Category: www.infosecurity-magazine.com

GuidePoint Security has received reports of multiple organizations receiving ransom letters in the mail This article has been indexed from www.infosecurity-magazine.com Read the original article: Would-be Extortionists Send “BianLian” Ransom Notes in the Mail

Read more →

A cyber-espionage campaign targeting UAE aviation and transport has been identified by researchers, using customized lures to deploy Sosano malware This article has been indexed from www.infosecurity-magazine.com Read the original article: New Cyber-Espionage Campaign Targets UAE Aviation and Transport

Read more →

Private 5G networks face security risks amid AI adoption and a lack of specialized expertise This article has been indexed from www.infosecurity-magazine.com Read the original article: Private 5G Networks Face Security Risks Amid AI Adoption

Read more →

Cloud software firm VMware has issued a critical security advisory, detailing three zero-day vulnerabilities being actively exploited in the wild This article has been indexed from www.infosecurity-magazine.com Read the original article: VMware Warns Customers to Patch Actively Exploited Zero-Day Vulnerabilities

Read more →

Nisos has found six personas leveraging new and existing GitHub accounts to get developer jobs in Japan and the US This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korean Fake IT Workers Leverage GitHub to Build…

Read more →

Fastly found that organizations have introduced changes such as increasing CISO participation in strategic decisions in response to growing personal liability risks This article has been indexed from www.infosecurity-magazine.com Read the original article: CISO Liability Risks Spur Policy Changes at…

Read more →

CISA has added five more CVEs into its known exploited vulnerabilities catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Government to Patch Exploited Cisco, Microsoft Flaws

Read more →

Sumsub research finds European iGaming market is losing billions to fraud each year This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Online Gambling Firms Lose 10% of Revenue to Fraud

Read more →

Phishing attack exploits social engineering techniques alongside Microsoft Teams and remote access software to deploy BackConnect malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Leverage Microsoft Teams and Quick Assist for Access

Read more →

The US Cybersecurity and Infrastructure Security Agency confirmed it will keep defending against Russian cyber threats to US critical infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Denies Reports of Shift in Cybersecurity Posture Amid…

Read more →

A new phishing campaign has been identified using Havoc to control infected systems, leveraging SharePoint and Microsoft Graph API This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Campaign Uses Havoc Framework to Control Infected Systems

Read more →

Telecoms provider Vodafone has developed the new proof of concept with IBM, as it seeks to implement post-quantum cryptography ahead of anticipated quantum-based attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Vodafone Trials Quantum-Safe Tech to…

Read more →

The Information Commissioner’s Office is now investigating how TikTok uses 13–17-year-olds’ personal information This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Launches TikTok Investigation Over Use of Children’s Data

Read more →

Threat actors are exploiting a zero-day bug in Paragon Partition Manager’s BioNTdrv.sys driver during ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: BYOVD Attacks Exploit Zero-Day in Paragon Partition Manager

Read more →

Data from Resilience found that third-party attacks made up 23% of material cyber insurance claims in 2024, with ransomware attacks targeting vendors a major driver This article has been indexed from www.infosecurity-magazine.com Read the original article: Third-Party Attacks Drive Major…

Read more →

In February 2025, Sophos completed the Secureworks deal and SolarWinds went private This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity M&A Roundup: SolarWinds Acquired for $4.4bn

Read more →

Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report This article has been indexed from www.infosecurity-magazine.com Read the original article: Old Vulnerabilities…

Read more →

A joint operation between the Thai and Singapore police has resulted in the arrest of a man allegedly responsible for over 90 data extortion attacks worldwide This article has been indexed from www.infosecurity-magazine.com Read the original article: Prolific Data Extortion…

Read more →

DragonForce ransomware attacks Saudi firms stealing 6TB data, escalating cyber threats in real estate This article has been indexed from www.infosecurity-magazine.com Read the original article: DragonForce Ransomware Hits Saudi Firm, 6TB Data Stolen

Read more →

Winos 4.0 malware uses phishing emails to target organizations in Taiwan, Fortinet experts warn This article has been indexed from www.infosecurity-magazine.com Read the original article: Winos 4.0 Malware Targets Taiwan With Email Impersonation

Read more →

Veracode found a 47% increase in the average time taken to patch software vulnerabilities, driven by growing reliance on third-party code This article has been indexed from www.infosecurity-magazine.com Read the original article: Software Vulnerabilities Take Almost Nine Months to Patch

Read more →

In its 2025 Global Threat Report, CrowdStrike observed a significant escalation in Chinese cyber espionage activities This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Cyber Espionage Jumps 150%, CrowdStrike Finds

Read more →

OpenSSF has released new baseline security best practices to improve open source software quality This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenSSF Publishes Security Framework for Open Source Software

Read more →

FBI confirms North Korea’s Lazarus Group responsible for Bybit crypto heist This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Confirms North Korea’s Lazarus Group as Bybit Crypto Hackers

Read more →

99% of organizations report API-related security issues, highlighting risks from API growth This article has been indexed from www.infosecurity-magazine.com Read the original article: 99% of Organizations Report API-Related Security Issues

Read more →

DISA Global Solutions confirms data breach affecting 3.3M people, exposing sensitive personal info This article has been indexed from www.infosecurity-magazine.com Read the original article: DISA Global Solutions Confirms Data Breach Affecting 3.3M People

Read more →

Meredith Whittaker, Signal’s CEO, has threatened to pull the company out of Sweden if a proposed government bill requiring encryption backdoors becomes law This article has been indexed from www.infosecurity-magazine.com Read the original article: Signal May Exit Sweden If Government…

Read more →

IVF clinic Genea has confirmed that stolen patient data has been published online, with the Termite ransomware group appearing to be the perpetrators This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Gang Publishes Stolen Genea IVF…

Read more →

HaveIBeenPwned has added over 500 million new passwords and email addresses lifted via infostealers This article has been indexed from www.infosecurity-magazine.com Read the original article: HaveIBeenPwned Adds 244 Million Passwords Stolen By Infostealers

Read more →

Europe is hit hard as geopolitics drives increase in state-backed APT and hacktivist activity This article has been indexed from www.infosecurity-magazine.com Read the original article: Geopolitical Tension Fuels APT and Hacktivism Surge

Read more →

61% of hackers use new exploit code within 48 hours, ransomware remains top threat in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: 61% of Hackers Use New Exploit Code Within 48 Hours of Attack

Read more →

Ghostwriter cyber-attack targets Ukrainian, Belarusian opposition using weaponized Excel documents This article has been indexed from www.infosecurity-magazine.com Read the original article: Ghostwriter Cyber-Attack Targets Ukrainian, Belarusian Opposition

Read more →

Forescout observed the recently identified Chinese hacking group using medical imaging software applications to deliver malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese-Backed Silver Fox Plants Backdoors in Healthcare Networks

Read more →

ReliaQuest claims 80% of ransomware attacks now focus solely on exfiltrating data as it is faster This article has been indexed from www.infosecurity-magazine.com Read the original article: Only a Fifth of Ransomware Attacks Now Encrypt Data

Read more →

SecurityScorecard revealed that the large-scale password spraying campaign can bypass MFA and security access policies by utilizing Non-interactive sign-ins This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Botnet Bypasses MFA in Microsoft 365 Attacks

Read more →

New Hiya data finds 26% of UK consumers encountered a deepfake scam call in Q4 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Quarter of Brits Report Deepfake Phone Scams

Read more →

Elementor plugin flaw puts 2m WordPress websites at risk, allowing XSS attacks via malicious scripts This article has been indexed from www.infosecurity-magazine.com Read the original article: Essential Addons for Elementor XSS Vulnerability Discovered

Read more →

Michigan man indicted for dark web credential fraud, purchased 2,500 logins from Genesis Market This article has been indexed from www.infosecurity-magazine.com Read the original article: Michigan Man Indicted for Dark Web Credential Fraud

Read more →

Google Cloud’s Key Management Service now features quantum-safe digital signatures to strengthen data integrity and prepare for emerging quantum computing challenges This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Cloud Shields Data With Quantum-Resistant Digital Signatures

Read more →

Telstra found that 75% of cyber incidents impacting manufacturing firms originated from the targeting of IT systems connected to OT environments This article has been indexed from www.infosecurity-magazine.com Read the original article: IT/OT Convergence Fuels Manufacturing Cyber Incidents

Read more →

Experts argue Britons are now less secure after their government effectively forced Apple to abandon end-to-end encryption This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Slam Government After “Disastrous” Apple Encryption Move

Read more →

Following the largest-ever crypto theft, Bybit is offering researchers up to 10% of recovered funds This article has been indexed from www.infosecurity-magazine.com Read the original article: Bybit Offers $140m Bounty to Recover Funds After Mega Crypto-Heist

Read more →

Chinese threat actor Salt Typhoon used JumbledPath, a custom-built utility, to gain access to a remote Cisco device, said the network provider This article has been indexed from www.infosecurity-magazine.com Read the original article: Salt Typhoon Exploited Cisco Devices With Custom…

Read more →

Health Net Federal Services has agreed to pay over $11m over alleged false cybersecurity reporting This article has been indexed from www.infosecurity-magazine.com Read the original article: DoD Contractor Pays $11.2M over False Cyber Certifications Claims

Read more →

BlackBasta’s internal chatlogs are “highly useful from a threat intelligence perspective,” said Prodaft, the firm that revealed the leak This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackBasta Ransomware Chatlogs Leaked Online

Read more →

Microsoft has developed the first ever quantum chip, shortening the timeframe for when quantum computers will break exiting encryption This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft’s Quantum Chip Breakthrough Accelerates Threat to Encryption Protocols

Read more →

Fake job ads target freelance developers, spreading malware via GitHub This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Ads Target Freelance Developers via GitHub

Read more →

Mobile phishing attacks surged in 2024, with 16% of all incidents occurring in the US, according to a new Zimperium report This article has been indexed from www.infosecurity-magazine.com Read the original article: Mobile Phishing Attacks Surge with 16% of Incidents…

Read more →

A survey by IANS and Artico found significant regional variation in cybersecurity salary levels across North America This article has been indexed from www.infosecurity-magazine.com Read the original article: West Coast Cybersecurity Salaries Outshine Rest of Country

Read more →

Kela researchers 330 million compromised credentials to infostealer activity on over four million machines in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 330 Million Credentials Compromised by Infostealers

Read more →

Palo Alto Networks has observed exploit attempts chaining three vulnerabilities in its PAN-OS firewall appliances This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Chain Exploits of Three Palo Alto Networks Firewall Flaws

Read more →

CISA and the FBI have released a joint advisory detailing the activity of China’s Ghost ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA and FBI Warn of Global Threat from Ghost Ransomware

Read more →

A flaw in the Jupiter X Core plugin has been identified, allowing upload of malicious SVG files and remote code execution on vulnerable servers This article has been indexed from www.infosecurity-magazine.com Read the original article: WordPress Plugin Vulnerability Exposes 90,000…

Read more →

Finastra notifies customers of data breach that took place more than three months ago, impacting sensitive financial information This article has been indexed from www.infosecurity-magazine.com Read the original article: Finastra Notifies Customers of Data Breach

Read more →

Australia-based Genea said it is investigating the cyber incident to determine whether any personal data was accessed by an unauthorized third party This article has been indexed from www.infosecurity-magazine.com Read the original article: Australian IVF Clinic Suffers Data Breach Following…

Read more →

The head of the Australian Security Intelligence Organisation gave his Annual Threat Assessment for the year ahead This article has been indexed from www.infosecurity-magazine.com Read the original article: Spies Eye AUKUS Nuclear Submarine Secrets, Australia’s Intelligence Chief Warns

Read more →

Venture capital firm Insight Partners, which counts Recorded Future, SentinelOne and Wiz in its portfolio, confirmed an intrusion into its systems via a social engineering attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Investor Insight…

Read more →

Google has warned that Russian state-backed hackers are targeting Signal to eavesdrop on persons of interest in Ukraine This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian State Hackers Target Signal to Spy on Ukrainians

Read more →

Hudson Rock has found evidence that infostealers have compromised hundreds of US military and defense contractor credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Hundreds of US Military and Defense Credentials Compromised

Read more →

Significant OpenSSH flaws are exposing systems to man-in-the-middle and denial-of service attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenSSH Flaws Expose Systems to Critical Attacks

Read more →

Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications This article has been indexed from www.infosecurity-magazine.com Read the original article: Mustang Panda Leverages Microsoft Tools to…

Read more →

A new Snake Keylogger variant, responsible for over 280 million blocked infection attempts worldwide, has been identified targeting Windows users This article has been indexed from www.infosecurity-magazine.com Read the original article: Evolving Snake Keylogger Variant Targets Windows Users

Read more →

The BlackLock or Eldorado ransomware gang could be the year’s fastest-growing ransomware-as-a-service group This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackLock On Track to Be 2025’s Most Prolific Ransomware Group

Read more →

Proofpoint also identified two new threat actors operating components of web inject campaigns, TA2726 and TA2727 This article has been indexed from www.infosecurity-magazine.com Read the original article: Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer

Read more →

A threat actor claims to have hacked and published data on 12 million Zacks Investment Research accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Zacks Investment Research Breach Hits 12 Million

Read more →

Pro-Russia hackers NoName057(16) has targeted Italian banks, airports and ports in a series of DDoS attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Pro-Russia Hackers NoName057(16) Hit Italian Banks and Airports

Read more →

Microsoft has observed a new variant of XCSSET, a sophisticated macOS malware that infects Xcode projects This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Detects New XCSSET MacOS Malware Variant

Read more →

South Korea’s Personal Information Protection Commission is blocking DeepSeek AI downloads over privacy concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: South Korea Suspends Downloads of AI Chatbot DeepSeek

Read more →

A Golang backdoor is using Telegram as its command and control (C2) channel, an approach that makes detection harder for defenders, according to Netskope researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: Telegram Used as C2…

Read more →

Two Estonian nationals have pleaded guilty to running a cryptocurrency-related Ponzi scheme This article has been indexed from www.infosecurity-magazine.com Read the original article: Estonian Duo Plead Guilty to $577m Crypto Ponzi Scheme

Read more →

Vulnerabilities in firewalls from Palo Alto Networks and SonicWall are currently under active exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Palo Alto Networks and SonicWall Firewalls Under Attack

Read more →

Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Hackers Target Microsoft 365 Accounts with Device Code Phishing

Read more →

The organization becomes the AI Security Institute as the UK shifts its focus to tackling AI risks to national security This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s AI Safety Institute Rebrands Amid Government Strategy Shift

Read more →

Symantec found that tools previously only used by Chinese nation-state espionage actors were deployed in a ransomware attack This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Linked Espionage Tools Used in Recent Ransomware Attack

Read more →

US agencies have issued a new alert to eliminate buffer overflow vulnerabilities, urging memory-safe programming for secure-by-design software development This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA and FBI Warn Against Buffer Overflow Vulnerabilities

Read more →

Astaroth is an advanced phishing kit using real-time credential and session cookie capture to compromise Gmail, Yahoo and Office 365 accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Astaroth Phishing Kit Bypasses 2FA Using Reverse Proxy…

Read more →

Ahead of Valentine’s Day, Chainalysis figures reveal 40% increase in losses to pig butchering, or romance baiting, scams This article has been indexed from www.infosecurity-magazine.com Read the original article: Romance Baiting Losses Surge 40% Annually

Read more →

Microsoft found that Russian state actor Seashell Blizzard has deployed an initial access subgroup to gain persistent access in a range of high-value global targets This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Seashell Blizzard Enlists…

Read more →

The Electronic Frontier Foundation has requested a US federal court to block Elon Musk’s DOGE access to US Office of Personnel Management Data This article has been indexed from www.infosecurity-magazine.com Read the original article: EFF Leads Fight Against DOGE and…

Read more →

SecurityScorecard has uncovered a sophisticated campaign linked to North Korea’s Lazarus Group, distributing crypto-stealing malware This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korea Targets Crypto Devs Through NPM Packages

Read more →

Romance scams cost Americans $697.3m in 2024, with crypto fraud schemes on the rise This article has been indexed from www.infosecurity-magazine.com Read the original article: Romance Scams Cost Americans $697.3M Last Year

Read more →

NCSC CTO Ollie Whitehouse discussed a UK government-backed project designed to secure underlying computer hardware, preventing most vulnerabilities from occurring This article has been indexed from www.infosecurity-magazine.com Read the original article: CHERI Security Hardware Program Essential to UK Security, Says…

Read more →

Massive IoT data breach exposed 2.7 billion records including Wi-Fi credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Exclusive: Massive IoT Data Breach Exposes 2.7 Billion Records

Read more →

A new Everfox survey shows a growing consensus among regulated organizations in favor of a strategic shift away from detecting cyber threats to preventing them This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Detection Tech Failing,…

Read more →

The US and its allies have sanctioned Russian bulletproof hoster Zservers for abetting ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: US, UK and Australia Sanction Russian Bulletproof Hoster Zservers

Read more →

February Patch Tuesday sees Microsoft fix four zero-days, including two under active exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Another Two Actively Exploited Zero-Days

Read more →

An Alabama man has admitted hacking into the US Security and Exchange Commission’s X account using SIM swap fraud to gain access This article has been indexed from www.infosecurity-magazine.com Read the original article: Alabama Hacker Admits Role in SEC X…

Read more →

Gcore reported a 56% year-over-year rise in DDoS attacks in H2 2024, highlighting a steep long-term growth tend for the attack technique This article has been indexed from www.infosecurity-magazine.com Read the original article: DDoS Attack Volume and Magnitude Continues to…

Read more →

Chinese hackers are infiltrating the networks of suppliers of “sensitive” manufacturers, according to a Check Point report to be published in the coming weeks This article has been indexed from www.infosecurity-magazine.com Read the original article: New Chinese Hacking Campaign Targets…

Read more →

Ransomware groups are adopting agile techniques in a quantity-over-quality approach, according to a new report from Huntress This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Gangs Increasingly Prioritize Speed and Volume in Attacks

Read more →

Four Europeans were arrested in Phuket, believed to be members of the Phobos ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: 8Base Ransomware Site Seized, Phobos Suspects Arrested in Thailand

Read more →

Apple has patched a zero-day vulnerability being exploited in targeted attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple Mitigates “Extremely Sophisticated” Zero-Day Exploit

Read more →

Kela researchers explain that infostealers are to blame for compromised OpenAI logins This article has been indexed from www.infosecurity-magazine.com Read the original article: OpenAI Was Not Breached, Say Researchers

Read more →

Trend Micro uncovers BadIIS malware exploiting IIS servers for SEO fraud and malicious redirects This article has been indexed from www.infosecurity-magazine.com Read the original article: BadIIS Malware Exploits IIS Servers for SEO Fraud

Read more →

A US resident based in Indiana was charged with cyber intrusion and cryptocurrency theft conspiracies This article has been indexed from www.infosecurity-magazine.com Read the original article: US: Man Gets 20 Years for $37m Crypto Heist

Read more →

Memorial Hospital and Manor, located in Bainbridge, Georgia, has alerted 120,000 individuals that their data was breached following a ransomware attack last November This article has been indexed from www.infosecurity-magazine.com Read the original article: Georgia Hospital Alerts 120,000 Individuals of…

Read more →

The UK MoD has announced it is fast-tracking the recruitment of specialist cybersecurity roles, with recruits offered a starting salary of above £40,000 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Military Fast-Tracks Cybersecurity Recruitment

Read more →

Security and privacy experts have questioned a new demand from the UK Home Office on Apple’s encrypted iCloud service This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Dismayed at UK’s Apple Decryption Demands

Read more →

Europol has urged the financial sector to prioritize quantum-safe cryptography This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Warns Financial Sector of “Imminent” Quantum Threat

Read more →

27 UK public sector organizations faced ICO enforcement actions in 2024, with three fines issued, according to URM Consulting This article has been indexed from www.infosecurity-magazine.com Read the original article: Most UK GDPR Enforcement Actions Targeted Public Sector in 2024

Read more →