Category: www.infosecurity-magazine.com

The Chartered Trading Standards Institute is concerned a new cap on fraud reimbursement is too low This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraud Repayment Rules Could Leave Victims Struggling, CTSI Claims

Read more →

The Chartered Trading Standards Institute is concerned a new cap on fraud reimbursement is too low This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraud Repayment Rules Could Leave Victims Struggling – Non-Profit

Read more →

A new scam detection tool from Get Safe Online uses AI to help individuals and small businesses protect themselves This article has been indexed from www.infosecurity-magazine.com Read the original article: Get Safe Online Launches New Scam Detector

Read more →

Infosecurity recently joined an Immersive Labs Cyber Drill to experience how organizations can enhance their preparedness through training and simulations This article has been indexed from www.infosecurity-magazine.com Read the original article: How Confidence Between Teams Impacts Cyber Incident Outcomes

Read more →

Cisco Talos has observed the financially motivated threat actor targeting organizations globally with a MedusaLocker ransomware variant called “BabyLockerKZ” This article has been indexed from www.infosecurity-magazine.com Read the original article: New MedusaLocker Ransomware Variant Deployed by Threat Actor

Read more →

A UK court has fined Sellafield Ltd £332,500 for cybersecurity failings related to the running of the Sellafield nuclear facility This article has been indexed from www.infosecurity-magazine.com Read the original article: Sellafield Fined for Cybersecurity Failures at Nuclear Site

Read more →

The Counter Ransomware Initiative has released new guidance discouraging organizations from making ransomware payments This article has been indexed from www.infosecurity-magazine.com Read the original article: CRI Releases Guidance on Avoiding Ransomware Payments

Read more →

The new LiteSpeed Cache flaw (CVE-2024-47374) allows unauthenticated code injection across more than six million active installations This article has been indexed from www.infosecurity-magazine.com Read the original article: Litespeed Cache Plugin Flaw Allows XSS Attack, Update Now

Read more →

Microsoft and the US government have collectively seized over 100 websites used by Russian nation-state actor Star Blizzard This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft and US Government Disrupt Russian Star Blizzard Operations

Read more →

China-aligned CeranaKeeper discovered targeting Thai govt institutions using cloud services for data exfiltration This article has been indexed from www.infosecurity-magazine.com Read the original article: CeranaKeeper Emerges as New Threat to Thai Government Networks

Read more →

A new report by Red Canary has found that while cybersecurity budgets have risen, many security leaders still feel overwhelmed by the growing threat landscape This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Spending on the…

Read more →

The ICO blamed the Police Service of Northern Ireland for procedural failings that exposed the personal data of 9843 personnel, putting police officers at risk This article has been indexed from www.infosecurity-magazine.com Read the original article: Northern Ireland Police Data…

Read more →

Researchers see an uptick in crypto-doubling investment scams following the first presidential debate This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto-Doubling Scams Surge Following Presidential Debate

Read more →

Egress found that attackers are becoming more adept at bypassing email security, such as using compromised accounts and the use of commodity campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: Email Phishing Attacks Surge as Attackers…

Read more →

Threat group FIN7 is hiding infostealer malware on sites promising AI deepnude downloads This article has been indexed from www.infosecurity-magazine.com Read the original article: FIN7 Gang Hides Malware in AI “Deepnude” Sites

Read more →

The ACSC, in collaboration with CISA and international partners, has released a guide for securing operational technology in critical sectors This article has been indexed from www.infosecurity-magazine.com Read the original article: ACSC and CISA Launch Critical OT Cybersecurity Guidelines

Read more →

North Korean APT Stonefly continues to launch cyber-attacks on US firms despite July indictment This article has been indexed from www.infosecurity-magazine.com Read the original article: Stonefly Group Targets US Firms With New Malware Tools

Read more →

A Black Kite report found that 67% of manufacturing firms have at least one vulnerability from CISA’s Known Exploited Vulnerabilities (KEV) catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: 80% of Manufacturing Firms Have Critical Vulnerabilities

Read more →

Meta has announced a new information-sharing partnership with UK financial institutions to target social media fraud This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Teams Up with Banks to Target Fraudsters

Read more →

Socura finds the percentage of women in cybersecurity positions has fallen seven percentage points since 2021 to 17% This article has been indexed from www.infosecurity-magazine.com Read the original article: Share of Women in UK Cyber Roles Now Just 17%

Read more →

UK hacker Robert Westbrook allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information This article has been indexed from www.infosecurity-magazine.com Read the original article: British Hacker Charged in the US For $3.75m Insider Trading…

Read more →

UMC in Lubbock, Texas, confirmed a ransomware attack last week, disrupting patient care and IT systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attack Forces UMC to Divert Emergency Patients

Read more →

The UK has sanctioned 16 members of the notorious Russian hacking group Evil Corp, exposing their links to the prolific LockBit ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: Evil Corp’s LockBit Ties Exposed in…

Read more →

T-Mobile will pay $15.75m to the US Treasury for multiple data breaches in 2021, 2022 and 2023 and has agreed to invest in improved cybersecurity defenses This article has been indexed from www.infosecurity-magazine.com Read the original article: T-Mobile to Pay…

Read more →

New Santander research claims 10 million UK consumers have suffered fraud since 2021, costing the economy £16bn This article has been indexed from www.infosecurity-magazine.com Read the original article: Ten Million Brits Hit By Fraud in Just Three Years

Read more →

New ISACA research reveals most cybersecurity teams are suffering from staffing and funding shortages This article has been indexed from www.infosecurity-magazine.com Read the original article: ISACA: European Security Teams Are Understaffed and Underfunded

Read more →

The vulnerability, discovered by Wiz researchers, affects both cloud-based and on-premises AI applications using the toolkit This article has been indexed from www.infosecurity-magazine.com Read the original article: NVIDIA Container Toolkit Vulnerability Exposes AI Systems to Risk

Read more →

The newly identified vulnerabilities exploit improper input validation when managing printer requests over the network This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical RCE Vulnerabilities Found in Common Unix Printing System

Read more →

A Deloitte and NASCIO survey found that a third of state CISOs do not have a dedicated cybersecurity budget This article has been indexed from www.infosecurity-magazine.com Read the original article: US State CISOs Struggling with Insufficient Cybersecurity Funding

Read more →

A survey by Ofqual found that 20% of English schools and colleges were unable to immediately recover after being hit by a cyber incident This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber-Attacks Hit Over a Third…

Read more →

PwC claims fewer than 50% of businesses involve their CISOs in strategic planning on cyber This article has been indexed from www.infosecurity-magazine.com Read the original article: PwC Urges Boards to Give CISOs a Seat at the Table

Read more →

Security agencies from the UK and US are urging individuals with Middle East links to beware of Iranian spear phishing attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: UK and US Warn of Growing Iranian Spear…

Read more →

Ireland’s Data Protection Commission fines Meta Platforms €91 million for mishandling user passwords and GDPR violations This article has been indexed from www.infosecurity-magazine.com Read the original article: Ireland’s DPC Hits Meta with €91 Million Penalty for GDPR Violation

Read more →

The US, UK, EU and other global partners have called for a global approach to strengthening the security of global communications and data This article has been indexed from www.infosecurity-magazine.com Read the original article: Governments Urge Improved Security and Resilience…

Read more →

The US has sanctioned Cryptex, PM2BTC and a Russian national for processing hundreds of millions of dollars derived from cybercrime This article has been indexed from www.infosecurity-magazine.com Read the original article: US Sanctions Crypto Exchanges for Facilitating Russian Cybercrime

Read more →

The suspect is an employee of Global Reach Technology, which provides some Wi-Fi services to Network Rail This article has been indexed from www.infosecurity-magazine.com Read the original article: Man Arrested Over UK Railway Station Wi-Fi Hack

Read more →

Russian cyber-attacks on Ukrainian servicemen underscore the escalating use of digital warfare tactics in the ongoing conflict This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Hackers Target Ukrainian Servicemen via Messaging Apps

Read more →

The data leak exposed personal data of 100m US citizens, resulting from a misconfigured database made accessible online This article has been indexed from www.infosecurity-magazine.com Read the original article: Data Breach at MC2 Data Leaves 100 Million at Risk of…

Read more →

A CybSafe survey found that 52% of workers have not yet received any training on safe AI use This article has been indexed from www.infosecurity-magazine.com Read the original article: Over a Third of Employees Secretly Sharing Work Info with AI

Read more →

The institute no longer requires regular password changes unless the authenticator has been compromised This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Scraps Passwords Complexity and Mandatory Changes in New Guidelines

Read more →

Researchers discover mobile crypto drainer malware hidden in WalletConnect app garnering 10,000 downloads This article has been indexed from www.infosecurity-magazine.com Read the original article: First Mobile Crypto Drainer Found on Google Play

Read more →

Bitdefender is warning League of Legends fans not to fall for a phishing campaign designed to spread Lumma Stealer malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Ads Hide Infostealer in League of Legends ‘Download’

Read more →

82% of all phishing sites target mobile devices, with 76% using HTTPS to appear secure This article has been indexed from www.infosecurity-magazine.com Read the original article: 82% of Phishing Sites Now Target Mobile Devices

Read more →

House GOP unveiled a bill to combat Chinese cyber threats to US infrastructure, led by CISA and FBI This article has been indexed from www.infosecurity-magazine.com Read the original article: US House Bill Addresses Growing Threat of Chinese Cyber Actors

Read more →

Some 3191 email addresses for congressional staff are available on the dark web This article has been indexed from www.infosecurity-magazine.com Read the original article: Thousands of US Congress Emails Exposed to Takeover

Read more →

Adam Meyers, CrowdStrike VP for counter-adversary operations, appeared before a US congressional committee to answer questions about its July faulty software update This article has been indexed from www.infosecurity-magazine.com Read the original article: CrowdStrike Apologizes for IT Outage, Defends Microsoft…

Read more →

CISA adds critical Ivanti bug to its Known Exploited Vulnerabilities catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Ivanti Authentication Bypass Bug Exploited in Wild

Read more →

Arkansas City’s water treatment facility faced a cyber incident on Sunday and has since switched to manual operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Incident Affects Arkansas City Water Treatment Facility

Read more →

Cybercriminals are increasingly prioritizing script-based phishing techniques over one based on traditional malicious documents This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actors Shift to JavaScript-Based Phishing Attacks

Read more →

Cybercriminals have been observed disguising Octo2 as legitimate apps like Google Chrome and NordVPN This article has been indexed from www.infosecurity-magazine.com Read the original article: New Octo2 Malware Variant Threatens Mobile Banking Security

Read more →

SonicWall found that data breaches caused by malware attacks on US healthcare organizations have affected 14 million people so far in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: 14 Million Patients Impacted by US Healthcare…

Read more →

The US Commerce Department wants to prohibit the sale or import of connected vehicles with Russian or Chinese-made hardware and software This article has been indexed from www.infosecurity-magazine.com Read the original article: US Mulls Ban on Russian, Chinese Parts in…

Read more →

Cybersecurity leaders should prioritize response and recovery over prevention to effectively navigate the ever-evolving threat landscape, according to Gartner analysts This article has been indexed from www.infosecurity-magazine.com Read the original article: #GartnerSEC: Zero Failure Tolerance, A Cybersecurity Myth Holding Back…

Read more →

A new Europol report argues that AI tools could revolutionize policing across the region This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol: GenAI Offers “Treasure Trove of Possibilities”

Read more →

Pavel Durov says he will share details of “bad actors” and clean up Telegram’s search function This article has been indexed from www.infosecurity-magazine.com Read the original article: Telegram Boss Agrees to Closer Police Cooperation

Read more →

Kryptina, a free Ransomware-as-a-Service tool available on dark web forums, is now being used by Mallox ransomware affiliates This article has been indexed from www.infosecurity-magazine.com Read the original article: Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox

Read more →

The flaws are dangerous as the Houzez theme and Login Register plugin could allow privilege escalation by unauthenticated users This article has been indexed from www.infosecurity-magazine.com Read the original article: Vulnerabilities Found in Popular Houzez Theme and Plugin

Read more →

An overall rise in cyber incidents coming from Russian-aligned adversaries in 2024 was accompanied by a decrease in high and critical-severity incidents This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Cyber-Attacks Home in on Ukraine’s Military…

Read more →

The Information Commissioner’s Office says it’s pleased that LinkedIn has temporarily suspended its generative AI model training This article has been indexed from www.infosecurity-magazine.com Read the original article: LinkedIn Pauses GenAI Training Following ICO Concerns

Read more →

Officers in Germany have shut down 47 cryptocurrency exchanges they accused of facilitating cybercrime This article has been indexed from www.infosecurity-magazine.com Read the original article: German Police Shutter 47 Criminal Crypto Exchanges

Read more →

In its fourth annual report, the US Cyberspace Solarium Commission highlighted the need to focus on securing critical infrastructure and bolstering cyber resilience This article has been indexed from www.infosecurity-magazine.com Read the original article: US Cyberspace Solarium Commission Outlines Ten…

Read more →

A new report by Check Point Software highlights a significant increase in cloud security incidents, largely due to a lack of cybersecurity expertise and employee training This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Skills Gap…

Read more →

The bank giant and Quantinuum trialed the first application of quantum-secure technology for buying and selling tokenized physical gold This article has been indexed from www.infosecurity-magazine.com Read the original article: Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions

Read more →

Infostealer malware and digital identity exposure behind rise in ransomware, researchers find This article has been indexed from www.infosecurity-magazine.com Read the original article: Infostealers Cause Surge in Ransomware Attacks, Just One in Three Recover Data

Read more →

Cyber and law enforcement agencies across the “Five Eyes” countries issue warning about large-scale botnet linked to Chinese firm and Flax Typhoon group This article has been indexed from www.infosecurity-magazine.com Read the original article: Western Agencies Warn Risk from Chinese-Controlled…

Read more →

A Manchester law firm has filed a lawsuit against outsourcing giant Capita, representing nearly 8000 claimants who were affected by a cyber-attack in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: 8000 Claimants Sue Outsourcing Giant…

Read more →

US Schools and libraries have until November 1, 2024 to enrol for a three-year program during which participants will receive discounts on eligible cybersecurity services and equipment This article has been indexed from www.infosecurity-magazine.com Read the original article: FCC $200m…

Read more →

Group-IB claims to have found evidence of a new TeamTNT cryptojacking campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: Cryptojacking Gang TeamTNT Makes a Comeback

Read more →

Thales claims API insecurity and automated bot abuse is costing organizations an estimated $186bn annually This article has been indexed from www.infosecurity-magazine.com Read the original article: Insecure APIs and Bot Attacks Cost Global Firms $186bn

Read more →

Critical infrastructure security undermined by weakness in email protection, researchers warn This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Infrastructure at Risk From Email Security Breaches

Read more →

Attackers use Google Street View images to put pressure on victims of “sextortion” scams This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Street View Images Used For Extortion Scams

Read more →

The suspected creator of Ghost, an encrypted communication platform allegedly used by organized crime groups worldwide, has been arrested This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Taskforce Disrupts Global Criminal Network Through Supply Chain Attack

Read more →

Telco giant AT&T will pay the FCC $13m to resolve a cloud breach investigation This article has been indexed from www.infosecurity-magazine.com Read the original article: AT&T Agrees $13m FCC Settlement Over Cloud Data Breach

Read more →

The US Cybersecurity and Infrastructure Security Agency is trying to eradicate cross-site scripting vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Issues Advice to Help Eliminate XSS Bugs

Read more →

CISA project will align cybersecurity polices across the Federal Civilian Executive Branch of US government This article has been indexed from www.infosecurity-magazine.com Read the original article: US Looks to Align Security Across Government

Read more →

Online gambling site, Sky Betting and Gaming, found to have “unlawfully” processed data through advertising cookies This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Acts Against Sky Betting and Gaming Over Cookies

Read more →

83% of organizations use AI to generate code despite rising concerns from security leaders, found a Venafi survey This article has been indexed from www.infosecurity-magazine.com Read the original article: Most Cyber Leaders Fear AI-Generated Code Will Increase Security Risks

Read more →

The CyberBoost: Catalyse is supported by the Cyber Security Agency of Singapore, the National University of Singapore and UK-based innovation hub Plexal This article has been indexed from www.infosecurity-magazine.com Read the original article: Singapore Launches Accelerator for International Cybersecurity Startups

Read more →

The US Treasury has issued more sanctions against directors of notorious spyware developer Intellexa This article has been indexed from www.infosecurity-magazine.com Read the original article: US Ramps Up Sanctions on Spyware-Maker Intellexa

Read more →

Cohesity claims ransomware attacks are on the rise in the UK, with 59% of breached firms paying their extortionists This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half of Breached UK Firms Pay Ransom

Read more →

A new government report reveals that nearly half of UK businesses lack basic cybersecurity skills, while advanced skills like penetration testing and incident management are even more scarce This article has been indexed from www.infosecurity-magazine.com Read the original article: Half…

Read more →

White House issues new voluntary commitments to combat image-based sexual abuse in AI This article has been indexed from www.infosecurity-magazine.com Read the original article: White House to Tackle AI-Generated Sexual Abuse Images

Read more →

SIM swapping and “adversary-in-the-middle” can bypass security for accounts on X (formerly Twitter) This article has been indexed from www.infosecurity-magazine.com Read the original article: Advanced Phishing Attacks Put X Accounts at Risk

Read more →

Apple filed a motion to drop its lawsuit against NSO Group, fears key elements of its cyber defensive measures could be revealed to other spyware vendors This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple to Drop…

Read more →

Meta has unpaused a project to train AI on Facebook and Instagram posts, despite privacy concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Goes Ahead With Controversial AI Training in UK

Read more →

Under-fire DNA testing firm 23andMe will pay $30m to settle class action lawsuit This article has been indexed from www.infosecurity-magazine.com Read the original article: 23andMe Agrees to $30m Data Breach Settlement

Read more →

Nations participating in the event include the US, Canada, EU countries, India, Japan, Singapore, Ghana and Oman This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Hosts International Cyber Skills Conference

Read more →

An FBI and CISA alert highlighted false claims of breaches of voter registration databases, designed to undermine confidence in US elections This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Actors Spreading False US Voter Registration Breach…

Read more →

Over 600 patients and employees of Lehigh Valley Health Network in Pennsylvania had their medical record photos hacked and posted on the internet This article has been indexed from www.infosecurity-magazine.com Read the original article: Record $65m Settlement for Hacked Patient…

Read more →

Microsoft will introduce new security capabilities for solution providers outside of kernel mode, preventing events like the CrowdStrike global outage This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Vows to Prevent Future CrowdStrike-Like Outages

Read more →

Ireland’s Data Protection Commission launches inquiry into whether Google followed GDPR rules over AI model training This article has been indexed from www.infosecurity-magazine.com Read the original article: Irish Data Protection Regulator to Investigate Google AI

Read more →

TfL has revealed that some customer data was accessed in a recent cyber-attack, potentially including the bank details of 5000 people This article has been indexed from www.infosecurity-magazine.com Read the original article: TfL Confirms Customer Data Breach, 17-Year-Old Suspect Arrested

Read more →

Ransomware gangs are targeting schools and higher education, with victims facing soaring ransom and recovery costs This article has been indexed from www.infosecurity-magazine.com Read the original article: Schools Face Million-Dollar Bills as Ransomware Rises

Read more →

Mastercard aims to strengthen its cybersecurity capabilities by acquiring Recorded Future, a leading provider of threat intelligence This article has been indexed from www.infosecurity-magazine.com Read the original article: Mastercard Acquires Global Threat Intelligence Firm Recorded Future for $2.65bn

Read more →

Lazarus Group has been observed impersonating Capital One staff to lure developers into downloading malware on open source repositories This article has been indexed from www.infosecurity-magazine.com Read the original article: Lazarus Group Targets Developers in Fresh VMConnect Campaign

Read more →

The UK government has classified data centers as critical infrastructure in a move to protect UK data from cyber-attacks and prevent major IT blackouts This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Recognizes Data Centers as…

Read more →

New FBI data reveals BEC scams have cost businesses more than $55bn since 2013 This article has been indexed from www.infosecurity-magazine.com Read the original article: Business Email Compromise Costs $55bn Over a Decade

Read more →

Endor Labs claims security patches can break underlying open source software 75% of the time This article has been indexed from www.infosecurity-magazine.com Read the original article: Open Source Updates Have 75% Chance of Breaking Apps

Read more →

Excessive use of remote access tools is leaving operational technology devices vulnerable, with even basic security features missing This article has been indexed from www.infosecurity-magazine.com Read the original article: Operational Technology Leaves Itself Open to Cyber-Attack

Read more →

As the US presidential election draws near, polling company Gallup acts to block XSS vulnerability This article has been indexed from www.infosecurity-magazine.com Read the original article: Gallup: Pollster Acts to Close Down Security Threat

Read more →