Category: http://www.infosecurity-magazine.com/rss/news/76/application-security/

The new backdoor is being used by Earth Lusca to conduct cyber-espionage campaigns, primarily against governments in Asia and the Balkans This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Group Exploiting Linux Backdoor to Target Governments

Read more →

FBI director Christopher Wray said that partnerships with the private sector have changed the FBI’s approach to fighting cybercrime This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #mWISE: FBI Director Urges Greater Private-Public Collaboration Against Cybercrime

Read more →

Database compromise dates back to March 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Threat Actor Claims Major TransUnion Data Breach

Read more →

Database compromise dates back to March 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Threat Actor Claims Major TransUnion Customer Data Breach

Read more →

US manufacturer can’t say when operations will return to normal This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Clorox Struggling to Recover From August Cyber-Attack

Read more →

An overly permissive Shared Access Signature (SAS) token was to blame This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft AI Researchers Leak 38TB of Private Data

Read more →

Sophos researchers highlight a highly sophisticated operation utilizing fake trading pools of cryptocurrency from DeFi trading applications This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Fraudsters Steal Over $1m in Three Weeks Through ‘Pig Butchering’ Crypto Scam

Read more →

Around 25,000 global victims will receive full compensation This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Another $40m Dispersed to Western Union Fraud Victims

Read more →

Global cops support Spanish investigation into massive fraud This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Illegal Betting Ring Used Satellite Tech to Get Scoop on Results

Read more →

Chinese social media giant broke GDPR several times over This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: TikTok Fined $368m For Child Data Privacy Offenses

Read more →

Palo Alto Networks found that over 45% of organizations’ high-risk exposures in the cloud were due to cloud providers introducing new services This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cloud to Blame for Almost all Security…

Read more →

The report says China is likely to launch destructive cyber-attacks against the US Homeland in the event of a military conflict This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: China’s Malicious Cyber Activity Informing War Preparations, Pentagon…

Read more →

Incident exposed personal information at 3200 vendors This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Pirated Software Likely Cause of Airbus Breach

Read more →

APT33 activity resulted in data theft from small number of victims This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Iranian Threat Group Hits Thousands With Password Spray Campaign

Read more →

Attackers compromised loyalty program data via supplier This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Caesars Entertainment Reveals Major Ransomware Breach

Read more →

Officers working undercover or in sensitive roles like intelligence could be exposed This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Manchester Police Officers’ Data Breached in Third-Party Attack

Read more →

A new court filing from the US Department of Justice suggests the billionaire “may have jeopardized data privacy and security” at Twitter, now known as X This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Elon Musk in…

Read more →

North Korean actors have become prolific crypto-thieves This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Lazarus Group Blamed For $53m Heist at CoinEx

Read more →

Symantec says it was used in a failed LockBit attack This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Wake-Up Call as 3AM Ransomware Variant Is Discovered

Read more →

But IBM warns credential compromise is number one initial access vector This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cloud Vulnerabilities Surge 200% in a Year

Read more →

The new campaign is believed to be perpetrated by Storm-0324, which distributes the payloads of other attackers after achieving initial network compromise This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Microsoft Teams Phishing Campaign Targets Corporate…

Read more →

The malware researchers’ collective Vx-underground claimed that ALPHV/BlackCat was behind the attack against the casino giant This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MGM Criticized for Repeated Security Failures

Read more →

The parliamentary inquiry heard there are “particular shortages” of cybersecurity experts in the civil service, with pay restraints a major factor This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chilling Lack of Cyber Experts in UK Government,…

Read more →

Microsoft announces updates for around 60 CVEs This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Fixes Two Zero-Day Bugs Used in Attacks

Read more →

New roadmap will cover Fiscal Year 2024-26 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Publishes Plan to Enhance Open Source Security

Read more →

Data protection regulator and security agency sign MoU This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK ICO and NCSC Set to Share Anonymized Threat Intelligence

Read more →

According to Fortinet security expert Cara Lin, the attack begins with a phishing email This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Windows Systems Targeted in Multi-Stage Malware Attack

Read more →

SlashNext research shows that most of these tools connect to jailbroken versions of public chatbots This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cyber-criminals “Jailbreak” AI Chatbots For Malicious Ends

Read more →

The incident disrupted key company services, impacting website, bookings and in-casino functions This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MGM Resorts Hit By Cyber-Attack, Systems Down

Read more →

The report highlights the complex supply chain involved in ransomware attacks, requiring a more holistic approach to be taken by governments This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Fighting Individual Ransomware Strains Fruitless, UK Agencies Suggest

Read more →

Symantec warns of mounting threat to critical infrastructure This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Redfly Group Compromises National Power Grid

Read more →

Federal agencies have one month to fix BlastPass vulnerabilities This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Government Ordered to Urgently Patch Apple Zero-Day Bugs

Read more →

Policing group releases first ever report on the topic This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Europol: Financial Crime Makes “Billions” and Impacts “Millions”

Read more →

Kaspersky found suspicious files in December 2022 which activated the komar65 library known as BUGHATCH This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cuba Ransomware Group Unleashes Undetectable Malware

Read more →

ESET explained the impact of the supply chain attack translated to a 16.8% increase in Trojan detections This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Lazarus Group Targets macOS in Supply Chain Assault

Read more →

Beavers emphasized ongoing modernization initiatives for IT architecture and user experience This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Pentagon Urges Collaboration in Cyber Defense

Read more →

The report found that many boards struggle to challenge what they hear about cybersecurity from their organization’s CISO This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Board Members Struggling to Understand Cyber Risks

Read more →

The government’s email system has suffered from a massive ransomware attack in August This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ransomware Attack Wipes Out Four Months of Sri Lankan Government Data

Read more →

Maidstone’s St Augustine Academy is latest victim This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: IT Systems Encrypted After UK School Hit By Ransomware

Read more →

Victims were targeted by follow-on phishing attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: AP Stylebook Breach May Have Hit Hundreds of Journalists

Read more →

Researchers warn of spyware hidden in legitimate-looking apps This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Evil Telegram Mods Removed From Google Play

Read more →

The findings come from a new report released by Microsoft Threat Analysis Center on Thursday This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: China Unleashes AI-Powered Image Generation For Influence Operations

Read more →

Cisco Talos reported that the campaign has been active since at least November 2021 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cyber-criminals Exploit GPUs in Graphic Design Software

Read more →

The team has discovered the exploitation of at least one zero-day flaw in the last few weeks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google TAG Exposes North Korean Campaign Targeting Researchers

Read more →

Vladislav Klyushin hacked into US filing agents to discover non-public information about hundreds of companies on the US stock exchange This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian Man Handed Nine-Year Sentence for Hacking Scheme

Read more →

Apache flaw can enable remote command execution This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Adds Critical RocketMQ Bug to Must-Patch List

Read more →

ICO reveals over half of women are worried about their data This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Regulator to Investigate Fertility App Security Concerns

Read more →

Apache flaw can enable remote command execution This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Adds Critical RocketMQ Bug to Must-Patch List

Read more →

Users of iOS devices urged to enable lockdown mode This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Apple Patches Two Zero-Days Exploited in Pegasus Attacks

Read more →

The Traceable report is based on insights from 1629 cybersecurity experts across the US, UK and EU This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: API Vulnerabilities: 74% of Organizations Report Multiple Breaches

Read more →

Akamai found domain shifts of 50 days from expected dates, suggesting hacker-driven confusion This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: DGA Behavior Shifts Raise Cybersecurity Concerns

Read more →

The exploit code, shared by a researcher on Reddit, demonstrates the issue This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Zero-Day Flaw Exposes Atlas VPN User IPs

Read more →

These new sanctions follow a first wave in February 2023, where seven Russians involved with Trickbot and Conti were also sanctioned This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK and US Sanction 11 Russians Tied to…

Read more →

The attackers may have accessed sensitive patient information, such as health insurance and medication details This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: IBM Reports Patient Data Breach at Johnson & Johnson Subsidiary

Read more →

The threat actor used the stolen key to breach 25 organizations, including US government agencies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Hacker Steals Microsoft Signing Key, Spies on US Government

Read more →

Progressive Britain wants the party to borrow from US security strategy This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Think Tank Urges Labour to Promote “Securonomics” Agenda

Read more →

Users are first targeted by Facebook adverts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Hundreds of Scam Pages Uncovered in Major Investment Fraud Campaign

Read more →

Statement to Lords heralds delay to on-device message scanning This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Government Backs Down on Anti-Encryption Stance

Read more →

The open source tool will enable cyber teams to consistently test and boost the defenses of ICS environments This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MITRE and CISA Release OT Attack Emulation Tool

Read more →

The attack has been carried out using legitimate services and standard software functions, CERT-UA observed This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russia-Backed APT28 Tried to Attack a Ukrainian Critical Power Facility

Read more →

The unpatched bug in PHPFusion could result in the theft of sensitive data, Synopsys researchers warn This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: High-Severity Vulnerability Discovered in Popular CMS

Read more →

The attack has been carried out using legitimate services and standard software functions, CERT-UA observed This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russia-Backed APT28 Tried to Attack Ukrainian Critical Power Facility

Read more →

Their global peers feel the opposite, according to Proofpoint study This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Boards Are Growing Less Concerned About Cyber-Risk

Read more →

Secretive group targets specifically Microsoft 365 accounts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Experts Uncover Underground Phishing “Empire” W3LL

Read more →

Hot wallets were compromised at firm This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Crypto Casino Stake.com Back Online After $40m Heist

Read more →

SAML flaw in enabled rogue customers to access others’ SaaS data This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Mend.io SAML Vulnerability Exposed

Read more →

Auditors cited outdated software and unsupported iPhones as key reasons for the failed test This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Electoral Commission Fails Cybersecurity Test Amid Data Breach

Read more →

Group-IB said 2022 saw 30% more loyalty fraud, impacting 75+ airlines and involving 2000 malicious sources This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Airlines Battle Surge in Loyalty Program Fraud

Read more →

Highgate Wood School forced to delay new term for six days This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: More Schools Hit By Cyber-Attacks Before Term Begins

Read more →

Industry veteran Ollie Whitehouse is confirmed This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK National Cyber Security Centre Gets a New CTO

Read more →

Non-profit urges all users to reset passwords This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Freecycle Breach May Have Hit Millions of Users

Read more →

ReversingLabs uncovered three additional malevolent packages believed to be part of the campaign This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Python Package Index Targeted Again By VMConnect

Read more →

JPCERT/CC said it can elude detection by embedding a malicious Word file within a PDF document This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Attack Technique “MalDoc in PDF” Alarms Experts

Read more →

According to CloudSEK, the leaked database contains over 320,000 patient records This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Medical Data Breach: Ayush Jharkhand Hacked

Read more →

Zaun, the UK’s only manufacturer of fencing systems, saw its IT systems being compromised in early August This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sensitive Data about UK Military Sites Potentially Leaked by LockBit

Read more →

Blast radius appears limited to international students This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sydney University Suffers Supply Chain Breach

Read more →

The Brittingham Group promised outsized returns to victims This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Four Convicted in $18m Investment Fraud Scheme

Read more →

Separate research warns of widespread email security failings This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Suffolk High School Forced Offline After Cyber-Attack

Read more →

Resecurity explained the “Smishing Triad” campaign exclusively utilizes iMessages This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Smishing Triad: China-Based Fraud Network Exposed

Read more →

Cisco Talos said SapphireStealer has evolved significantly, resulting in multiple variants This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Open-Source Malware SapphireStealer Expands

Read more →

Trend Micro noted that “Earth Estries” employed advanced tactics to infiltrate networks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sophisticated Cyber-Espionage Group Earth Estries Exposed

Read more →

Although the patches for these vulnerabilities have already been released, public attacks are still occurring This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Adobe ColdFusion Critical Vulnerabilities Exploited Despite Patches

Read more →

Jamf suggested firms enroll employees in a BYOD or Mobile Device Management (MDM) program This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BYOD Security Gap: Survey Finds 49% of European Firms Unprotected

Read more →

Slashnext unveiled a disturbing arsenal of stealers, cookies and exploits This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Research Exposes Airbnb as Breeding Ground For Cybercrime

Read more →

These groups often sell ads to other cybercriminals, either for a fee or a share of the operations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Facebook Accounts Targeted by Vietnamese Threat Groups

Read more →

Infamous Chisel, which enables unauthorized access to compromised Android devices used by the Ukrainian military, has been linked to Sandworm This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: GRU Blamed for Infamous Chisel Malware Targeting Ukraine’s Military…

Read more →

The Gamaredon group has ramped up attacks against Ukrainian military entities, with the aim of hindering Ukraine’s counter-offensive operations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian APT Intensifies Cyber Espionage Activities Amid Ukrainian Counter-Offensive

Read more →

The vulnerable code was identified by the security research team at PatchStack This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Flaw Exposes WP Migration Plugin to Hacks

Read more →

ESET said BadBazaar was available via the Google Play Store, Samsung Galaxy Store and various app sites This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese APT Group GREF Use BadBazaar in Android Espionage

Read more →

The campaign deployed many malware families, including Skipjack, DepthCharge, Foxglove and Foxtrot This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Hackers Target US, Other Govts With Barracuda Flaw

Read more →

With Operation Duck Hunt, the FBI took control of the botnet, allowed victims to uninstall the malware loader and seized $8.6m in cryptocurrency This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: FBI-Led Operation Duck Hunt Shuts Down…

Read more →

OpenAI has launched ChatGPT Enterprise highlighting high-profile customers including Klarna, PwC and The Estee Lauder Companies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: OpenAI Promises Enterprise-Grade Security with ChatGPT for Business

Read more →

The UK cyber agency highlights the lack of understanding of LLMs among industry and academia This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NCSC Issues Cyber Warning Over AI Chatbots

Read more →

Kaspersky explained that LockBit 3.0, also known as LockBit Black, first emerged in June 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: LockBit 3.0 Ransomware Variants Surge Post Builder Leak

Read more →

Sophos X-Ops suspects the involvement of a well-known ransomware threat actor known as STAC4663 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Ransomware Campaign Targets Citrix NetScaler Flaw

Read more →

Delinea’s report shows gap grows as firms struggle for cyber insurance, longer policy wait times This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Report Reveals Growing Disparity in Cyber Insurance Landscape

Read more →

Existing phishing-as-a-service platforms are increasingly incorporating adversary-in-the-middle capabilities This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Warns of Adversary-in-the-Middle Uptick on Phishing Platforms

Read more →

ReliaQuest found that 80% of cyber intrusion campaigns used either QakBot, SocGholish or Raspberry Robin This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Four in Five Cyber-Attacks Powered by Just Three Malware Loaders

Read more →

Nearly one in three young adults has had their personal information misused This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Privacy Regulator Warns of Surge in “Text Pest” Cases

Read more →

Vulnerability could be exploited to gain elevated privileges This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Researchers Discover Reply URL Takeover Issue in Azure

Read more →