Tag: www.infosecurity-magazine.com

Marbled Dust has been exploiting a vulnerability in user accounts associated with the Kurdish military operating in Iraq for over a year, according to Microsoft This article has been indexed from www.infosecurity-magazine.com Read the original article: Turkey-Aligned Hackers Targeted Iraq-Based…

Read more →

Cyber espionage campaign linked to North Korean actor TA406 targeted Ukrainian government entities This article has been indexed from www.infosecurity-magazine.com Read the original article: DPRK-Backed TA406 Targets Ukraine With Malware Campaigns

Read more →

CISA won’t post standard cybersecurity updates on its website, shifting to email and social media This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Shifts Alert Distribution Strategy to Email, Social Media

Read more →

M&S Chief Executive, Stuart Machin, said that the firm has written to customers to inform them that some personal information was accessed by threat actors This article has been indexed from www.infosecurity-magazine.com Read the original article: M&S Confirms Customer Data…

Read more →

ENISA has officially launched the European Vulnerability Database as required by the NIS2 directive This article has been indexed from www.infosecurity-magazine.com Read the original article: European Vulnerability Database Launches Amid US CVE Chaos

Read more →

The UK government wants to hear feedback on a possible new standard or legislation to improve enterprise IoT security This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Considers New Enterprise IoT Security Law

Read more →

Hacktivist claims on Indian infrastructure raised alarms, but investigations showed minimal damage This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacktivist Attacks on India Overstated Amid APT36 Espionage Threat

Read more →

During Infosecurity Europe 2025 experts will explore how to strengthen organizational resilience against persistent third-party risks This article has been indexed from www.infosecurity-magazine.com Read the original article: #Infosec2025: Experts to Shine Light on Vendor Supply Chain Resilience Against Third-Party Risks

Read more →

The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet This article has been indexed from www.infosecurity-magazine.com Read the original article: Criminal Proxy Network Infects Thousands of IoT Devices

Read more →

She@Cyber training program is focused on improving the representation of women and other underrepresented groups in the cybersecurity industry This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Launches Free Entry-Level Cyber Training Program

Read more →

A global cryptocurrency phishing operation likely based in India or Sri Lanka has been stealing digital assets since at least 2022 This article has been indexed from www.infosecurity-magazine.com Read the original article: FreeDrain Phishing Scam Drains Crypto Hobbyists’ Wallets

Read more →

Hackers have compromised Japanese trading accounts in an apparent attempt to manipulate the stock market This article has been indexed from www.infosecurity-magazine.com Read the original article: Japanese Account Hijackers Make $2bn+ of Illegal Trades

Read more →

Germany’s BKA has seized the infrastructure behind the crypto swapping service eXch This article has been indexed from www.infosecurity-magazine.com Read the original article: German Police Shutter “eXch” Money Laundering Service

Read more →

The tech giant plans to leverage its Gemini Nano LLM on-device to enhance scam detection on Chrome This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Deploys On-Device AI to Thwart Scams on Chrome and Android

Read more →

The UNIDR Intrusion Path is designed to provide a simplified view of cyber-threats and security across the network perimeter This article has been indexed from www.infosecurity-magazine.com Read the original article: UN Launches New Cyber-Attack Assessment Framework

Read more →

The FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Sounds Alarm on Rogue Cybercrime Services Targeting Obsolete Routers

Read more →

Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action This article has been indexed from www.infosecurity-magazine.com Read the original article: US Federal Agencies Alert on “Unsophisticated” OT Cyber-Threats

Read more →

PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted This article has been indexed from www.infosecurity-magazine.com Read the original article: PowerSchool Admits Ransom…

Read more →

New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Group Launches LOSTKEYS Malware in Attacks

Read more →

The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Ransomware Hacked, Insider Secrets Exposed

Read more →

DigiCert survey finds only 5% of global businesses are using post-quantum cryptography This article has been indexed from www.infosecurity-magazine.com Read the original article: Just 5% of Enterprises Have Deployed Quantum-Safe Encryption

Read more →

The UK government is set to prioritize increasing the number of UK organizations who are Cyber Essentials certified over the coming year This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Cyber Essentials Certification Numbers Falling Short

Read more →

The UK government unveiled two new assessment schemes to boost confidence in the security of products and services during CYBERUK This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Launches New Cybersecurity Assessment Initiatives to Drive Secure…

Read more →

Researchers spot in-the-wild exploits of Samsung MagicInfo despite recent patch This article has been indexed from www.infosecurity-magazine.com Read the original article: Confusion Reigns as Threat Actors Exploit Samsung MagicInfo Flaw

Read more →

Organizations can start defending against deepfakes now, before efficient detectors are available This article has been indexed from www.infosecurity-magazine.com Read the original article: #Infosec2025: Combating Deepfake Threats at the Age of AI Agents

Read more →

Security researchers at Aon have discovered a threat actor who bypassed SentinelOne EDR protection to deploy Babuk ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacker Finds New Technique to Bypass SentinelOne EDR Solution

Read more →

Inferno Drainer returns, stealing millions from crypto wallets through phishing on Discord This article has been indexed from www.infosecurity-magazine.com Read the original article: Inferno Drainer Returns, Stealing Millions from Crypto Wallets

Read more →

NCSC CEO Richard Horne said the cyber agency has managed twice as many nationally significant cyber incidents in the period from September 2024 to May 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: “Nationally Significant” Cyber-Attacks…

Read more →

A prolific DDoS-for-hire network has been dismantled by Polish authorities as part of a coordinated international crackdown This article has been indexed from www.infosecurity-magazine.com Read the original article: DDoS-for-Hire Network Dismantled in International Operation

Read more →

The Israeli spyware maker must pay $444,719 in compensatory damages to Meta and $167.25m in punitive damages This article has been indexed from www.infosecurity-magazine.com Read the original article: NSO Group Hit with $168m Fine for WhatsApp Pegasus Spyware Abuse

Read more →

The UK government has announced that it will be replace its current SMS verification system with passkeys by the end of 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: Passkeys Set to Protect GOV.UK Accounts Against…

Read more →

Marsh says ransomware drove cyber insurance claims to second highest on record in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Cyber Insurance Claims Second Highest on Record

Read more →

UK government minister Pat McFadden said during CYBERUK that the incidents affecting M&S, Co-op and Harrods show that cybersecurity is a necessity This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Warns Retail Attacks Must Serve…

Read more →

Half of UK firms have over 10 cyber positions unfilled, according to Cisco This article has been indexed from www.infosecurity-magazine.com Read the original article: Talent Shortages Bite as 80% of UK Firms Hit with AI Threats

Read more →

The Alvin Independent School District in Texas has notified over 47,000 individuals affected by a data breach exposing sensitive personal information This article has been indexed from www.infosecurity-magazine.com Read the original article: Texas School District Notifies Over 47,000 People of…

Read more →

Global smishing campaigns linked to Chinese cybercriminals escalate with Smishing Triad’s new tools and techniques This article has been indexed from www.infosecurity-magazine.com Read the original article: Smishing Triad Upgrades Tools and Tactics for Global Attacks

Read more →

Individuals allegedly linked to the DragonForce cybercriminal syndicate have claimed the attack on the three UK retailers This article has been indexed from www.infosecurity-magazine.com Read the original article: Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks

Read more →

Prolific PhaaS operation Darcula uses Magic Cat software to steal over 800,000 cards in a seven-month period This article has been indexed from www.infosecurity-magazine.com Read the original article: Darcula Phishing as a Service Operation Snares 800,000+ Victims

Read more →

The National Cyber Security Centre has published advice for retailers while the Co-op admits customer data was stolen This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s NCSC Offers Security Tips as Co-op Confirms Data Loss

Read more →

Ireland’s data protection watchdog accuses the Chinese social media giant of violating GDPR with transfers of European users’ data to China This article has been indexed from www.infosecurity-magazine.com Read the original article: TikTok Fined €530m Over Transfers of European User…

Read more →

Comparitech observed a significant decline in ransomware attacks in April, partly as a result of the RansomHub gang “going dark” This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attacks Fall in April Amid RansomHub Outage

Read more →

The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Confirms Exploitation of SonicWall Vulnerabilities

Read more →

NSC’s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory” This article has been indexed from www.infosecurity-magazine.com Read the original article: White House Warns China of Cyber Retaliation Over Infrastructure…

Read more →

FIDO Alliance found an uptick in awareness and takeup of passkeys as an alternative method to passwords This article has been indexed from www.infosecurity-magazine.com Read the original article: Third of Online Users Hit by Account Hacks Due to Weak Passwords

Read more →

UK retailers including Harrods, M&S, and the Co-op are under a surge of cyber-attacks that may be linked by a common supplier or shared technological vulnerability This article has been indexed from www.infosecurity-magazine.com Read the original article: Harrods Latest UK…

Read more →

Anthropic has found its Claude chatbot is being used for automated political messaging, enabling AI-driven influence campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: Claude Chatbot Used for Automated Political Messaging

Read more →

Concerned about the fate of sensitive genetic information, the ICO and OPC have demanded that 23andMe prioritize customer data protection throughout its bankruptcy process This article has been indexed from www.infosecurity-magazine.com Read the original article: UK and Canadian Regulators Demand…

Read more →

A large-scale phishing campaign using DarkWatchman and Sheriff malware has been observed targeting companies in Russia and Ukraine This article has been indexed from www.infosecurity-magazine.com Read the original article: Large-Scale Phishing Campaigns Target Russia and Ukraine

Read more →

Bitdefender highlighted the growing use of subscription scams, in which victims are lured by adverts into recurring payments for fake products This article has been indexed from www.infosecurity-magazine.com Read the original article: Mystery Box Scams Deployed to Steal Credit Card…

Read more →

Alongside its new Meta AI app, Facebook’s parent company launched several new products to help secure open-source AI applications This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Unveils New Advances in AI Security and Privacy Protection

Read more →

The ICO has decided not to fine the British Library for a 2023 ransomware breach This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO: No Further Action on British Library Ransomware Breach

Read more →

The FBI has released details of 42,000 phishing domains associated with the LabHost operation, in order to help the security community This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Publishes 42,000 LabHost Phishing Domains

Read more →

The impact of the advancement in quantum computing on cybersecurity will be a key focus at this year’s Infosecurity Europe event This article has been indexed from www.infosecurity-magazine.com Read the original article: #Infosec2025: How Advances in Quantum Computing Could Reshape…

Read more →

RansomHub refines extortion strategy amid RaaS market fractures, expanding affiliate recruitment This article has been indexed from www.infosecurity-magazine.com Read the original article: RansomHub Refines Extortion Strategy as RaaS Market Fractures

Read more →

Microsoft has announced plans to expand cloud and AI infrastructure in the EU, increasing data center capacity by 40% by 2027 This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Expands Cloud, AI Footprint Across Europe

Read more →

The Co-op stores, quick commerce operations and funeral homes are trading as usual This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Retailer Co-op Confirms Hack, Reports “Small Impact” to Its Systems

Read more →

Kristi Noem said the Trump administration is introducing reforms to ensure CISA is focusing on the core security functions it was created for This article has been indexed from www.infosecurity-magazine.com Read the original article: DHS Head Accuses CISA of Acting…

Read more →

The legislation mandates a probe into foreign-made routers to identify risks for US national security This article has been indexed from www.infosecurity-magazine.com Read the original article: US House Approves Bill to Assess Security Threats Posed by Foreign-Made Routers

Read more →

JPMorgan’s CISO has argued that SaaS apps represent a growing risk to businesses, “quietly enabling cyber attackers” This article has been indexed from www.infosecurity-magazine.com Read the original article: JPMorgan CISO Urges SaaS Security Reset

Read more →

The French government has criticized Russia’s APT28 group for attacking 12 entities in a long-running espionage campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: France Slams Russia’s APT28 for Four-Year Cyber-Espionage Campaign

Read more →

New WordPress malware disguised as a plugin gives attackers persistent access and injects malicious code enabling administrative control This article has been indexed from www.infosecurity-magazine.com Read the original article: New WordPress Malware Masquerades as Plugin

Read more →

A new ransomware campaign is automating LockBit deployment via the Phorpiex botnet, according to Cybereason This article has been indexed from www.infosecurity-magazine.com Read the original article: Phorpiex Botnet Delivers LockBit Ransomware with Automated Tactics

Read more →

Administrators of a Telegram channel named CoderSharp have been advertising Gremlin Stealer since March 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: New Gremlin Infostealer Distributed on Telegram

Read more →

Dvuln researchers highlighted the growing impact of infostealers on the cybercrime landscape, enabling attackers to bypass traditional defenses This article has been indexed from www.infosecurity-magazine.com Read the original article: Infostealers Harvest Over 30,000 Australian Banking Credentials

Read more →

Google claims 19% more zero-day bugs were exploited in 2024 than 2022 as threat actors focus on security products This article has been indexed from www.infosecurity-magazine.com Read the original article: Zero-Day Exploitation Figure Surges 19% in Two Years

Read more →

Europol has launched a new initiative designed to combat recruitment of youngsters into violent organized crime groups This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Creates “Violence-as-a-Service” Taskforce

Read more →

Members of the World Uyghur Congress living in exile were targeted with a spear phishing campaign deploying surveillance malware, according to the Citizen Lab This article has been indexed from www.infosecurity-magazine.com Read the original article: Uyghur Diaspora Group Targeted with…

Read more →

50% of mobile devices run outdated operating systems, increasing vulnerability to cyber-attacks, according to the latest report from Zimperium This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Mobile Devices Run Outdated Operating Systems

Read more →

According to the 2025 Global Threat Landscape Report from FortiGuard, threat actors are executing 36,000 scans per second This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Note 16.7% Increase in Automated Scanning Activity

Read more →

An ISACA survey found that just 5% of organizations have a defined strategy to defend against quantum-enabled threats This article has been indexed from www.infosecurity-magazine.com Read the original article: ISACA Highlights Critical Lack of Quantum Threat Mitigation Strategies

Read more →

The US authorities have asked the public to help them unmask China’s Salt Typhoon threat actors This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Asks for Help Tracking Chinese Salt Typhoon Actors

Read more →

The UK government says it will ban the possession or supply of SIM farms, in a fraud crackdown This article has been indexed from www.infosecurity-magazine.com Read the original article: Government Set to Ban SIM Farms in European First

Read more →

Increased law enforcement pressure has forced ransomware groups like DragonForce and Anubis to move away from traditional affiliate models This article has been indexed from www.infosecurity-magazine.com Read the original article: Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

Read more →

A maximum severity flaw affecting SAP NetWeaver has been exploited by threat actors This article has been indexed from www.infosecurity-magazine.com Read the original article: SAP Fixes Critical Vulnerability After Evidence of Exploitation

Read more →

British retailer M&S continues to tackle a cyber incident with online orders now paused for customers This article has been indexed from www.infosecurity-magazine.com Read the original article: M&S Shuts Down Online Orders Amid Ongoing Cyber Incident

Read more →

Researchers have found a Chrome extension that can act on the user’s behalf by using a popular AI agent orchestration protocol This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Experts Flag Chrome Extension Using AI Engine…

Read more →

Panaseer’s latest cybersecurity study revealed that US companies have paid $155M in data breach lawsuit settlements over just six months This article has been indexed from www.infosecurity-magazine.com Read the original article: US Data Breach Lawsuits Total $155M Amid Cybersecurity Failures

Read more →

Backslash Security found that naïve prompts resulted in code vulnerable to at least four of the of the 10 most common vulnerabilities across popular LLMs This article has been indexed from www.infosecurity-magazine.com Read the original article: Popular LLMs Found to…

Read more →

ELENOR-corp ransomware, a new version of Mimic, is targeting healthcare organizations using advanced capabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: ELENOR-corp Ransomware Targets Healthcare Sector

Read more →

A misconfigured tracking tool has exposed protected health information of 4.7 million Blue Shield members to Google Ads This article has been indexed from www.infosecurity-magazine.com Read the original article: Blue Shield of California Data Breach Affects 4.7 Million Members

Read more →

A critical path traversal vulnerability in Commvault’s backup and replication solutions has been reported This article has been indexed from www.infosecurity-magazine.com Read the original article: Highest-Risk Security Flaw Found in Commvault Backup Solutions

Read more →

While the Verizon annual report showed that ransomware is rising, it also found that ransom payments are in decline This article has been indexed from www.infosecurity-magazine.com Read the original article: Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks

Read more →

NCC Group found that ransomware attacks fell by 32% in March compared to February, but described this finding as a “red herring” This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attacks Fall Sharply in March

Read more →

ETSI’s says new technical specification for securing AI models and systems sets international benchmark This article has been indexed from www.infosecurity-magazine.com Read the original article: ETSI Unveils New Baseline Requirements for Securing AI

Read more →

Ofcom’s Protection of Children Codes and Guidance lists 40 new child safety measures for tech firms This article has been indexed from www.infosecurity-magazine.com Read the original article: Ofcom Lays Down the Law with Child Safety Rules for Tech Giants

Read more →

After a 180% rise in last year’s report, the exploitation of vulnerabilities continues to grow, now accounting for 20% of all breaches This article has been indexed from www.infosecurity-magazine.com Read the original article: Verizon’s DBIR Reveals 34% Jump in Vulnerability…

Read more →

The FBI found that cybercrime losses climbed by 33% compared to 2023, driven by tactics like investment fraud and BEC This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Reveals “Staggering” $16.6bn Lost to Cybercrime in 2024

Read more →

Mandiant’s M-Trends report found that credential theft rose significantly in 2024, driven by the growing use of infostealers This article has been indexed from www.infosecurity-magazine.com Read the original article: Vulnerability Exploitation and Credential Theft Now Top Initial Access Vectors

Read more →

Marks and Spencer has confirmed that it has been managing a cyber incident for the past few days which affected its contactless payments and click and collect services This article has been indexed from www.infosecurity-magazine.com Read the original article: M&S…

Read more →

The latest ITRC data finds breach volumes remained flat in Q1 but victim numbers increased 26% annually This article has been indexed from www.infosecurity-magazine.com Read the original article: US Data Breach Victim Count Surges 26% Annually

Read more →

Dutch intelligence report warns of growing Russian aggression with hybrid warfare This article has been indexed from www.infosecurity-magazine.com Read the original article: Dutch Warn of “Whole of Society” Russian Cyber-Threat

Read more →

Barclays found that romance scam victims lost £8000 on average in 2024, a significant increase from the previous year This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Romance Scams Spike 20% as Online Dating Grows

Read more →

The tech giant has released its second Secure Future Initiative (SFI) progress report, showcasing its ongoing efforts to improve cybersecurity This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Reports 92% Adoption Rate for Phishing-Resistant MFA Among…

Read more →

A new malware campaign utilizing NFC-relay techniques has been identified carrying out unauthorized transactions through POS systems and ATMs This article has been indexed from www.infosecurity-magazine.com Read the original article: SuperCard X Enables Contactless ATM Fraud in Real-Time

Read more →

Billbug, a China-linked espionage group, has been observed targeting critical sectors in Southeast Asia with new tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Billbug Espionage Group Deploys New Tools in Southeast Asia

Read more →

Darktrace and Cado said the new campaign highlights a shift towards alternative methods of mining cryptocurrencies This article has been indexed from www.infosecurity-magazine.com Read the original article: New Cryptojacking Malware Targets Docker with Novel Mining Technique

Read more →

Security firm Human lifts the lid on prolific new ad fraud scheme dubbed “scallywag” This article has been indexed from www.infosecurity-magazine.com Read the original article: Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily

Read more →

The UN has warned that Southeast Asian fraud groups are expanding their operations This article has been indexed from www.infosecurity-magazine.com Read the original article: $40bn Southeast Asian Scam Sector Growing “Like a Cancer”

Read more →

Russian state actor Midnight Blizzard is using fake wine tasting events as a lure to spread malware for espionage purposes, according to Check Point This article has been indexed from www.infosecurity-magazine.com Read the original article: Midnight Blizzard Targets European Diplomats…

Read more →

An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild This article has been indexed from www.infosecurity-magazine.com Read the original article: NTLM Hash Exploit Targets Poland and Romania Days…

Read more →