Tag: www.infosecurity-magazine.com

Microsoft found that Russian state actor Seashell Blizzard has deployed an initial access subgroup to gain persistent access in a range of high-value global targets This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Seashell Blizzard Enlists…

Read more →

The Electronic Frontier Foundation has requested a US federal court to block Elon Musk’s DOGE access to US Office of Personnel Management Data This article has been indexed from www.infosecurity-magazine.com Read the original article: EFF Leads Fight Against DOGE and…

Read more →

SecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korea Targets Crypto Devs Through NPM Packages

Read more →

Romance scams cost Americans $697.3m in 2024, with crypto fraud schemes on the rise This article has been indexed from www.infosecurity-magazine.com Read the original article: Romance Scams Cost Americans $697.3M Last Year

Read more →

NCSC CTO Ollie Whitehouse discussed a UK government-backed project designed to secure underlying computer hardware, preventing most vulnerabilities from occurring This article has been indexed from www.infosecurity-magazine.com Read the original article: CHERI Security Hardware Program Essential to UK Security, Says…

Read more →

Massive IoT data breach exposed 2.7 billion records including Wi-Fi credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Exclusive: Massive IoT Data Breach Exposes 2.7 Billion Records

Read more →

A new Everfox survey shows a growing consensus among regulated organizations in favor of a strategic shift away from detecting cyber threats to preventing them This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Detection Tech Failing,…

Read more →

The US and its allies have sanctioned Russian bulletproof hoster Zservers for abetting ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: US, UK and Australia Sanction Russian Bulletproof Hoster Zservers

Read more →

February Patch Tuesday sees Microsoft fix four zero-days, including two under active exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Another Two Actively Exploited Zero-Days

Read more →

An Alabama man has admitted hacking into the US Security and Exchange Commission’s X account using SIM swap fraud to gain access This article has been indexed from www.infosecurity-magazine.com Read the original article: Alabama Hacker Admits Role in SEC X…

Read more →

Gcore reported a 56% year-over-year rise in DDoS attacks in H2 2024, highlighting a steep long-term growth tend for the attack technique This article has been indexed from www.infosecurity-magazine.com Read the original article: DDoS Attack Volume and Magnitude Continues to…

Read more →

Chinese hackers are infiltrating the networks of suppliers of “sensitive” manufacturers, according to a Check Point report to be published in the coming weeks This article has been indexed from www.infosecurity-magazine.com Read the original article: New Chinese Hacking Campaign Targets…

Read more →

Ransomware groups are adopting agile techniques in a quantity-over-quality approach, according to a new report from Huntress This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Gangs Increasingly Prioritize Speed and Volume in Attacks

Read more →

Four Europeans were arrested in Phuket, believed to be members of the Phobos ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: 8Base Ransomware Site Seized, Phobos Suspects Arrested in Thailand

Read more →

Apple has patched a zero-day vulnerability being exploited in targeted attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple Mitigates “Extremely Sophisticated” Zero-Day Exploit

Read more →

Kela researchers explain that infostealers are to blame for compromised OpenAI logins This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenAI Was Not Breached, Say Researchers

Read more →

Trend Micro uncovers BadIIS malware exploiting IIS servers for SEO fraud and malicious redirects This article has been indexed from www.infosecurity-magazine.com Read the original article: BadIIS Malware Exploits IIS Servers for SEO Fraud

Read more →

A US resident based in Indiana was charged with cyber intrusion and cryptocurrency theft conspiracies This article has been indexed from www.infosecurity-magazine.com Read the original article: US: Man Gets 20 Years for $37m Crypto Heist

Read more →

Memorial Hospital and Manor, located in Bainbridge, Georgia, has alerted 120,000 individuals that their data was breached following a ransomware attack last November This article has been indexed from www.infosecurity-magazine.com Read the original article: Georgia Hospital Alerts 120,000 Individuals of…

Read more →

The UK MoD has announced it is fast-tracking the recruitment of specialist cybersecurity roles, with recruits offered a starting salary of above £40,000 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Military Fast-Tracks Cybersecurity Recruitment

Read more →

Security and privacy experts have questioned a new demand from the UK Home Office on Apple’s encrypted iCloud service This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Dismayed at UK’s Apple Decryption Demands

Read more →

Europol has urged the financial sector to prioritize quantum-safe cryptography This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Warns Financial Sector of “Imminent” Quantum Threat

Read more →

27 UK public sector organizations faced ICO enforcement actions in 2024, with three fines issued, according to URM Consulting This article has been indexed from www.infosecurity-magazine.com Read the original article: Most UK GDPR Enforcement Actions Targeted Public Sector in 2024

Read more →

The technique, called nullifAI, allows the models to bypass Hugging Face’s protective measures against malicious AI models This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious AI Models on Hugging Face Exploit Novel Attack Technique

Read more →

Orange Cyberdefense found that over half of UK financial firms suffered at least one third-party attack in 2024, linked to significant gaps in risk management strategies This article has been indexed from www.infosecurity-magazine.com Read the original article: Third-Party Risk Management…

Read more →

Sophos has observed cybercriminals ramping up their use of graphics files as part of email phishing attacks to bypass conventional security protections This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Weaponize Graphics Files in Phishing Attacks

Read more →

US and Europol dismantle neo-Nazi child abuse network in global crackdown against online exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Cracks Down on Global Child Abuse Network “The Com”

Read more →

Patchstack urges admins to patch new WordPress ASE plugin vulnerability that lets users restore previous admin privileges This article has been indexed from www.infosecurity-magazine.com Read the original article: WordPress ASE Plugin Vulnerability Threatens Site Security

Read more →

A Bitdefender researcher was targeted by North Korea’s Lazarus with the lure of a fake job offer This article has been indexed from www.infosecurity-magazine.com Read the original article: Lazarus Group Targets Bitdefender Researcher with LinkedIn Recruiting Scam

Read more →

This new independent non-profit was set up by the UK insurance industry to bring more transparency around cyber events This article has been indexed from www.infosecurity-magazine.com Read the original article: New UK Cyber Monitoring Centre Introduces ‘Richter Scale’ for Cyber-Attacks

Read more →

The UK’s National Cyber Security Centre has published a new set of resources for startups and researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Issues Guidance to Protect UK Research and Innovation

Read more →

Spain’s National Police force has arrested a suspected data thief who targeted government and military victims This article has been indexed from www.infosecurity-magazine.com Read the original article: Spanish Police Arrest Suspected NATO and US Army Hacker

Read more →

A new phishing attack by UAC-0006 has been discovered targeting PrivatBank with malicious files in password-protected archives to evade detection This article has been indexed from www.infosecurity-magazine.com Read the original article: Sophisticated Phishing Campaign Targets Ukraine’s Largest Bank

Read more →

Chainalysis found that ransomware payments fell significantly year-over-year despite a recorded increase in the number of ransomware events in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Payments Decline 35% as Victims Resist Demands

Read more →

Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing This article has been indexed from www.infosecurity-magazine.com Read the original article: Mobile Malware Targeting Indian Banks Exposes 50,000 Users

Read more →

The UK and its Five Eyes partners have launched new security guidance for edge device manufacturers and network defenders This article has been indexed from www.infosecurity-magazine.com Read the original article: Five Eyes Launch Guidance to Improve Edge Device Security

Read more →

Contrast Security reveals a 12.5% annual increase in destructive cyber-attacks on banks This article has been indexed from www.infosecurity-magazine.com Read the original article: Destructive Attacks on Financial Institutions Surge

Read more →

Check Point has observed cybercriminals toy with Alibaba’s Qwen LLM to develop infostealers This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Eye DeepSeek, Alibaba LLMs for Malware Development

Read more →

Contrast Security reveals a 12.5% annual increase in destructive cyber-attacks on banks This article has been indexed from www.infosecurity-magazine.com Read the original article: Destructive Attacks on Financial Institutions Surge 13%

Read more →

DaggerFly’s Lunar Peek campaign is using a new malware strain, identified by FortiGuard Labs, to compromise Linux networks This article has been indexed from www.infosecurity-magazine.com Read the original article: DaggerFly-Linked Linux Malware Targets Network Appliances

Read more →

Picus Security reports infostealer surge after revealing credentials appear in 29% of malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Threefold Increase in Malware Targeting Credential Stores

Read more →

A sophisticated phishing campaign targeting Microsoft ADFS has been observed, affecting more than 150 organizations This article has been indexed from www.infosecurity-magazine.com Read the original article: Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA

Read more →

Check Point Research has found over 10 million stolen credentials associated with EMEA organizations exposed on cybercrime markets This article has been indexed from www.infosecurity-magazine.com Read the original article: Surge in Infostealer Attacks Threatens EMEA Organizations’ Data Security

Read more →

Texas Governor Greg Abbott announced a Cyber Command, designed to combat surging attacks on the state by nation-states and cybercriminals This article has been indexed from www.infosecurity-magazine.com Read the original article: Texas to Establish Cyber Command Amid “Dramatic” Rise in…

Read more →

Jscambler claims at least 17 sites have been infected with web skimmers, including Casio’s This article has been indexed from www.infosecurity-magazine.com Read the original article: Casio and Others Hit by Magento Web Skimmer Campaign

Read more →

CISA has identified a backdoor in Contec CMS8000 devices that could allow unauthorized access to patient data and disrupt monitoring functions This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Warns of Backdoor Vulnerability in Contec Patient…

Read more →

Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes This article has been indexed from www.infosecurity-magazine.com Read the original article: High-profile X Accounts Targeted in Phishing Campaign

Read more →

VulnCheck observed 768 public reports of CVEs exploited in the wild for the first time in 2024, a 20% rise compared to 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: 768 CVEs Exploited in the Wild…

Read more →

A new Europol report warns of major challenges accessing and analyzing data for cybercrime investigations This article has been indexed from www.infosecurity-magazine.com Read the original article: European Police: Data Volumes and Deletion Hindering Investigations

Read more →

The UK government has launched a new AI security code of practice it believes will become an ETSI standard This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Announces “World-First” AI Security Standard

Read more →

Cisco Talos found that exploitation of public-facing applications made up 40% of incidents it observed in Q4 2024, marking a notable shift in initial access techniques This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actors Target…

Read more →

The Indian tech giant temporarily suspended some of its IT services, which have now been restored This article has been indexed from www.infosecurity-magazine.com Read the original article: Tata Technologies Hit by Ransomware Attack

Read more →

Cyber reports exposed major security flaws in DeepSeek’s R1 LLM This article has been indexed from www.infosecurity-magazine.com Read the original article: DeepSeek’s Flagship AI Model Under Fire for Security Vulnerabilities

Read more →

A global law enforcement operation has taken down infrastructure used by Cracked.io and Nulled.io, which provide cybercriminal tools and services This article has been indexed from www.infosecurity-magazine.com Read the original article: International Operation Dismantles Cracked and Nulled Cybercrime Hubs

Read more →

Google Play blocked 2.36 million policy-violating apps and banned 158,000 harmful developer accounts in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Blocked 2.36 Million Policy-Violating Apps

Read more →

HTTP client tools used to compromise Microsoft 365 environments with 78% of tenants targeted in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Increase Use of HTTP Clients for Account Takeovers

Read more →

SquareX researchers warn that browser syncjacking could lead to full browser and device hijacking This article has been indexed from www.infosecurity-magazine.com Read the original article: Syncjacking Attack Enables Full Browser and Device Takeover

Read more →

Researchers at Wiz uncovered a publicly accessible database belonging to Chinese GenAI provider DeepSeek that leaked sensitive data, including chat history This article has been indexed from www.infosecurity-magazine.com Read the original article: DeepSeek Exposed Database Leaks Sensitive Data

Read more →

New York Blood Center Enterprises revealed that it has been hit by a ransomware attack, disrupting activities and blood drives at its centers across the country This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attack Disrupts…

Read more →

UK organizations are significantly increasing cybersecurity budgets, with a projected 31% growth in the next year This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Organizations Boosting Cybersecurity Budgets

Read more →

The UK’s National Cyber Security Centre has released a new paper making it easier to assess if a flaw is “unforgivable” This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Calls on Vendors to Eradicate “Unforgivable” Vulnerabilities

Read more →

AI-related API vulnerabilities surged 1,205% in 2024, with 99% tied to API flaws, according to a new report by Wallarm This article has been indexed from www.infosecurity-magazine.com Read the original article: AI Surge Drives Record 1205% Increase in API Vulnerabilities

Read more →

Google highlighted significant abuse of its Gemini LLM tool by nation state actors to support malicious activities, including research and malware development This article has been indexed from www.infosecurity-magazine.com Read the original article: Nation-State Hackers Abuse Gemini AI Tool

Read more →

Cato Networks highlighted how the recently emerged HellCat ransomware group is using novel psychological tactics to court attention and pressurize victims This article has been indexed from www.infosecurity-magazine.com Read the original article: New Hellcat Ransomware Gang Employs Humiliation Tactics

Read more →

Cybercriminals exploit government websites using open redirects and phishing tactics, bypassing secure email gateway protections This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actors Exploit Government Websites for Phishing

Read more →

ReliaQuest warns threat actor innovation and infostealer activity helped to accelerate breakout time by 22% in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Breakout Time Accelerates 22% as Cyber-Attacks Speed Up

Read more →

Government agencies and privacy watchdogs have started investigating the Chinese AI chatbot provider over data privacy concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese GenAI Startup DeepSeek Sparks Global Privacy Debate

Read more →

The National Audit Office warns of major gaps in cyber resilience across UK government departments This article has been indexed from www.infosecurity-magazine.com Read the original article: Scores of Critical UK Government IT Systems Have Major Security Holes

Read more →

Energy contractor ENGlobal reported that sensitive personal data was stolen by threat actors, with the incident disrupting operations for six weeks This article has been indexed from www.infosecurity-magazine.com Read the original article: ENGlobal Cyber-Attack Exposes Sensitive Data

Read more →

Group-IB researchers have exposed the highly organized affiliate platform and sophisticated operations of the Lynx Ransomware-as-a-Service group This article has been indexed from www.infosecurity-magazine.com Read the original article: Lynx Ransomware Group Unveiled with Sophisticated Affiliate Program

Read more →

A Ponemon Institute survey highlighted the growing impact of ransomware attacks on victims’ revenue and reputation This article has been indexed from www.infosecurity-magazine.com Read the original article: 58% of Ransomware Victims Forced to Shut Down Operations

Read more →

An API supply-chain attack affecting a popular online travel booking service put millions of airline users at risk This article has been indexed from www.infosecurity-magazine.com Read the original article: API Supply Chain Attacks Put Millions of Airline Users at Risk

Read more →

The number of data breach victims increased 312% annually to exceed 1.7 billion in 2024, according to the ITRC 2024 Annual Data Breach Report This article has been indexed from www.infosecurity-magazine.com Read the original article: Mega Data Breaches Push US…

Read more →

The three Russian hackers are believed to be part of Unit 29155 of the GRU, also known as Cadet Blizzard, Ember Bear and Ruinous Ursa This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Sanctions Three Russians…

Read more →

Three men have been sentenced after pleading guilty to running an account hijacking service for fraudsters This article has been indexed from www.infosecurity-magazine.com Read the original article: British Vishing-as-a-Service Trio Sentenced

Read more →

A new phishing tactic has been identified by Cisco Talos, using hidden text salting to evade email security measures This article has been indexed from www.infosecurity-magazine.com Read the original article: Hidden Text Salting Disrupts Brand Name Detection Systems

Read more →

Obsidian found that threat actors are focusing on SaaS applications to steal sensitive data, with most organizations’ security measures not set up to deal with these attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: SaaS Breaches…

Read more →

A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: New Phishing Campaign Targets Mobile Devices with Malicious PDFs

Read more →

74% of CISOs plan to increase their cyber crisis simulation budgets in 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: CISOs Boost Crisis Simulation Budgets Amid High-Profile Cyber-Attacks

Read more →

A now-patched vulnerability could have enabled threat actors to remotely control Subaru cars This article has been indexed from www.infosecurity-magazine.com Read the original article: Subaru Bug Enabled Remote Vehicle Tracking and Hijacking

Read more →

Change Healthcare has claimed 190 million customers were affected by a mega-breach last year This article has been indexed from www.infosecurity-magazine.com Read the original article: Change Healthcare Breach Almost Doubles in Size to 190 Million Victims

Read more →

Amazon Web Services has launched its Cyber Education Grant Program in the UK This article has been indexed from www.infosecurity-magazine.com Read the original article: AWS Announces £5m Grant for Cyber Education in the UK

Read more →

Crazy Evil, a group of crypto scammers, exploit NFTs and cryptocurrencies with malware targeting influencers and tech professionals This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Scammers Target Crypto Influencers with Infostealers

Read more →

A new FBI advisory warned that North Korean IT worker schemes have escalated their activities in recent months to include data extortion This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean IT Workers Holding Data Hostage…

Read more →

SentinelOne researchers highlighted similarities in the approaches used by the HellCat and Morpheus ransomware groups, suggesting shared infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Gangs Linked by Shared Code and Ransom Notes

Read more →

Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment This article has been indexed from www.infosecurity-magazine.com Read the original article: Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances

Read more →

Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams This article has been indexed from www.infosecurity-magazine.com Read the original article: Bookmakers Ramp Up Efforts to Combat Arbitrage Betting Fraud

Read more →

Splunk reveals that 82% of CISOs now report directly to the CEO, but many lack EQ This article has been indexed from www.infosecurity-magazine.com Read the original article: CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills

Read more →

The network equipment giant urged customers to patch immediately This article has been indexed from www.infosecurity-magazine.com Read the original article: Cisco Fixes Critical Vulnerability in Meeting Management

Read more →

Cybercriminals are selling access to the malicious GenAI chatbot via Telegram, providing rapid assistance for a range of nefarious activities, according to Abnormal Security This article has been indexed from www.infosecurity-magazine.com Read the original article: New GhostGPT AI Chatbot Facilitates…

Read more →

President Trump has pardoned the founder of original dark web marketplace Silk Road This article has been indexed from www.infosecurity-magazine.com Read the original article: Trump Pardons Silk Road Founder Ulbricht

Read more →

Threat researchers analyzed the updated Tycoon 2FA phishing kit, which bypasses MFA This article has been indexed from www.infosecurity-magazine.com Read the original article: Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures

Read more →

PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: PlushDaemon APT Targeted South Korean VPN Software

Read more →

New ESET research reveals that 73% of UK educational institutions experienced at least one cyber-attack or breach in the past five years This article has been indexed from www.infosecurity-magazine.com Read the original article: 73% of UK Education Sector Hit by…

Read more →

NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attacks Surge to Record High in December 2024

Read more →

Cyble has found thousands of security vendors’ credentials on the dark web, likely pulled from infostealer logs This article has been indexed from www.infosecurity-magazine.com Read the original article: Major Cybersecurity Vendors’ Credentials Found on Dark Web

Read more →

Netwrix claims 84% of healthcare organizations detected a cyber-attack in the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: Account Compromise and Phishing Top Healthcare Security Incidents

Read more →

Cloudflare warns of a surge in hyper-volumetric DDoS after revealing it stopped a massive 5.6Tbps attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloudflare Mitigates Record-Breaking 5.6Tbps DDoS Attack

Read more →

Murdoc_Botnet used Mirai malware to exploit IoT vulnerabilities, targeting devices globally This article has been indexed from www.infosecurity-magazine.com Read the original article: New Mirai Malware Variant Targets AVTECH Cameras, Huawei Routers

Read more →

Security experts have outlined security and privacy concerns around the UK government’s GOV.UK Wallet, which will allow citizens to store all their ID documents in a single place This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s…

Read more →