Tag: www.infosecurity-magazine.com

DragonForce ransomware attacks Saudi firms stealing 6TB data, escalating cyber threats in real estate This article has been indexed from www.infosecurity-magazine.com Read the original article: DragonForce Ransomware Hits Saudi Firm, 6TB Data Stolen

Read more →

Winos 4.0 malware uses phishing emails to target organizations in Taiwan, Fortinet experts warn This article has been indexed from www.infosecurity-magazine.com Read the original article: Winos 4.0 Malware Targets Taiwan With Email Impersonation

Read more →

Veracode found a 47% increase in the average time taken to patch software vulnerabilities, driven by growing reliance on third-party code This article has been indexed from www.infosecurity-magazine.com Read the original article: Software Vulnerabilities Take Almost Nine Months to Patch

Read more →

In its 2025 Global Threat Report, CrowdStrike observed a significant escalation in Chinese cyber espionage activities This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Cyber Espionage Jumps 150%, CrowdStrike Finds

Read more →

OpenSSF has released new baseline security best practices to improve open source software quality This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenSSF Publishes Security Framework for Open Source Software

Read more →

FBI confirms North Korea’s Lazarus Group responsible for Bybit crypto heist This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Confirms North Korea’s Lazarus Group as Bybit Crypto Hackers

Read more →

99% of organizations report API-related security issues, highlighting risks from API growth This article has been indexed from www.infosecurity-magazine.com Read the original article: 99% of Organizations Report API-Related Security Issues

Read more →

DISA Global Solutions confirms data breach affecting 3.3M people, exposing sensitive personal info This article has been indexed from www.infosecurity-magazine.com Read the original article: DISA Global Solutions Confirms Data Breach Affecting 3.3M People

Read more →

Meredith Whittaker, Signal’s CEO, has threatened to pull the company out of Sweden if a proposed government bill requiring encryption backdoors becomes law This article has been indexed from www.infosecurity-magazine.com Read the original article: Signal May Exit Sweden If Government…

Read more →

IVF clinic Genea has confirmed that stolen patient data has been published online, with the Termite ransomware group appearing to be the perpetrators This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Gang Publishes Stolen Genea IVF…

Read more →

HaveIBeenPwned has added over 500 million new passwords and email addresses lifted via infostealers This article has been indexed from www.infosecurity-magazine.com Read the original article: HaveIBeenPwned Adds 244 Million Passwords Stolen By Infostealers

Read more →

Europe is hit hard as geopolitics drives increase in state-backed APT and hacktivist activity This article has been indexed from www.infosecurity-magazine.com Read the original article: Geopolitical Tension Fuels APT and Hacktivism Surge

Read more →

61% of hackers use new exploit code within 48 hours, ransomware remains top threat in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: 61% of Hackers Use New Exploit Code Within 48 Hours of Attack

Read more →

Ghostwriter cyber-attack targets Ukrainian, Belarusian opposition using weaponized Excel documents This article has been indexed from www.infosecurity-magazine.com Read the original article: Ghostwriter Cyber-Attack Targets Ukrainian, Belarusian Opposition

Read more →

Forescout observed the recently identified Chinese hacking group using medical imaging software applications to deliver malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese-Backed Silver Fox Plants Backdoors in Healthcare Networks

Read more →

ReliaQuest claims 80% of ransomware attacks now focus solely on exfiltrating data as it is faster This article has been indexed from www.infosecurity-magazine.com Read the original article: Only a Fifth of Ransomware Attacks Now Encrypt Data

Read more →

SecurityScorecard revealed that the large-scale password spraying campaign can bypass MFA and security access policies by utilizing Non-interactive sign-ins This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Botnet Bypasses MFA in Microsoft 365 Attacks

Read more →

New Hiya data finds 26% of UK consumers encountered a deepfake scam call in Q4 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Quarter of Brits Report Deepfake Phone Scams

Read more →

Elementor plugin flaw puts 2m WordPress websites at risk, allowing XSS attacks via malicious scripts This article has been indexed from www.infosecurity-magazine.com Read the original article: Essential Addons for Elementor XSS Vulnerability Discovered

Read more →

Michigan man indicted for dark web credential fraud, purchased 2,500 logins from Genesis Market This article has been indexed from www.infosecurity-magazine.com Read the original article: Michigan Man Indicted for Dark Web Credential Fraud

Read more →

Google Cloud’s Key Management Service now features quantum-safe digital signatures to strengthen data integrity and prepare for emerging quantum computing challenges This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Cloud Shields Data With Quantum-Resistant Digital Signatures

Read more →

Telstra found that 75% of cyber incidents impacting manufacturing firms originated from the targeting of IT systems connected to OT environments This article has been indexed from www.infosecurity-magazine.com Read the original article: IT/OT Convergence Fuels Manufacturing Cyber Incidents

Read more →

Experts argue Britons are now less secure after their government effectively forced Apple to abandon end-to-end encryption This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Slam Government After “Disastrous” Apple Encryption Move

Read more →

Following the largest-ever crypto theft, Bybit is offering researchers up to 10% of recovered funds This article has been indexed from www.infosecurity-magazine.com Read the original article: Bybit Offers $140m Bounty to Recover Funds After Mega Crypto-Heist

Read more →

Chinese threat actor Salt Typhoon used JumbledPath, a custom-built utility, to gain access to a remote Cisco device, said the network provider This article has been indexed from www.infosecurity-magazine.com Read the original article: Salt Typhoon Exploited Cisco Devices With Custom…

Read more →

Health Net Federal Services has agreed to pay over $11m over alleged false cybersecurity reporting This article has been indexed from www.infosecurity-magazine.com Read the original article: DoD Contractor Pays $11.2M over False Cyber Certifications Claims

Read more →

BlackBasta’s internal chatlogs are “highly useful from a threat intelligence perspective,” said Prodaft, the firm that revealed the leak This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackBasta Ransomware Chatlogs Leaked Online

Read more →

Microsoft has developed the first ever quantum chip, shortening the timeframe for when quantum computers will break exiting encryption This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft’s Quantum Chip Breakthrough Accelerates Threat to Encryption Protocols

Read more →

Fake job ads target freelance developers, spreading malware via GitHub This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Ads Target Freelance Developers via GitHub

Read more →

Mobile phishing attacks surged in 2024, with 16% of all incidents occurring in the US, according to a new Zimperium report This article has been indexed from www.infosecurity-magazine.com Read the original article: Mobile Phishing Attacks Surge with 16% of Incidents…

Read more →

A survey by IANS and Artico found significant regional variation in cybersecurity salary levels across North America This article has been indexed from www.infosecurity-magazine.com Read the original article: West Coast Cybersecurity Salaries Outshine Rest of Country

Read more →

Kela researchers 330 million compromised credentials to infostealer activity on over four million machines in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 330 Million Credentials Compromised by Infostealers

Read more →

Palo Alto Networks has observed exploit attempts chaining three vulnerabilities in its PAN-OS firewall appliances This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Chain Exploits of Three Palo Alto Networks Firewall Flaws

Read more →

CISA and the FBI have released a joint advisory detailing the activity of China’s Ghost ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA and FBI Warn of Global Threat from Ghost Ransomware

Read more →

A flaw in the Jupiter X Core plugin has been identified, allowing upload of malicious SVG files and remote code execution on vulnerable servers This article has been indexed from www.infosecurity-magazine.com Read the original article: WordPress Plugin Vulnerability Exposes 90,000…

Read more →

Finastra notifies customers of data breach that took place more than three months ago, impacting sensitive financial information This article has been indexed from www.infosecurity-magazine.com Read the original article: Finastra Notifies Customers of Data Breach

Read more →

Australia-based Genea said it is investigating the cyber incident to determine whether any personal data was accessed by an unauthorized third party This article has been indexed from www.infosecurity-magazine.com Read the original article: Australian IVF Clinic Suffers Data Breach Following…

Read more →

The head of the Australian Security Intelligence Organisation gave his Annual Threat Assessment for the year ahead This article has been indexed from www.infosecurity-magazine.com Read the original article: Spies Eye AUKUS Nuclear Submarine Secrets, Australia’s Intelligence Chief Warns

Read more →

Venture capital firm Insight Partners, which counts Recorded Future, SentinelOne and Wiz in its portfolio, confirmed an intrusion into its systems via a social engineering attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Investor Insight…

Read more →

Google has warned that Russian state-backed hackers are targeting Signal to eavesdrop on persons of interest in Ukraine This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian State Hackers Target Signal to Spy on Ukrainians

Read more →

Hudson Rock has found evidence that infostealers have compromised hundreds of US military and defense contractor credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Hundreds of US Military and Defense Credentials Compromised

Read more →

Significant OpenSSH flaws are exposing systems to man-in-the-middle and denial-of service attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenSSH Flaws Expose Systems to Critical Attacks

Read more →

Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications This article has been indexed from www.infosecurity-magazine.com Read the original article: Mustang Panda Leverages Microsoft Tools to…

Read more →

A new Snake Keylogger variant, responsible for over 280 million blocked infection attempts worldwide, has been identified targeting Windows users This article has been indexed from www.infosecurity-magazine.com Read the original article: Evolving Snake Keylogger Variant Targets Windows Users

Read more →

The BlackLock or Eldorado ransomware gang could be the year’s fastest-growing ransomware-as-a-service group This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackLock On Track to Be 2025’s Most Prolific Ransomware Group

Read more →

Proofpoint also identified two new threat actors operating components of web inject campaigns, TA2726 and TA2727 This article has been indexed from www.infosecurity-magazine.com Read the original article: Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer

Read more →

A threat actor claims to have hacked and published data on 12 million Zacks Investment Research accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Zacks Investment Research Breach Hits 12 Million

Read more →

Pro-Russia hackers NoName057(16) has targeted Italian banks, airports and ports in a series of DDoS attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Pro-Russia Hackers NoName057(16) Hit Italian Banks and Airports

Read more →

Microsoft has observed a new variant of XCSSET, a sophisticated macOS malware that infects Xcode projects This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Detects New XCSSET MacOS Malware Variant

Read more →

South Korea’s Personal Information Protection Commission is blocking DeepSeek AI downloads over privacy concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: South Korea Suspends Downloads of AI Chatbot DeepSeek

Read more →

A Golang backdoor is using Telegram as its command and control (C2) channel, an approach that makes detection harder for defenders, according to Netskope researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: Telegram Used as C2…

Read more →

Two Estonian nationals have pleaded guilty to running a cryptocurrency-related Ponzi scheme This article has been indexed from www.infosecurity-magazine.com Read the original article: Estonian Duo Plead Guilty to $577m Crypto Ponzi Scheme

Read more →

Vulnerabilities in firewalls from Palo Alto Networks and SonicWall are currently under active exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Palo Alto Networks and SonicWall Firewalls Under Attack

Read more →

Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Hackers Target Microsoft 365 Accounts with Device Code Phishing

Read more →

The organization becomes the AI Security Institute as the UK shifts its focus to tackling AI risks to national security This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s AI Safety Institute Rebrands Amid Government Strategy Shift

Read more →

Symantec found that tools previously only used by Chinese nation-state espionage actors were deployed in a ransomware attack This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Linked Espionage Tools Used in Recent Ransomware Attack

Read more →

US agencies have issued a new alert to eliminate buffer overflow vulnerabilities, urging memory-safe programming for secure-by-design software development This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA and FBI Warn Against Buffer Overflow Vulnerabilities

Read more →

Astaroth is an advanced phishing kit using real-time credential and session cookie capture to compromise Gmail, Yahoo and Office 365 accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Astaroth Phishing Kit Bypasses 2FA Using Reverse Proxy…

Read more →

Ahead of Valentine’s Day, Chainalysis figures reveal 40% increase in losses to pig butchering, or romance baiting, scams This article has been indexed from www.infosecurity-magazine.com Read the original article: Romance Baiting Losses Surge 40% Annually

Read more →

Microsoft found that Russian state actor Seashell Blizzard has deployed an initial access subgroup to gain persistent access in a range of high-value global targets This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Seashell Blizzard Enlists…

Read more →

The Electronic Frontier Foundation has requested a US federal court to block Elon Musk’s DOGE access to US Office of Personnel Management Data This article has been indexed from www.infosecurity-magazine.com Read the original article: EFF Leads Fight Against DOGE and…

Read more →

SecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korea Targets Crypto Devs Through NPM Packages

Read more →

Romance scams cost Americans $697.3m in 2024, with crypto fraud schemes on the rise This article has been indexed from www.infosecurity-magazine.com Read the original article: Romance Scams Cost Americans $697.3M Last Year

Read more →

NCSC CTO Ollie Whitehouse discussed a UK government-backed project designed to secure underlying computer hardware, preventing most vulnerabilities from occurring This article has been indexed from www.infosecurity-magazine.com Read the original article: CHERI Security Hardware Program Essential to UK Security, Says…

Read more →

Massive IoT data breach exposed 2.7 billion records including Wi-Fi credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Exclusive: Massive IoT Data Breach Exposes 2.7 Billion Records

Read more →

A new Everfox survey shows a growing consensus among regulated organizations in favor of a strategic shift away from detecting cyber threats to preventing them This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Detection Tech Failing,…

Read more →

The US and its allies have sanctioned Russian bulletproof hoster Zservers for abetting ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: US, UK and Australia Sanction Russian Bulletproof Hoster Zservers

Read more →

February Patch Tuesday sees Microsoft fix four zero-days, including two under active exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Another Two Actively Exploited Zero-Days

Read more →

An Alabama man has admitted hacking into the US Security and Exchange Commission’s X account using SIM swap fraud to gain access This article has been indexed from www.infosecurity-magazine.com Read the original article: Alabama Hacker Admits Role in SEC X…

Read more →

Gcore reported a 56% year-over-year rise in DDoS attacks in H2 2024, highlighting a steep long-term growth tend for the attack technique This article has been indexed from www.infosecurity-magazine.com Read the original article: DDoS Attack Volume and Magnitude Continues to…

Read more →

Chinese hackers are infiltrating the networks of suppliers of “sensitive” manufacturers, according to a Check Point report to be published in the coming weeks This article has been indexed from www.infosecurity-magazine.com Read the original article: New Chinese Hacking Campaign Targets…

Read more →

Ransomware groups are adopting agile techniques in a quantity-over-quality approach, according to a new report from Huntress This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Gangs Increasingly Prioritize Speed and Volume in Attacks

Read more →

Four Europeans were arrested in Phuket, believed to be members of the Phobos ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: 8Base Ransomware Site Seized, Phobos Suspects Arrested in Thailand

Read more →

Apple has patched a zero-day vulnerability being exploited in targeted attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple Mitigates “Extremely Sophisticated” Zero-Day Exploit

Read more →

Kela researchers explain that infostealers are to blame for compromised OpenAI logins This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenAI Was Not Breached, Say Researchers

Read more →

Trend Micro uncovers BadIIS malware exploiting IIS servers for SEO fraud and malicious redirects This article has been indexed from www.infosecurity-magazine.com Read the original article: BadIIS Malware Exploits IIS Servers for SEO Fraud

Read more →

A US resident based in Indiana was charged with cyber intrusion and cryptocurrency theft conspiracies This article has been indexed from www.infosecurity-magazine.com Read the original article: US: Man Gets 20 Years for $37m Crypto Heist

Read more →

Memorial Hospital and Manor, located in Bainbridge, Georgia, has alerted 120,000 individuals that their data was breached following a ransomware attack last November This article has been indexed from www.infosecurity-magazine.com Read the original article: Georgia Hospital Alerts 120,000 Individuals of…

Read more →

The UK MoD has announced it is fast-tracking the recruitment of specialist cybersecurity roles, with recruits offered a starting salary of above £40,000 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Military Fast-Tracks Cybersecurity Recruitment

Read more →

Security and privacy experts have questioned a new demand from the UK Home Office on Apple’s encrypted iCloud service This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Dismayed at UK’s Apple Decryption Demands

Read more →

Europol has urged the financial sector to prioritize quantum-safe cryptography This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Warns Financial Sector of “Imminent” Quantum Threat

Read more →

27 UK public sector organizations faced ICO enforcement actions in 2024, with three fines issued, according to URM Consulting This article has been indexed from www.infosecurity-magazine.com Read the original article: Most UK GDPR Enforcement Actions Targeted Public Sector in 2024

Read more →

The technique, called nullifAI, allows the models to bypass Hugging Face’s protective measures against malicious AI models This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious AI Models on Hugging Face Exploit Novel Attack Technique

Read more →

Orange Cyberdefense found that over half of UK financial firms suffered at least one third-party attack in 2024, linked to significant gaps in risk management strategies This article has been indexed from www.infosecurity-magazine.com Read the original article: Third-Party Risk Management…

Read more →

Sophos has observed cybercriminals ramping up their use of graphics files as part of email phishing attacks to bypass conventional security protections This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Weaponize Graphics Files in Phishing Attacks

Read more →

US and Europol dismantle neo-Nazi child abuse network in global crackdown against online exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Cracks Down on Global Child Abuse Network “The Com”

Read more →

Patchstack urges admins to patch new WordPress ASE plugin vulnerability that lets users restore previous admin privileges This article has been indexed from www.infosecurity-magazine.com Read the original article: WordPress ASE Plugin Vulnerability Threatens Site Security

Read more →

A Bitdefender researcher was targeted by North Korea’s Lazarus with the lure of a fake job offer This article has been indexed from www.infosecurity-magazine.com Read the original article: Lazarus Group Targets Bitdefender Researcher with LinkedIn Recruiting Scam

Read more →

This new independent non-profit was set up by the UK insurance industry to bring more transparency around cyber events This article has been indexed from www.infosecurity-magazine.com Read the original article: New UK Cyber Monitoring Centre Introduces ‘Richter Scale’ for Cyber-Attacks

Read more →

The UK’s National Cyber Security Centre has published a new set of resources for startups and researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Issues Guidance to Protect UK Research and Innovation

Read more →

Spain’s National Police force has arrested a suspected data thief who targeted government and military victims This article has been indexed from www.infosecurity-magazine.com Read the original article: Spanish Police Arrest Suspected NATO and US Army Hacker

Read more →

A new phishing attack by UAC-0006 has been discovered targeting PrivatBank with malicious files in password-protected archives to evade detection This article has been indexed from www.infosecurity-magazine.com Read the original article: Sophisticated Phishing Campaign Targets Ukraine’s Largest Bank

Read more →

Chainalysis found that ransomware payments fell significantly year-over-year despite a recorded increase in the number of ransomware events in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Payments Decline 35% as Victims Resist Demands

Read more →

Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing This article has been indexed from www.infosecurity-magazine.com Read the original article: Mobile Malware Targeting Indian Banks Exposes 50,000 Users

Read more →

The UK and its Five Eyes partners have launched new security guidance for edge device manufacturers and network defenders This article has been indexed from www.infosecurity-magazine.com Read the original article: Five Eyes Launch Guidance to Improve Edge Device Security

Read more →

Contrast Security reveals a 12.5% annual increase in destructive cyber-attacks on banks This article has been indexed from www.infosecurity-magazine.com Read the original article: Destructive Attacks on Financial Institutions Surge

Read more →

Check Point has observed cybercriminals toy with Alibaba’s Qwen LLM to develop infostealers This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Eye DeepSeek, Alibaba LLMs for Malware Development

Read more →

Contrast Security reveals a 12.5% annual increase in destructive cyber-attacks on banks This article has been indexed from www.infosecurity-magazine.com Read the original article: Destructive Attacks on Financial Institutions Surge 13%

Read more →

DaggerFly’s Lunar Peek campaign is using a new malware strain, identified by FortiGuard Labs, to compromise Linux networks This article has been indexed from www.infosecurity-magazine.com Read the original article: DaggerFly-Linked Linux Malware Targets Network Appliances

Read more →

Picus Security reports infostealer surge after revealing credentials appear in 29% of malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Threefold Increase in Malware Targeting Credential Stores

Read more →