing data theft campaign targeting Salesforce instances, where publicly available business names and contact details were retrieved by the threat actor This article has been indexed from www.infosecurity-magazine.com Read the original…

Read more →

A UK government initiative to tackle Companies House fraud has raised security concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Alarmed by UK Government’s Companies House ID Checks

Read more →

SonicWall has claimed an uptick in Akira ransomware intrusions is due to legacy password use This article has been indexed from www.infosecurity-magazine.com Read the original article: SonicWall: Attacks Linked to Legacy Bug and Password Use

Read more →

Claroty researchers have uncovered four vulnerabilities in a proprietary protocol used by surveillance equipment manufacturer Axis Communications This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Security Researchers Uncover Critical Flaws in Axis CCTV Software

Read more →

According to Infoblox’s new report, the VexTrio cybercrime-enabling network originates from Italy and Eastern Europe This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Researchers Expose Infrastructure Behind Cybercrime Network VexTrio

Read more →

The incident, reported to be ransomware-related, has resulted in attackers stealing sensitive personal and clinical data, including lab test results This article has been indexed from www.infosecurity-magazine.com Read the original article: Clinical Data Stolen in Cyber-Attack on Kidney Dialysis Provider…

Read more →

A Nigerian man accused of hacking, fraud and identity theft has been extradited from France to the US to face charges This article has been indexed from www.infosecurity-magazine.com Read the original article: US Authorities Extradite Nigerian Man Accused of Hacking…

Read more →

GenAI company OpenAI has launched its first-ever open-weight models alongside a red teaming challenge This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: OpenAI Launches Red Teaming Challenge for New Open-Weight LLMs

Read more →

During the pre-Black Hat AI Summit, Sean Morgan, Protect AI’s Chief Architect, highlighted the three most prominent security risks of using AI agents This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Exploring the Top Cyber Threats…

Read more →

Adversaries are prioritizing stealth over scale, according to OPSWAT’s latest Threat Landscape Report This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Malware Complexity Jumps 127% in Six Months

Read more →

Trend Micro has released a temporary fix for the flaws, which enable remote code execution on on-prem Apex One machines This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Are Targeting Critical Apex One Vulnerabilities, Trend Micro…

Read more →

Ransomware actors deploy a range of activities to make it harder for victims to recover and increase the consequences of not paying demands This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Actors Expand Tactics Beyond Encryption…

Read more →

The UK’s National Cyber Security Centre has released the Cyber Assessment Framework 4.0 This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Updates Cyber Assessment Framework to Build UK CNI Resilience

Read more →

Chanel and Pandora have revealed data breaches reportedly linked to attacks on their Salesforce instances This article has been indexed from www.infosecurity-magazine.com Read the original article: Chanel and Pandora Breached as Salesforce Campaign Continues

Read more →

Experts, including Allan Friedman, CISA’s leading voice on SBOMs until July 2025, emphasized that AI BOMs should be standardized before being implemented This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Experts Urge Greater AI Supply Chain…

Read more →

SecAlliance highlighted the evolution in smishing campaigns orchestrated by Chinese syndicates, which exploit digital wallet tokenization This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Smishing Campaigns Compromise up to 115 Million US Payment Cards

Read more →

Critical vulnerabilities in NVIDIA’s Triton Inference Server, discovered by researchers, could allow unauthenticated attackers to gain full server control through remote code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Vulnerabilities Found in NVIDIA’s Triton…

Read more →

IANS found that stagnant budget growth rates have significantly impacted CISOs ability to increase their teams’ headcount This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Teams Hit by Lowest Budget Growth in Five Years

Read more →

SecurityScorecard analysis highlights wide variety of Iranian threat actors and coordination with military activity This article has been indexed from www.infosecurity-magazine.com Read the original article: Pro-Iran Hackers Aligned Cyber with Kinetic War Aims

Read more →

Cifas noted a record number of filings in its National Fraud Database for the first half of 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: AI Fuels Record Number of Fraud Cases

Read more →

Python-based PXA Stealer has stolen data from more than 4000 victims in over 62 countries, according to SentinalLabs This article has been indexed from www.infosecurity-magazine.com Read the original article: Ghost in the Zip Reveals Expanding Ecosystem Behind PXA Stealer

Read more →

Forescout also observed a big rise in CVEs added to CISA’s KEV catalog, some of which impacted end-of-life products This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Microsoft and Google Among Most Affected as Zero Day…

Read more →

Web traffic to AI sites surged 50% from Feb 2024 to Jan 2025, driven by browser-based GenAI tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Web-Based AI Usage Surge Shifts Global Internet Traffic Patterns

Read more →

Arctic Wolf has spotted an increase in Akira ransomware attacks targeting SonicWall SSL VPNs This article has been indexed from www.infosecurity-magazine.com Read the original article: Uptick in Akira Ransomware Actors Targeting SonicWall VPNs

Read more →

The Pwn2Own competition is offering a $1m reward to any teams able to unearth a WhatsApp code execution exploit This article has been indexed from www.infosecurity-magazine.com Read the original article: Pwn2Own Offers $1m for Zero-Click WhatsApp Exploit

Read more →

CrowdStrike revealed the surge in cloud intrusions was partly driven by a 40% increase in Chinese-state actors exploiting these environments This article has been indexed from www.infosecurity-magazine.com Read the original article: #BHUSA: Cloud Intrusions Skyrocket in 2025

Read more →

Spikes in attacker activity precede the disclosure of vulnerabilities 80% of the time, according to a new GreyNoise report This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Regularly Exploit Vulnerabilities Before Public Disclosure, Study Finds

Read more →

Microsoft has observed Russian state actor Secret Blizzard using an AiTM position to gain initial access, assisted by official domestic intercept systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Secret Blizzard Targets Moscow-Based Embassies in New…

Read more →

Flashpoint data reveals an 800% increase in credentials stolen via infostealers in just six months This article has been indexed from www.infosecurity-magazine.com Read the original article: Staggering 800% Rise in Infostealer Credential Theft

Read more →

The UK’s AI Security Institute has announced a new AI misalignment research program This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Leads the Way with £15m AI Alignment Project

Read more →

The DoubleTrouble Android banking Trojan has evolved, using Discord for delivery and introducing several new features This article has been indexed from www.infosecurity-magazine.com Read the original article: Android Malware Targets Banking Users Through Discord Channels

Read more →

CISA has launched a new tool to streamline cyber incident response and aid in adversary eviction This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Unveils Eviction Strategies Tool to Aid Incident Response

Read more →

Semperis found that executives were physically threatened in 40% of ransomware incidents, in a bid to pressure victims to pay demands This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attacks Escalate to Physical Threats Against Executives

Read more →

The arrest of members of the Scattered Spider cyber-attack group have temporarily halted new intrusions, however, similar threat actors continue to pose risks This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals ‘Spooked’ After Scattered Spider Arrests

Read more →

Avast researchers shared a step-by-step guide to decrypt files for victims of FunkSec ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: FunkSec Ransomware Victims Can Now Recover Files with Free Decryptor

Read more →

Experts argue that password managers are still useful despite Microsoft Authenticator ditching its capabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Passwordless Future Years Away Despite Microsoft Authenticator Move

Read more →

North Korea’s Lazarus Group has been blamed for a cyber-espionage campaign using open source packages This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 200 Malicious Open Source Packages Traced to Lazarus Campaign

Read more →

A SentinelLabs report has revealed patents linked to firms aiding China’s cyber-espionage operations, exposing new capabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Hafnium Tied to Advanced Chinese Surveillance Tools

Read more →

A covert ATM attack used a Raspberry Pi to breach bank systems, employing stealthy malware and anti-forensics techniques This article has been indexed from www.infosecurity-magazine.com Read the original article: Hidden Backdoor Found in ATM Network via Raspberry Pi

Read more →

Google’s Project Zero team will provide limited details of new vulnerabilities early following discovery, in a bid to speed up end users’ patching This article has been indexed from www.infosecurity-magazine.com Read the original article: Google to Publicly Report New Vulnerabilities…

Read more →

32.1% of vulnerabilities listed in VulnCheck’s Known Exploited Vulnerabilities catalog were weaponized before being detected or within the following day This article has been indexed from www.infosecurity-magazine.com Read the original article: Third of Exploited Vulnerabilities Weaponized Within a Day of…

Read more →

IBM found that the global average cost of a data breach has fallen by 9% compared to 2024, driven by improved detection and containment This article has been indexed from www.infosecurity-magazine.com Read the original article: Data Breach Costs Fall for…

Read more →

A total of 396 compromised Microsoft SharePoint systems have been identified globally, affecting 145 organizations across 41 countries in the wake of the ToolShell zero-day vulnerability This article has been indexed from www.infosecurity-magazine.com Read the original article: US Tops Hit…

Read more →

The comprehensive guidance focuses on technical recommendations for securing agentic AI applications, from development to deployment This article has been indexed from www.infosecurity-magazine.com Read the original article: OWASP Launches Agentic AI Security Guidance

Read more →

Some of Orange’s professional and consumer services may be disrupted for a few days because of the cyber incident This article has been indexed from www.infosecurity-magazine.com Read the original article: French Telco Orange Hit by Cyber-Attack

Read more →

Flaw in Base44 allowed unauthorized access to private apps, bypassing authentication systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Authentication Flaw Identified in Base44 Vibe Coding Platform

Read more →

Backdoor malware Auto-Color targets Linux systems, exploiting SAP NetWeaver flaw CVE-2025-31324 This article has been indexed from www.infosecurity-magazine.com Read the original article: Auto-Color Backdoor Malware Exploits SAP Vulnerability

Read more →

Hackers are actively exploiting two critical flaws in Cisco Identity Services Engine, said the US Cybersecurity and Infrastructure Security Agency This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity…

Read more →

The federal government has applied for forfeiture of the funds, which were seized by FBI Dallas in April 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Seizes $2.4m in Crypto from Chaos Ransomware Gang

Read more →

A Scottish charity has been fined £18,000 for systematic data protection failings This article has been indexed from www.infosecurity-magazine.com Read the original article: Charity Fined After Destroying “Irreplaceable” Records

Read more →

Two pro-Ukraine hacktivists have claimed responsibility for a destructive attack on Aeroflot This article has been indexed from www.infosecurity-magazine.com Read the original article: Pro-Ukraine Hacktivists Ground Dozens of Aeroflot Flights

Read more →

10,000 WordPress sites vulnerable to takeover due to critical flaws in HT Contact Form Widget plugin This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Flaws in WordPress Plugin Leave 10,000 Sites Vulnerable

Read more →

Scattered Spider has targeted VMware vSphere environments, exploiting retail, airline and insurance sectors This article has been indexed from www.infosecurity-magazine.com Read the original article: New Scattered Spider Tactics Target VMware vSphere Environments

Read more →

Insurance firm Allianz Life said that a threat actor accessed personally identifiable information of the majority of its 1.4 million US customers This article has been indexed from www.infosecurity-magazine.com Read the original article: Third-Party Breach Impacts Majority of Allianz Life…

Read more →

Despite claims by a hacker, French defense company Naval Group has detected no intrusions into its IT environments at the time of writing This article has been indexed from www.infosecurity-magazine.com Read the original article: Naval Group Denies Hack Claims, Alleges…

Read more →

Arizonan woman sentenced to 102 months for operating laptop farm for North Korean IT workers This article has been indexed from www.infosecurity-magazine.com Read the original article: US Woman Gets Eight Years for Part in $17m North Korean Scheme

Read more →

Dating app Tea has been compromised by a hacker, resulting in the exposure of 13,000 selfies This article has been indexed from www.infosecurity-magazine.com Read the original article: Dating App Breach Exposes Images of 13,000 Women

Read more →

The US and partners from nine countries have taken down part of the ransomware group’s infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackSuit Ransomware Group’s Dark Web Sites Seized in Operation Checkmate

Read more →

Sygnia observed Chinese cyber campaign dubbed Fire Ant deploying sophisticated techniques to gain full compromise of victim environments, discovering isolated assets This article has been indexed from www.infosecurity-magazine.com Read the original article: Prolonged Chinese Cyber Espionage Campaign Targets VMware Appliances

Read more →

Cisco Talos warned that the Chaos group, thought to be formed of former BlackSuit members, has launched a wave of attacks targeted a variety of sectors This article has been indexed from www.infosecurity-magazine.com Read the original article: New Chaos Ransomware…

Read more →

A large-scale malware campaign known as SarangTrap has been observed using fake dating apps to steal personal data, targeting South Korean users This article has been indexed from www.infosecurity-magazine.com Read the original article: Malware Campaign Masquerades as Dating Apps to…

Read more →

The US FBI has issued public announcements warning families of The Com, an online criminal network involving minors in various illicit activities This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Exposes The Com’s Criminal Activities and…

Read more →