Tag: www.infosecurity-magazine.com

NIST has urged more research and emphasis on developing mitigations for attacks on AI and ML systems This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Warns of Significant Limitations in AI/ML Security Mitigations

Read more →

Sygnia has uncovered Weaver Ant, a Chinese threat actor that spied on telecommunications networks for years This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Linked Weaver Ant Hackers Exposed After Four-Year Telco Infiltration

Read more →

Kela researchers detect a 200%+ increase in dark web chatter about malicious AI tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Dark Web Mentions of Malicious AI Tools Spike 200%

Read more →

Wiz Security finds four critical RCE vulnerabilities in the Ingress NGINX Controller for Kubernetes This article has been indexed from www.infosecurity-magazine.com Read the original article: IngressNightmare: Four Critical Bugs Found in 40% of Cloud Systems

Read more →

VanHelsingRaaS, a new ransomware-as-a-service program, infected three victims within two weeks of release, demanding ransoms of $500,000 This article has been indexed from www.infosecurity-magazine.com Read the original article: VanHelsingRaaS Expands Rapidly in Cybercrime Market

Read more →

Ukraine’s national railway company has suffered a “large-scale” cyber-attack, disrupting online services and operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukraine Railway Systems Hit by Targeted Cyber-Attack

Read more →

Authorities in seven African countries have arrested 306 suspects and seized 1842 devices in Operation Red Card This article has been indexed from www.infosecurity-magazine.com Read the original article: Authorities Seize 1842 Devices in Africa’s Cybercrime Crackdown

Read more →

Two years after a data breach that compromised almost seven million customers, 23andMe’s CEO has resigned as the company files for bankruptcy This article has been indexed from www.infosecurity-magazine.com Read the original article: California AG Reminds 23andMe Customers of Data…

Read more →

The UK’s National Crime Agency has launched a new campaign designed to raise awareness of sextortion among teenage boys This article has been indexed from www.infosecurity-magazine.com Read the original article: Teen Boys at Risk of Sextortion as 74% Lack Basic…

Read more →

Threat actors are looking to compromise Google accounts to further malvertising and data theft This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Account Hijackers Target Victims Via Semrush Ads

Read more →

Trend Micro observed a continuous development of Albabat ransomware, designed to expand attacks and streamline operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Albabat Ransomware Evolves to Target Linux and macOS

Read more →

A security researcher has observed threat actors exploiting vulnerabilities in a driver used by CheckPoint’s ZoneAlarm antivirus to bypass Windows security measures This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Exploit CheckPoint Antivirus Driver in Malicious…

Read more →

Attackers are exploiting user familiarity with CAPTCHAs to distribute the Lumma Stealer RAT via malicious PowerShell commands, according to HP This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Use Fake CAPTCHAs to Deploy Lumma Stealer RAT

Read more →

The FishMonger APT Group has been linked with I-SOON, targeting governments, NGOs and think tanks in cyber-espionage campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: FishMonger APT Group Linked to I-SOON in Espionage Campaigns

Read more →

Rooted devices are 250 times more vulnerable to security incidents, Zimperium warned This article has been indexed from www.infosecurity-magazine.com Read the original article: Rooted Devices 250 Times More Vulnerable to Compromise

Read more →

Bridewell has released its annual report on critical infrastructure security leaders’ perceived cybersecurity maturity and threats This article has been indexed from www.infosecurity-magazine.com Read the original article: UK CNI Security Leaders Express Confidence in Cybersecurity, Despite 95% Breach Rate

Read more →

February’s Operation Henhouse resulted in hundreds of arrests and the seizure of £7.5m This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Police Arrest 422 in Major Fraud Crackdown

Read more →

The Pennsylvania State Education Association (PSEA) has sent breach notifications to over 500,000 current and former members This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half a Million Hit by Pennsylvania Schools Union Breach

Read more →

New NCSC guidance sets out a three-phase migration to post-quantum cryptography, designed to ensure all systems are protected from quantum attacks by 2035 This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Sets 2035 Deadline for Post-Quantum…

Read more →

Newly discovered vulnerability ZDI-CAN-25373 takes advantage of Windows shortcuts has been exploited by 11 state-sponsored groups since 2017 This article has been indexed from www.infosecurity-magazine.com Read the original article: Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups

Read more →

A surge in browser-based phishing attacks has been recorded over the past year, with a 140% increase compared to 2023 according to Menlo Security This article has been indexed from www.infosecurity-magazine.com Read the original article: 752,000 Browser Phishing Attacks Mark…

Read more →

World-renowned physicist, Professor Brian Cox, will headline day one of Infosecurity Europe, analyzing the science behind quantum computing and the challenges it brings This article has been indexed from www.infosecurity-magazine.com Read the original article: Brian Cox to Discuss Quantum Computing’s…

Read more →

The US Cybersecurity and Infrastructure Security Agency added flaws in Fortinet and a popular GitHub Action to its Known Exploited Vulnerabilities catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: Fortinet Vulnerability Exploited in Ransomware Attack, CISA…

Read more →

Security firm Barracuda said it has detected more than a million phishing-as-a-service (PhaaS) attacks in 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: Sneaky 2FA Joins Tycoon 2FA and EvilProxy in 2025 Phishing Surge

Read more →

Gartner has claimed that AI agents will reduce the time it takes to exploit exposed accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Gartner Warns Agentic AI Will Accelerate Account Takeovers

Read more →

Europol’s annual report warns of a growing threat from aligned state and cybercrime groups, enabled by AI technologies This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Warns of “Shadow Alliance” Between States and Criminals

Read more →

A Cato Networks researcher discovered a new LLM jailbreaking technique enabling the creation of password-stealing malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Researcher Proves GenAI Tools Can Develop Google Chrome Infostealers

Read more →

Report reveals common password use in RDP attacks, highlighting weak credentials remain a major security flaw This article has been indexed from www.infosecurity-magazine.com Read the original article: New Report Highlights Common Passwords in RDP Attacks

Read more →

Google is set to acquire Wiz, a cloud security platform founded in 2020, for $32bn in an all-cash deal This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Buys Wiz in $32bn Cloud Security Push

Read more →

Leaked chat logs have exposed connections between the BlackBasta ransomware group and Russian authorities, according to new analysis by Trellix This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackBasta Ransomware Ties to Russian Authorities Uncovered

Read more →

Flashpoint data points to a surge in data breaches fueled by compromised credentials, ransomware and exploits This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 16.8 Billion Records Exposed as Data Breaches Increase 6%

Read more →

Bitdefender said the malicious app campaign has resulted in more than 60 million downloads of malicious apps from the Google Play Store This article has been indexed from www.infosecurity-magazine.com Read the original article: Large-Scale Malicious App Campaign Bypassing Android Security

Read more →

Bitsight reveals that UK companies are more exposed to cyber risk than global peers via their digital supply chains This article has been indexed from www.infosecurity-magazine.com Read the original article: Third of UK Supply Chain Relies on “Chinese Military” Companies

Read more →

Cloudflare introduces E2E post-quantum cryptography, enhancing security against quantum threats This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloudflare Introduces E2E Post-Quantum Cryptography Protections

Read more →

From March 17, Ofcom will enforce rules requiring tech platforms operating in the UK to remove illegal content, including child abuse material This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s Online Safety Act: Ofcom Can Now…

Read more →

DarkAtlas researchers have uncovered a direct link between BlackLock and the Eldorado ransomware group, confirming a rebranded identity of the notorious threat actor This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Confirm BlackLock as Eldorado Rebrand

Read more →

A bipartisan delegation of US Congresspeople and Senators has asked the hearing between the UK government and Apple to be made public This article has been indexed from www.infosecurity-magazine.com Read the original article: US Legislators Demand Transparency in Apple’s UK…

Read more →

Action Fraud reported a spike in social media and email account hacks in 2024, resulting in losses of nearly £1m This article has been indexed from www.infosecurity-magazine.com Read the original article: £1M Lost as UK Social Media and Email Account…

Read more →

Common Good Cyber has released a new mapping database designed to help NGOs find the security tools they need This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Database Aims to Empower Non-Profits

Read more →

Researchers warn that popular open source software package tj-actions has been compromised This article has been indexed from www.infosecurity-magazine.com Read the original article: Tj-actions Supply Chain Attack Exposes 23,000 Organizations

Read more →

US authorities have extradited Rostislav Panev on charges of being a developer of the notorious LockBit ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Ransomware Developer Extradited to US

Read more →

Barracuda observed threat actors impersonating the Clop ransomware group via email to extort payments, claiming to have exfiltrated sensitive data This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraudsters Impersonate Clop Ransomware to Extort Businesses

Read more →

Sir Jeremy Fleming spoke during Palo Alto Networks’ Ignite event in London on March 13 This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director

Read more →

Volt Typhoon’s ten-month intrusion of Littleton Electric Light and Water Departments exposes vulnerabilities in the US electric grid This article has been indexed from www.infosecurity-magazine.com Read the original article: Volt Typhoon Accessed US OT Network for Nearly a Year

Read more →

CISA and FBI warn of Medusa ransomware impacting over 300 victims across critical infrastructure sectors with double extortion tactics This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA, FBI Warn of Medusa Ransomware Impacting Critical Infrastructure

Read more →

Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware This article has been indexed from www.infosecurity-magazine.com Read the original article: ‘ClickFix’ Phishing Scam Impersonates Booking.com to Target Hospitality

Read more →

Palo Alto Networks found that nearly two-thirds of UK organizations cited technology complexity as the most significant challenge towards building a sophisticated security posture This article has been indexed from www.infosecurity-magazine.com Read the original article: Tech Complexity Puts UK Cybersecurity…

Read more →

VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously This article has been indexed from www.infosecurity-magazine.com Read the original article: VC Investment in Cyber Startups Surges 35%

Read more →

The UK’s information commissioner has warned that all digital firms using children’s data must follow the GDPR This article has been indexed from www.infosecurity-magazine.com Read the original article: UK ICO Fires GDPR “Warning Shot” Over Use of Children’s Data

Read more →

ISACA London Chapter members demand e-voting system investigation over security and privacy concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: ISACA London Chapter’s E-Voting System Comes Under Scrutiny

Read more →

In a new round of cuts since Donald Trump became president, 100 people working with the US Cybersecurity and Infrastructure Agency saw their contracts terminated This article has been indexed from www.infosecurity-magazine.com Read the original article: Trump Administration Shakes Up…

Read more →

iOS 18.3.2 patches actively exploited WebKit flaw, addressing critical security risks for users This article has been indexed from www.infosecurity-magazine.com Read the original article: iOS 18.3.2 Patches Actively Exploited WebKit Vulnerability

Read more →

Surging machine identities, faster threat detection and fewer vulnerabilities are shaping cloud security according to a new report This article has been indexed from www.infosecurity-magazine.com Read the original article: Machine Identities Outnumber Humans Increasing Risk Seven-Fold

Read more →

Mandiant revealed that Chinese espionage actor UNC3886 has deployed modified versions of the TinyShell backdoor across multiple Juniper OS routers This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers Implant Backdoor Malware on Juniper Routers

Read more →

Microsoft has fixed seven zero-days this Patch Tuesday, including one not currently being actively exploited This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Patches a Whopping Seven Zero-Days in March

Read more →

The UK’s cybersecurity sector added thousands of workers and over £1bn in revenue in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Cybersecurity Sector Revenue Grows 12% to Top £13bn

Read more →

Blind Eagle has been running campaigns targeting the Colombian government with malicious .url files and phishing attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Blind Eagle Targets Colombian Government with Malicious .url Files

Read more →

New York sues Allstate over data breach, alleging security failures that exposed the driver’s license numbers of nearly 200,000 individuals This article has been indexed from www.infosecurity-magazine.com Read the original article: New York Sues Allstate Over Data Breach and Security…

Read more →

Mimecast found that insider threats, credential misuse and user-driven errors were involved in most security incidents last year This article has been indexed from www.infosecurity-magazine.com Read the original article: 95% of Data Breaches Tied to Human Error in 2024

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has added five new flaws in Ivanti and VeraCore products to its Known Exploited Vulnerabilities catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges All Organizations to…

Read more →

More than 14,500 girls from across the UK took part in this year’s CyberFirst Girls competition This article has been indexed from www.infosecurity-magazine.com Read the original article: Record Number of Girls Compete in CyberFirst Contest

Read more →

Pro-Palestine Dark Storm Team group claims responsibility for major DDoS attacks on X This article has been indexed from www.infosecurity-magazine.com Read the original article: DDoS Blamed as X Suffers Multiple Outages

Read more →

SIM swapping fraud surges in the Middle East as cybercriminals exploit websites mimicking legitimate services to steal personal data This article has been indexed from www.infosecurity-magazine.com Read the original article: SIM Swapping Fraud Surges in the Middle East

Read more →

A new report by Fortinet reveals techniques used by attackers to evade detection and compromise systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Surge in Malicious Software Packages Exploits System Flaws

Read more →

The Alan Turing institute urged government and academia to address systemic cultural and structural security barriers in UK AI research This article has been indexed from www.infosecurity-magazine.com Read the original article: UK AI Research Under Threat From Nation-State Hackers

Read more →

Starting April 2025, Swiss critical infrastructure organizations will have to report cyber-attacks to the country’s authorities within 24 hours of discovery This article has been indexed from www.infosecurity-magazine.com Read the original article: Switzerland Mandates Cyber-Attack Reporting for Critical Infrastructure

Read more →

Software developer Davis Lu cost his employer hundreds of thousands after deploying malware that caused crashes and failed logins This article has been indexed from www.infosecurity-magazine.com Read the original article: Texas Developer Convicted After Kill Switch Sabotage Plot

Read more →

Fortra claims the number of unauthorized Cobalt Strike licenses in the wild fell 80% over two years This article has been indexed from www.infosecurity-magazine.com Read the original article: Number of Unauthorized Cobalt Strike Copies Plummets 80%

Read more →

Travelers found that ransomware groups are focusing on targeting weak credentials on VPN and gateway accounts for initial access, marking a shift from 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Groups Favor Repeatable Access…

Read more →

AI-driven cyberattacks are rapidly escalating, with a vast majority of security professionals reporting encounters and anticipating a surge, while struggling with detection This article has been indexed from www.infosecurity-magazine.com Read the original article: Majority of Orgs Hit by AI Cyber-Attacks…

Read more →

Symantec found that Medusa has listed almost 400 victims on its data leaks site since early 2023, demanding ransom payments as high as $15m This article has been indexed from www.infosecurity-magazine.com Read the original article: Medusa Ransomware Claims 40+ Victims…

Read more →

An arbitrary file upload vulnerability in the Chaty Pro plugin has been identified, affecting 18,000 WordPress sites This article has been indexed from www.infosecurity-magazine.com Read the original article: Vulnerability in Chaty Pro Plugin Exposes 18,000 WordPress Sites

Read more →

Attackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt Strike for persistence This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Target Japanese Firms with Cobalt Strike

Read more →

Attackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt Strike for persistence This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Targeting Japanese Firms with Cobalt Strike

Read more →

Layoffs and cutbacks have been cited as major factors in a significant drop in job satisfaction among women working in cybersecurity, according to ISC2 This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Job Satisfaction Plummets, Women…

Read more →

Enisa identifies six sectors that it says must improve on NIS2 compliance This article has been indexed from www.infosecurity-magazine.com Read the original article: Six Critical Infrastructure Sectors Failing on NIS2 Compliance

Read more →

The DoJ has charged Chinese government and i-Soon employees for a series of for-profit data theft campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: US Charges Members of Chinese Hacker-for-Hire Group i-Soon

Read more →

Chinese espionage group Silk Typhoon is increasingly exploiting common IT solutions to infiltrate networks and exfiltrate data This article has been indexed from www.infosecurity-magazine.com Read the original article: Silk Typhoon Shifts Tactics to Exploit Common IT Solutions

Read more →

Nonprofits are facing a surge in cyber-attacks as email threats rise 35%, targeting donor data and transactions This article has been indexed from www.infosecurity-magazine.com Read the original article: Nonprofits Face Surge in Cyber-Attacks as Email Threats Rise 35%

Read more →

With Android Scam Detection for messages and calls, Google wants to push scam detection further than traditional spam detection This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Introduces New AI-Powered Scam Detection Features for Android

Read more →

ISACA identified factors such as heavy workload and long hours as the primary causes of stress, while there has been high turnover of IT professionals in the past two years This article has been indexed from www.infosecurity-magazine.com Read the original…

Read more →

New SANS Institute research finds that 50% of global organizations were hit by an OT security incident in the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half of Organizations Report Serious OT Security…

Read more →

GuidePoint Security has received reports of multiple organizations receiving ransom letters in the mail This article has been indexed from www.infosecurity-magazine.com Read the original article: Would-be Extortionists Send “BianLian” Ransom Notes in the Mail

Read more →

A cyber-espionage campaign targeting UAE aviation and transport has been identified by researchers, using customized lures to deploy Sosano malware This article has been indexed from www.infosecurity-magazine.com Read the original article: New Cyber-Espionage Campaign Targets UAE Aviation and Transport

Read more →

Private 5G networks face security risks amid AI adoption and a lack of specialized expertise This article has been indexed from www.infosecurity-magazine.com Read the original article: Private 5G Networks Face Security Risks Amid AI Adoption

Read more →

Cloud software firm VMware has issued a critical security advisory, detailing three zero-day vulnerabilities being actively exploited in the wild This article has been indexed from www.infosecurity-magazine.com Read the original article: VMware Warns Customers to Patch Actively Exploited Zero-Day Vulnerabilities

Read more →

Nisos has found six personas leveraging new and existing GitHub accounts to get developer jobs in Japan and the US This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Fake IT Workers Leverage GitHub to Build…

Read more →

Fastly found that organizations have introduced changes such as increasing CISO participation in strategic decisions in response to growing personal liability risks This article has been indexed from www.infosecurity-magazine.com Read the original article: CISO Liability Risks Spur Policy Changes at…

Read more →

CISA has added five more CVEs into its known exploited vulnerabilities catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Government to Patch Exploited Cisco, Microsoft Flaws

Read more →

Sumsub research finds European iGaming market is losing billions to fraud each year This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Online Gambling Firms Lose 10% of Revenue to Fraud

Read more →

Phishing attack exploits social engineering techniques alongside Microsoft Teams and remote access software to deploy BackConnect malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Leverage Microsoft Teams and Quick Assist for Access

Read more →

The US Cybersecurity and Infrastructure Security Agency confirmed it will keep defending against Russian cyber threats to US critical infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Denies Reports of Shift in Cybersecurity Posture Amid…

Read more →

A new phishing campaign has been identified using Havoc to control infected systems, leveraging SharePoint and Microsoft Graph API This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Campaign Uses Havoc Framework to Control Infected Systems

Read more →

Telecoms provider Vodafone has developed the new proof of concept with IBM, as it seeks to implement post-quantum cryptography ahead of anticipated quantum-based attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Vodafone Trials Quantum-Safe Tech to…

Read more →

The Information Commissioner’s Office is now investigating how TikTok uses 13–17-year-olds’ personal information This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Launches TikTok Investigation Over Use of Children’s Data

Read more →

Threat actors are exploiting a zero-day bug in Paragon Partition Manager’s BioNTdrv.sys driver during ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: BYOVD Attacks Exploit Zero-Day in Paragon Partition Manager

Read more →

Data from Resilience found that third-party attacks made up 23% of material cyber insurance claims in 2024, with ransomware attacks targeting vendors a major driver This article has been indexed from www.infosecurity-magazine.com Read the original article: Third-Party Attacks Drive Major…

Read more →

In February 2025, Sophos completed the Secureworks deal and SolarWinds went private This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity M&A Roundup: SolarWinds Acquired for $4.4bn

Read more →

Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report This article has been indexed from www.infosecurity-magazine.com Read the original article: Old Vulnerabilities…

Read more →

A joint operation between the Thai and Singapore police has resulted in the arrest of a man allegedly responsible for over 90 data extortion attacks worldwide This article has been indexed from www.infosecurity-magazine.com Read the original article: Prolific Data Extortion…

Read more →