Category: http://www.infosecurity-magazine.com/rss/news/76/application-security/

Study also finds LLMs are poor at detecting malicious code This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Half of AI Open Source Projects Reference Buggy Packages

Read more →

UK’s critical infrastructure sector concerned over expanding attack surface This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CNI Firms: Climate Tech is Increasing Cyber Risk

Read more →

Cosmetics giant confirms data was taken This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Estee Lauder Breached by Two Ransomware Groups

Read more →

Lookout attributed WyrmSpy and DragonEgg to APT41 due to overlapping Android signing certificates This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese APT41 Linked to WyrmSpy and DragonEgg Surveillanceware

Read more →

The Salt Security report also notes a 244% surge in unique attackers between H1 and H2 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Critical API Security Gaps Found in Financial Services

Read more →

The Cyber Threat Intelligence Summit discussed how automation and generative AI could help CTI practitioners tackle the overload of data they have to process This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: How Cyber Threat Intelligence Practitioners…

Read more →

The criteria for certification are set to be based on cybersecurity guidelines published by NIST This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Biden-Harris Administration Unveils Smart Device Cyber Program

Read more →

A letter authored by industry experts says that CISA should include specific details on how to implement security-by-design through threat modeling This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Industry Experts Urge CISA to Update Secure by…

Read more →

Threat actors exploit high cost of living This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Scam Job Offers Target Uni Students

Read more →

Crime agency chief warns of surging online threat This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NCA: Nation States Using Cybercrime Groups as Proxies

Read more →

Employees forced to work from home after IT outage This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Norwegian Giant Tomra Suffers “Extensive” Attack

Read more →

Rapid7 has observed that some vulnerabilities in Adobe ColdFusion were still being exploited several days after the patches were published This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Vulnerabilities Found in Adobe ColdFusion

Read more →

It mentions the CSET, SCuBAGear, Untitled Goose Tool, Decider and Memory Forensic on Cloud This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Unveils Guide to Aid Firms Transition to Cloud Security

Read more →

The web injects allow cyber-criminals to manipulate legitimate web pages’ content in real time This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: drIBAN Fraud Operations Target Corporate Banking Customers

Read more →

The attack vector was identified as data injection into the firm’s commands framework This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: JumpCloud Confirms Data Breach By Nation-State Actor

Read more →

Ukrainian said to have caused victim losses of $70m This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Suspected Scareware Fraudster Arrested After Decade on the Run

Read more →

Wordfence claims over 157,000 sites have been hit so far This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: WooCommerce Bug Exploited in Targeted WordPress Attacks

Read more →

Hertfordshire man pleaded guilty in May This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: IT Security Pro Jailed for Attempted Extortion

Read more →

The guilty plea also covered a separate count of possession of child pornography This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BreachForums Admin Pleads Guilty to Hacking Charges

Read more →

The group utilize malware like GAMMASTEEL to rapidly exfiltrate files within 30-50 minutes This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ukraine’s CERT-UA Exposes Gamaredon’s Rapid Data Theft Methods

Read more →

eSentire found the threat after detecting suspicious code in a manufacturing customer’s network This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sorillus RAT and Phishing Attacks Exploit Google Firebase Hosting

Read more →

A discussion paper from the European Policy Centre sets out recommendations for an EU quantum cybersecurity agenda This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: EU Urged to Prepare for Quantum Cyber-Attacks

Read more →

Man accused of aiding the Kremlin with dual-use tech This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian Charged with Tech Smuggling and Money Laundering

Read more →

NextGen Healthcare was accused of violating False Claims Act This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Health Tech Vendor to Pay $31m After Kickback Allegations

Read more →

Reports suggest personal debt behind Kemba Walden’s decision This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Acting White House Cyber Director Withdraws Nomination

Read more →

Security expert Daniel Kelley worked with the SlashNext team on the research This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: AI Tool WormGPT Enables Convincing Fake Emails For BEC Attacks

Read more →

Cisco Talos said the malicious campaigns started in April 2022 and are currently ongoing This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Threat Actor Launches Cyber-attacks on Ukraine and Poland

Read more →

Fortinet suggests attackers are leveraging vulnerabilities like CVE-2021-40444 and CVE-2022-30190 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: LokiBot Malware Targets Windows Users in Office Document Attacks

Read more →

Trend Micro found a backdoor previously exploited by various Chinese threat actors in a popular application used by Pakistan’s government agencies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese APT Favorite Backdoor Found in Pakistani Government…

Read more →

Security agency’s advice could help save time and money This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NCSC Shares Alternatives to Using a SOC

Read more →

The figure accounts for losses due to downtime alone This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ransomware Costs Financial Services $32bn in Five Years

Read more →

Prime Minister wants UK to be a global center of AI regulation This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Financial Regulator Urges Banks to Tackle AI-Based Fraud

Read more →

FIRST has released details of version 4.0 of the standard, which aims to address criticisms of CVSS 3.1 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New CVSS Version Unveiled Amid Rising Cyber Threats

Read more →

Mandiant has observed that the same playbook has been used by various Russian threat actors since the breakout of war in Ukraine, making them likely to be part of a GRU-led deliberate strategy This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/…

Read more →

The plan details over 65 federal initiatives, each of which is assigned to a responsible agency This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: White House Publishes Plan to Implement US National Cybersecurity Strategy

Read more →

Latest quarterly figures show compromises at an all-time high This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US on Track For Record Number of Data Breaches

Read more →

Barracuda research lifts the lid on widespread threat activity This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Fewer Than 100 Scammers Responsible For Global Email Extortion

Read more →

Threat actors forged authentication tokens to access email This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Threat Group Compromises US Government

Read more →

Unit 42 researchers believe a Russian threat group repurposed a legitimate flyer for a BMW car sent to embassies in Kyiv, Ukraine This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Diplomats in Ukraine Targeted by “Staggering” BMW…

Read more →

Bugcrowd’s report finds that many ethical hackers are utilizing generative AI in their work, but 72% argue it will never replace human creativity This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ethical Hackers Reveal How They Use…

Read more →

Banks and financial service providers have emerged as attractive targets for the most prominent ransomware groups This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Financial Industry Faces Soaring Ransomware Threat

Read more →

Chainalysis claims big-game hunting is back This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Crypto Crime Down 62% but Ransomware Activity Surges

Read more →

Social media and messaging apps are main conduit This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Scam Page Volumes Surge 304% Annually

Read more →

One of the bugs has been actively exploited in NATO attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Fixes Six Zero-Days This Patch Tuesday

Read more →

David Wallace, a senior threat intelligence analyst at Sophos, took a deep dive into Clop’s background and intrusion techniques This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Clop: Behind MOVEit Lies a Loud, Adaptable and Persistent Threat…

Read more →

HCA Healthcare said personal data of approximately 11 million patients was published on an online forum This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: 11 Million Patients Impacted in Healthcare Data Breach

Read more →

The Commission’s announcement allows for the free flow of personal data between the two regions, but is likely to be challenged in the courts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: EU Adopts New US Data…

Read more →

Individual allegedly used phishing website to harvest victim credentials This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Moroccan Charged With OpenSea NFT and Crypto Theft

Read more →

Individual accused of endangering health of Discovery Bay residents This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Man Charged With Remote Attack on Water Plant

Read more →

Online merchants plan to increase budgets and new hires This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: E-commerce Fraud Surges By Over 50% Annually

Read more →

ESET researchers suggested Asylum Ambuscade has been active since 2020 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Crimeware Group Asylum Ambuscade Ventures Into Cyber-Espionage

Read more →

The BlackBerry team suspects spear-phishing as the primary vector utilized by the RomCom group This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: RomCom Group Targets Ukraine Supporters Ahead of NATO Summit

Read more →

According to Resecurity, the trend poses challenges for online banking and payment systems This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Android OS Tools Fuel Cybercrime Spree, Prey on Digital Users

Read more →

Bank for International Settlements publishes Project Polaris This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Central Bankers Develop Framework For Securing Digital Currencies

Read more →

Money-saving expert has sued Meta before over fake ads This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Martin Lewis Shocked at Deepfake Investment Scam Ad

Read more →

Action Fraud figures also reveal increase in social media hacking This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cyber Extortion Cases Surge 39% Annually

Read more →

Each application sends the stolen data to China over a hundred times This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Spyware Discovered on Google Play Store

Read more →

Social media reports suggest an individual allegedly dumped approximately 500GB of animation files This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Twitter User Exposes Nickelodeon Data Leak

Read more →

ReversingLabs discovered more than a dozen malicious npm packages between May 11 and June 13 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Campaigns Use Malicious npm Packages to Support Phishing Kits

Read more →

The report revealed that patient data is the most targeted asset by ransomware actors This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: ENISA: Ransomware Makes Up Over Half of Healthcare Cyber-Threats

Read more →

The joint advisory reveals that threat actors are leveraging new techniques to deliver the botnet This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US and Canadian Authorities Warn of Increased Truebot Activity

Read more →

The banking giant is trialling the QKD-secured network as it seeks to future-proof its global operations against quantum-enabled cyber-threats This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: HSBC Joins Quantum-Secure Network

Read more →

To assist customers in the process, JumpCloud provided a guide for resetting affected API keys This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ongoing Incident Prompts JumpCloud to Reset API Keys

Read more →

The vulnerability affects Cisco Nexus 9000 Series Fabric Switches This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cisco Enterprise Switch Flaw Exposes Encrypted Traffic

Read more →

VulnCheck exposed the flaws, following a Palo Alto Networks’ Unit 42 publication This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Unpatched SolarView Systems Vulnerable to Exploits

Read more →

The report also found a significant rise in sensitive data being stored in the cloud and a continued surge in multicloud adoption This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Human Error the Leading Cause of Cloud…

Read more →

Infrastructure being built to support new cloud-native campaign This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Experts Warn of Impending TeamTNT Docker Attacks

Read more →

Individual is thought to be key figure in $30m gang This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Police Arrest Suspected OPERAE1R Cybercrime Kingpin

Read more →

GCHQ offshoot trumpets “whole-of-society” approach This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Suspicious Email Reports Up a Third as NCSC Hails Active Defense

Read more →

Container import and export operations via trailer transportation have been temporarily halted This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Nagoya Port Faces Disruption After Ransomware Attack

Read more →

One of them, CVE-2023-37201, involved a use-after-free issue in WebRTC certificate generation This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: High-Severity Flaws Fixed in Firefox 115 Update

Read more →

Discovered by Kaspersky, the campaign delivered 85,000 scam emails during the spring of 2023 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sophisticated Email Attacks Target Cryptocurrency Wallets

Read more →

In a survey, over half of UK citizens expressed privacy and security concerns over AI being used to analyze patient data This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Citizens Wary of NHS AI Use, Citing…

Read more →

Rules will streamline cooperation between data protection authorities This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: European Commission to Tweak GDPR For Cross-Border Cases

Read more →

Python script could minimize risk until a formal solution is developed This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Tool Helps Devs Check For Manifest Confusion Mismatches

Read more →

Open letter signed by 68 leading security and privacy researchers This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Security Experts Raise Major Concerns With Online Safety Bill

Read more →

Kaspersky said European firms were most frequently affected, accounting for 25% of notifications This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Report Reveals Companies Unprepared For Darknet Data Leaks

Read more →

Bishop Fox said they have successfully developed an exploit for the vulnerability This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Over Two-Thirds of FortiGate Firewalls Still at Risk

Read more →

Neo_Net’s campaign mainly targeted Spanish and Chilean financial institutions This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Mexican Hacker Unleashes Android Malware on Global Banks

Read more →

A study by the SANS Institute and Trend Micro found major discrepancies between IT and OT asset visibility within organizations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: OT Assets High Priority for Security Leaders as Industrial…

Read more →

Most had data stolen, according to Emsisoft This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Thirty-three US Hospitals Hit By Ransomware This Year

Read more →

They allegedly helped to clean money stolen from the elderly and vulnerable This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Four Men Face 20 Years For Money Laundering Charges

Read more →

Russian-linked Anonymous Sudan claims to have stolen credentials This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Denies Major 30 Million Customer-Breach

Read more →

Around 61,000 addresses, accounting for 3% of total applications, were impacted during that period This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: USPTO’s API Flaw Leads to Years-Long Data Leak

Read more →

The attacks rely on novel delivery methods to deploy a variant of PlugX This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Threat Actors Target Europe in SmugX Campaign

Read more →

Uptycs discovered the new threat while monitoring dark web forums and Telegram channels This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Meduza Stealer Targets Windows Users With Advanced Tactics

Read more →

The giant chip manufacturer’s supplier, Kinmax, admits to an attack against its internal specific testing environment This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: TSMC Targeted by LockBit via Supplier Breach

Read more →

ICO continues policy of not fining public sector organizations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Croydon Council Hit With Enforcement Notice For FOI Fail

Read more →

Elderly victims suffer losses in the millions of dollars This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: International Police Operation Dismantles Phone Scam Network

Read more →

Growing number of Twitter users voice disquiet This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Musk Losing Battle of Bad Bots as Rate Limits Begin

Read more →

The increasing rivalry between significant powers heavily influences the country’s security This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Switzerland’s Security Report: Impact of Russia–Ukraine Conflict

Read more →

MDSec ActiveBreach said the flaw affects versions 7.0 to 9.0 of the software This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Critical Flaw Exposes ArcServe Backup to Remote Code Execution

Read more →

VMware explained that 8Base employs a combination of encryption and “name-and-shame” tactics This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: 8Base Ransomware Group Emerges as Major Threat

Read more →

If confirmed, it could be the fourth-largest ransom demand of all time This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: LockBit Claims TSMC Hack, Demands $70m Ransom

Read more →

CWE Top 25 list is calculated from two years of vulnerability data This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MITRE Announces Most Dangerous Software Weaknesses

Read more →

Cyber-espionage incident occurred 20 years ago, says NCSC This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: GCHQ Reveals Details of State-Backed Breach

Read more →

E-commerce giant looks to improve customer trust in its marketplace This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Amazon Issues Lawsuits Targeting Fake Review Brokers

Read more →

The guidelines highlight three key threat scenarios and recommends mitigations for each This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NSA and CISA Release Guidelines to Secure CI/CD Environments

Read more →

It assesses information hackers could get from a victim program protected by an obfuscation scheme This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MIT Publishes Framework to Evaluate Cybersecurity Methods

Read more →

Volexity said the updated malware uses IPFS, public cloud hosting for decryption and configuration This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Charming Kitten’s PowerStar Malware Evolves with Advanced Techniques

Read more →