Tag: www.infosecurity-magazine.com

The US Cybersecurity and Infrastructure Security Agency (CISA) has added five new flaws in Ivanti and VeraCore products to its Known Exploited Vulnerabilities catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges All Organizations to…

Read more →

More than 14,500 girls from across the UK took part in this year’s CyberFirst Girls competition This article has been indexed from www.infosecurity-magazine.com Read the original article: Record Number of Girls Compete in CyberFirst Contest

Read more →

Pro-Palestine Dark Storm Team group claims responsibility for major DDoS attacks on X This article has been indexed from www.infosecurity-magazine.com Read the original article: DDoS Blamed as X Suffers Multiple Outages

Read more →

SIM swapping fraud surges in the Middle East as cybercriminals exploit websites mimicking legitimate services to steal personal data This article has been indexed from www.infosecurity-magazine.com Read the original article: SIM Swapping Fraud Surges in the Middle East

Read more →

A new report by Fortinet reveals techniques used by attackers to evade detection and compromise systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Surge in Malicious Software Packages Exploits System Flaws

Read more →

The Alan Turing institute urged government and academia to address systemic cultural and structural security barriers in UK AI research This article has been indexed from www.infosecurity-magazine.com Read the original article: UK AI Research Under Threat From Nation-State Hackers

Read more →

Starting April 2025, Swiss critical infrastructure organizations will have to report cyber-attacks to the country’s authorities within 24 hours of discovery This article has been indexed from www.infosecurity-magazine.com Read the original article: Switzerland Mandates Cyber-Attack Reporting for Critical Infrastructure

Read more →

Software developer Davis Lu cost his employer hundreds of thousands after deploying malware that caused crashes and failed logins This article has been indexed from www.infosecurity-magazine.com Read the original article: Texas Developer Convicted After Kill Switch Sabotage Plot

Read more →

Fortra claims the number of unauthorized Cobalt Strike licenses in the wild fell 80% over two years This article has been indexed from www.infosecurity-magazine.com Read the original article: Number of Unauthorized Cobalt Strike Copies Plummets 80%

Read more →

Travelers found that ransomware groups are focusing on targeting weak credentials on VPN and gateway accounts for initial access, marking a shift from 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Groups Favor Repeatable Access…

Read more →

AI-driven cyberattacks are rapidly escalating, with a vast majority of security professionals reporting encounters and anticipating a surge, while struggling with detection This article has been indexed from www.infosecurity-magazine.com Read the original article: Majority of Orgs Hit by AI Cyber-Attacks…

Read more →

Symantec found that Medusa has listed almost 400 victims on its data leaks site since early 2023, demanding ransom payments as high as $15m This article has been indexed from www.infosecurity-magazine.com Read the original article: Medusa Ransomware Claims 40+ Victims…

Read more →

An arbitrary file upload vulnerability in the Chaty Pro plugin has been identified, affecting 18,000 WordPress sites This article has been indexed from www.infosecurity-magazine.com Read the original article: Vulnerability in Chaty Pro Plugin Exposes 18,000 WordPress Sites

Read more →

Attackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt Strike for persistence This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Target Japanese Firms with Cobalt Strike

Read more →

Attackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt Strike for persistence This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Targeting Japanese Firms with Cobalt Strike

Read more →

Layoffs and cutbacks have been cited as major factors in a significant drop in job satisfaction among women working in cybersecurity, according to ISC2 This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Job Satisfaction Plummets, Women…

Read more →

Enisa identifies six sectors that it says must improve on NIS2 compliance This article has been indexed from www.infosecurity-magazine.com Read the original article: Six Critical Infrastructure Sectors Failing on NIS2 Compliance

Read more →

The DoJ has charged Chinese government and i-Soon employees for a series of for-profit data theft campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: US Charges Members of Chinese Hacker-for-Hire Group i-Soon

Read more →

Chinese espionage group Silk Typhoon is increasingly exploiting common IT solutions to infiltrate networks and exfiltrate data This article has been indexed from www.infosecurity-magazine.com Read the original article: Silk Typhoon Shifts Tactics to Exploit Common IT Solutions

Read more →

Nonprofits are facing a surge in cyber-attacks as email threats rise 35%, targeting donor data and transactions This article has been indexed from www.infosecurity-magazine.com Read the original article: Nonprofits Face Surge in Cyber-Attacks as Email Threats Rise 35%

Read more →

With Android Scam Detection for messages and calls, Google wants to push scam detection further than traditional spam detection This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Introduces New AI-Powered Scam Detection Features for Android

Read more →

ISACA identified factors such as heavy workload and long hours as the primary causes of stress, while there has been high turnover of IT professionals in the past two years This article has been indexed from www.infosecurity-magazine.com Read the original…

Read more →

New SANS Institute research finds that 50% of global organizations were hit by an OT security incident in the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half of Organizations Report Serious OT Security…

Read more →

GuidePoint Security has received reports of multiple organizations receiving ransom letters in the mail This article has been indexed from www.infosecurity-magazine.com Read the original article: Would-be Extortionists Send “BianLian” Ransom Notes in the Mail

Read more →

A cyber-espionage campaign targeting UAE aviation and transport has been identified by researchers, using customized lures to deploy Sosano malware This article has been indexed from www.infosecurity-magazine.com Read the original article: New Cyber-Espionage Campaign Targets UAE Aviation and Transport

Read more →

Private 5G networks face security risks amid AI adoption and a lack of specialized expertise This article has been indexed from www.infosecurity-magazine.com Read the original article: Private 5G Networks Face Security Risks Amid AI Adoption

Read more →

Cloud software firm VMware has issued a critical security advisory, detailing three zero-day vulnerabilities being actively exploited in the wild This article has been indexed from www.infosecurity-magazine.com Read the original article: VMware Warns Customers to Patch Actively Exploited Zero-Day Vulnerabilities

Read more →

Nisos has found six personas leveraging new and existing GitHub accounts to get developer jobs in Japan and the US This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Fake IT Workers Leverage GitHub to Build…

Read more →

Fastly found that organizations have introduced changes such as increasing CISO participation in strategic decisions in response to growing personal liability risks This article has been indexed from www.infosecurity-magazine.com Read the original article: CISO Liability Risks Spur Policy Changes at…

Read more →

CISA has added five more CVEs into its known exploited vulnerabilities catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Government to Patch Exploited Cisco, Microsoft Flaws

Read more →

Sumsub research finds European iGaming market is losing billions to fraud each year This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Online Gambling Firms Lose 10% of Revenue to Fraud

Read more →

Phishing attack exploits social engineering techniques alongside Microsoft Teams and remote access software to deploy BackConnect malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Leverage Microsoft Teams and Quick Assist for Access

Read more →

The US Cybersecurity and Infrastructure Security Agency confirmed it will keep defending against Russian cyber threats to US critical infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Denies Reports of Shift in Cybersecurity Posture Amid…

Read more →

A new phishing campaign has been identified using Havoc to control infected systems, leveraging SharePoint and Microsoft Graph API This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Campaign Uses Havoc Framework to Control Infected Systems

Read more →

Telecoms provider Vodafone has developed the new proof of concept with IBM, as it seeks to implement post-quantum cryptography ahead of anticipated quantum-based attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Vodafone Trials Quantum-Safe Tech to…

Read more →

The Information Commissioner’s Office is now investigating how TikTok uses 13–17-year-olds’ personal information This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Launches TikTok Investigation Over Use of Children’s Data

Read more →

Threat actors are exploiting a zero-day bug in Paragon Partition Manager’s BioNTdrv.sys driver during ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: BYOVD Attacks Exploit Zero-Day in Paragon Partition Manager

Read more →

Data from Resilience found that third-party attacks made up 23% of material cyber insurance claims in 2024, with ransomware attacks targeting vendors a major driver This article has been indexed from www.infosecurity-magazine.com Read the original article: Third-Party Attacks Drive Major…

Read more →

In February 2025, Sophos completed the Secureworks deal and SolarWinds went private This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity M&A Roundup: SolarWinds Acquired for $4.4bn

Read more →

Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report This article has been indexed from www.infosecurity-magazine.com Read the original article: Old Vulnerabilities…

Read more →

A joint operation between the Thai and Singapore police has resulted in the arrest of a man allegedly responsible for over 90 data extortion attacks worldwide This article has been indexed from www.infosecurity-magazine.com Read the original article: Prolific Data Extortion…

Read more →

DragonForce ransomware attacks Saudi firms stealing 6TB data, escalating cyber threats in real estate This article has been indexed from www.infosecurity-magazine.com Read the original article: DragonForce Ransomware Hits Saudi Firm, 6TB Data Stolen

Read more →

Winos 4.0 malware uses phishing emails to target organizations in Taiwan, Fortinet experts warn This article has been indexed from www.infosecurity-magazine.com Read the original article: Winos 4.0 Malware Targets Taiwan With Email Impersonation

Read more →

Veracode found a 47% increase in the average time taken to patch software vulnerabilities, driven by growing reliance on third-party code This article has been indexed from www.infosecurity-magazine.com Read the original article: Software Vulnerabilities Take Almost Nine Months to Patch

Read more →

In its 2025 Global Threat Report, CrowdStrike observed a significant escalation in Chinese cyber espionage activities This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Cyber Espionage Jumps 150%, CrowdStrike Finds

Read more →

OpenSSF has released new baseline security best practices to improve open source software quality This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenSSF Publishes Security Framework for Open Source Software

Read more →

FBI confirms North Korea’s Lazarus Group responsible for Bybit crypto heist This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Confirms North Korea’s Lazarus Group as Bybit Crypto Hackers

Read more →

99% of organizations report API-related security issues, highlighting risks from API growth This article has been indexed from www.infosecurity-magazine.com Read the original article: 99% of Organizations Report API-Related Security Issues

Read more →

DISA Global Solutions confirms data breach affecting 3.3M people, exposing sensitive personal info This article has been indexed from www.infosecurity-magazine.com Read the original article: DISA Global Solutions Confirms Data Breach Affecting 3.3M People

Read more →

Meredith Whittaker, Signal’s CEO, has threatened to pull the company out of Sweden if a proposed government bill requiring encryption backdoors becomes law This article has been indexed from www.infosecurity-magazine.com Read the original article: Signal May Exit Sweden If Government…

Read more →

IVF clinic Genea has confirmed that stolen patient data has been published online, with the Termite ransomware group appearing to be the perpetrators This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Gang Publishes Stolen Genea IVF…

Read more →

HaveIBeenPwned has added over 500 million new passwords and email addresses lifted via infostealers This article has been indexed from www.infosecurity-magazine.com Read the original article: HaveIBeenPwned Adds 244 Million Passwords Stolen By Infostealers

Read more →

Europe is hit hard as geopolitics drives increase in state-backed APT and hacktivist activity This article has been indexed from www.infosecurity-magazine.com Read the original article: Geopolitical Tension Fuels APT and Hacktivism Surge

Read more →

61% of hackers use new exploit code within 48 hours, ransomware remains top threat in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: 61% of Hackers Use New Exploit Code Within 48 Hours of Attack

Read more →

Ghostwriter cyber-attack targets Ukrainian, Belarusian opposition using weaponized Excel documents This article has been indexed from www.infosecurity-magazine.com Read the original article: Ghostwriter Cyber-Attack Targets Ukrainian, Belarusian Opposition

Read more →

Forescout observed the recently identified Chinese hacking group using medical imaging software applications to deliver malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese-Backed Silver Fox Plants Backdoors in Healthcare Networks

Read more →

ReliaQuest claims 80% of ransomware attacks now focus solely on exfiltrating data as it is faster This article has been indexed from www.infosecurity-magazine.com Read the original article: Only a Fifth of Ransomware Attacks Now Encrypt Data

Read more →

SecurityScorecard revealed that the large-scale password spraying campaign can bypass MFA and security access policies by utilizing Non-interactive sign-ins This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Botnet Bypasses MFA in Microsoft 365 Attacks

Read more →

New Hiya data finds 26% of UK consumers encountered a deepfake scam call in Q4 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Quarter of Brits Report Deepfake Phone Scams

Read more →

Elementor plugin flaw puts 2m WordPress websites at risk, allowing XSS attacks via malicious scripts This article has been indexed from www.infosecurity-magazine.com Read the original article: Essential Addons for Elementor XSS Vulnerability Discovered

Read more →

Michigan man indicted for dark web credential fraud, purchased 2,500 logins from Genesis Market This article has been indexed from www.infosecurity-magazine.com Read the original article: Michigan Man Indicted for Dark Web Credential Fraud

Read more →

Google Cloud’s Key Management Service now features quantum-safe digital signatures to strengthen data integrity and prepare for emerging quantum computing challenges This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Cloud Shields Data With Quantum-Resistant Digital Signatures

Read more →

Telstra found that 75% of cyber incidents impacting manufacturing firms originated from the targeting of IT systems connected to OT environments This article has been indexed from www.infosecurity-magazine.com Read the original article: IT/OT Convergence Fuels Manufacturing Cyber Incidents

Read more →

Experts argue Britons are now less secure after their government effectively forced Apple to abandon end-to-end encryption This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Slam Government After “Disastrous” Apple Encryption Move

Read more →

Following the largest-ever crypto theft, Bybit is offering researchers up to 10% of recovered funds This article has been indexed from www.infosecurity-magazine.com Read the original article: Bybit Offers $140m Bounty to Recover Funds After Mega Crypto-Heist

Read more →

Chinese threat actor Salt Typhoon used JumbledPath, a custom-built utility, to gain access to a remote Cisco device, said the network provider This article has been indexed from www.infosecurity-magazine.com Read the original article: Salt Typhoon Exploited Cisco Devices With Custom…

Read more →

Health Net Federal Services has agreed to pay over $11m over alleged false cybersecurity reporting This article has been indexed from www.infosecurity-magazine.com Read the original article: DoD Contractor Pays $11.2M over False Cyber Certifications Claims

Read more →

BlackBasta’s internal chatlogs are “highly useful from a threat intelligence perspective,” said Prodaft, the firm that revealed the leak This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackBasta Ransomware Chatlogs Leaked Online

Read more →

Microsoft has developed the first ever quantum chip, shortening the timeframe for when quantum computers will break exiting encryption This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft’s Quantum Chip Breakthrough Accelerates Threat to Encryption Protocols

Read more →

Fake job ads target freelance developers, spreading malware via GitHub This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Ads Target Freelance Developers via GitHub

Read more →

Mobile phishing attacks surged in 2024, with 16% of all incidents occurring in the US, according to a new Zimperium report This article has been indexed from www.infosecurity-magazine.com Read the original article: Mobile Phishing Attacks Surge with 16% of Incidents…

Read more →

A survey by IANS and Artico found significant regional variation in cybersecurity salary levels across North America This article has been indexed from www.infosecurity-magazine.com Read the original article: West Coast Cybersecurity Salaries Outshine Rest of Country

Read more →

Kela researchers 330 million compromised credentials to infostealer activity on over four million machines in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 330 Million Credentials Compromised by Infostealers

Read more →

Palo Alto Networks has observed exploit attempts chaining three vulnerabilities in its PAN-OS firewall appliances This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Chain Exploits of Three Palo Alto Networks Firewall Flaws

Read more →

CISA and the FBI have released a joint advisory detailing the activity of China’s Ghost ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA and FBI Warn of Global Threat from Ghost Ransomware

Read more →

A flaw in the Jupiter X Core plugin has been identified, allowing upload of malicious SVG files and remote code execution on vulnerable servers This article has been indexed from www.infosecurity-magazine.com Read the original article: WordPress Plugin Vulnerability Exposes 90,000…

Read more →

Finastra notifies customers of data breach that took place more than three months ago, impacting sensitive financial information This article has been indexed from www.infosecurity-magazine.com Read the original article: Finastra Notifies Customers of Data Breach

Read more →

Australia-based Genea said it is investigating the cyber incident to determine whether any personal data was accessed by an unauthorized third party This article has been indexed from www.infosecurity-magazine.com Read the original article: Australian IVF Clinic Suffers Data Breach Following…

Read more →

The head of the Australian Security Intelligence Organisation gave his Annual Threat Assessment for the year ahead This article has been indexed from www.infosecurity-magazine.com Read the original article: Spies Eye AUKUS Nuclear Submarine Secrets, Australia’s Intelligence Chief Warns

Read more →

Venture capital firm Insight Partners, which counts Recorded Future, SentinelOne and Wiz in its portfolio, confirmed an intrusion into its systems via a social engineering attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Investor Insight…

Read more →

Google has warned that Russian state-backed hackers are targeting Signal to eavesdrop on persons of interest in Ukraine This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian State Hackers Target Signal to Spy on Ukrainians

Read more →

Hudson Rock has found evidence that infostealers have compromised hundreds of US military and defense contractor credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Hundreds of US Military and Defense Credentials Compromised

Read more →

Significant OpenSSH flaws are exposing systems to man-in-the-middle and denial-of service attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenSSH Flaws Expose Systems to Critical Attacks

Read more →

Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications This article has been indexed from www.infosecurity-magazine.com Read the original article: Mustang Panda Leverages Microsoft Tools to…

Read more →

A new Snake Keylogger variant, responsible for over 280 million blocked infection attempts worldwide, has been identified targeting Windows users This article has been indexed from www.infosecurity-magazine.com Read the original article: Evolving Snake Keylogger Variant Targets Windows Users

Read more →

The BlackLock or Eldorado ransomware gang could be the year’s fastest-growing ransomware-as-a-service group This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackLock On Track to Be 2025’s Most Prolific Ransomware Group

Read more →

Proofpoint also identified two new threat actors operating components of web inject campaigns, TA2726 and TA2727 This article has been indexed from www.infosecurity-magazine.com Read the original article: Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer

Read more →

A threat actor claims to have hacked and published data on 12 million Zacks Investment Research accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Zacks Investment Research Breach Hits 12 Million

Read more →

Pro-Russia hackers NoName057(16) has targeted Italian banks, airports and ports in a series of DDoS attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Pro-Russia Hackers NoName057(16) Hit Italian Banks and Airports

Read more →

Microsoft has observed a new variant of XCSSET, a sophisticated macOS malware that infects Xcode projects This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Detects New XCSSET MacOS Malware Variant

Read more →

South Korea’s Personal Information Protection Commission is blocking DeepSeek AI downloads over privacy concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: South Korea Suspends Downloads of AI Chatbot DeepSeek

Read more →

A Golang backdoor is using Telegram as its command and control (C2) channel, an approach that makes detection harder for defenders, according to Netskope researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: Telegram Used as C2…

Read more →

Two Estonian nationals have pleaded guilty to running a cryptocurrency-related Ponzi scheme This article has been indexed from www.infosecurity-magazine.com Read the original article: Estonian Duo Plead Guilty to $577m Crypto Ponzi Scheme

Read more →

Vulnerabilities in firewalls from Palo Alto Networks and SonicWall are currently under active exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Palo Alto Networks and SonicWall Firewalls Under Attack

Read more →

Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Hackers Target Microsoft 365 Accounts with Device Code Phishing

Read more →

The organization becomes the AI Security Institute as the UK shifts its focus to tackling AI risks to national security This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s AI Safety Institute Rebrands Amid Government Strategy Shift

Read more →

Symantec found that tools previously only used by Chinese nation-state espionage actors were deployed in a ransomware attack This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Linked Espionage Tools Used in Recent Ransomware Attack

Read more →

US agencies have issued a new alert to eliminate buffer overflow vulnerabilities, urging memory-safe programming for secure-by-design software development This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA and FBI Warn Against Buffer Overflow Vulnerabilities

Read more →

Astaroth is an advanced phishing kit using real-time credential and session cookie capture to compromise Gmail, Yahoo and Office 365 accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Astaroth Phishing Kit Bypasses 2FA Using Reverse Proxy…

Read more →

Ahead of Valentine’s Day, Chainalysis figures reveal 40% increase in losses to pig butchering, or romance baiting, scams This article has been indexed from www.infosecurity-magazine.com Read the original article: Romance Baiting Losses Surge 40% Annually

Read more →