Category: www.infosecurity-magazine.com

Trend Micro also revealed a connection between the Play ransomware group and the threat actor Prolific Puma This article has been indexed from www.infosecurity-magazine.com Read the original article: Play Ransomware Expands to Target VMWare ESXi Environments

Read more →

Europol also said that multi-layered extortion tactics in ransomware are becoming more common This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Groups Fragment Amid Rising Cybercrime Threats

Read more →

Cybercriminals have launched phishing campaigns purporting to support organizations impacted by the global IT outage, caused by a CrowdStrike Falcon issue This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Exploit CrowdStrike Outage Chaos

Read more →

Two Russian nationals have pleaded guilty to charges relating to their participation in the LockBit ransomware gang This article has been indexed from www.infosecurity-magazine.com Read the original article: Two Russians Convicted for Role in LockBit Attacks

Read more →

The SEC allegations against SolarWinds and its CISO over statements made after the 2020 ‘Sunburst’ hack were based on “hindsight and speculation,” said the judge This article has been indexed from www.infosecurity-magazine.com Read the original article: Sunburst: US Judge Dismisses…

Read more →

An issue related to an update to CrowdStrike’s security platform Falcon Sensor has impacted Microsoft Windows Operating Systems, causing global IT outages This article has been indexed from www.infosecurity-magazine.com Read the original article: CrowdStrike Fault Causes Global IT Outages

Read more →

HotPage manipulates browser traffic by hooking into network-based Windows API functions This article has been indexed from www.infosecurity-magazine.com Read the original article: HotPage Malware Hijacks Browsers with Signed Microsoft Driver

Read more →

All SAP AI Core vulnerabilities were reported to SAP by Wiz and have since been fixed This article has been indexed from www.infosecurity-magazine.com Read the original article: SAP AI Core Flaws Expose Sensitive Customer Data and Keys

Read more →

Crypto accounts tied to scammers associated with $162m in crypto losses have been closed as part of Operation Spincaster This article has been indexed from www.infosecurity-magazine.com Read the original article: Chainalysis Launches Public-Private Plans to Crack Down on Crypto Scams

Read more →

MediSecure revealed that the personal and health data of approximately 12.9 million Australians has been affected by the May 2024 attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Nearly 13 Million Australians Affected by MediSecure Attack

Read more →

New figures reveal a massive 1170% increase in people impacted by data breaches in Q2 2024 versus a year ago This article has been indexed from www.infosecurity-magazine.com Read the original article: US Data Breach Victim Numbers Surge 1170% Annually

Read more →

A new UK Cyber Security and Resilience Bill will update the NIS Regulations This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Set to Introduce New Cyber Security and Resilience Bill

Read more →

Qilin’s attack on Synnovis severely impacted key NHS hospitals in London earlier this month This article has been indexed from www.infosecurity-magazine.com Read the original article: Qilin Ransomware’s Sophisticated Tactics Unveiled By Experts

Read more →

The ICO said a lack of security controls led to a large-scale data breach at the London Borough of Hackney Council This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Reprimands London Council for Mass Data Breach

Read more →

The threat actor who claimed the recent Disney hack previously targeted AI-centric games and applications with commodity malware and ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: Understanding NullBulge, the New AI-Fighting ‘Hacktivist’ Group

Read more →

Fortinet observed an 80-90% increase in darknet activity targeting the Olympics between 2023 and 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Paris 2024 Olympics Face Escalating Cyber-Threats

Read more →

Netskope found that 96% of organizations use generative AI applications, with sensitive data frequently shared with these tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Sensitive Data Sharing Risks Heightened as GenAI Surges

Read more →

Interpol claims hundreds of arrests were made as police disrupted the West African Black Axe cybercrime gang This article has been indexed from www.infosecurity-magazine.com Read the original article: Global Police Swoop on Black Axe Cybercrime Syndicate

Read more →

CISA has told federal agencies to patch a critical GeoServer GeoTools vulnerability under active exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA: Patch Critical GeoServer GeoTools Bug Now

Read more →

Void Banshee targeted North American, European and Southeast Asian regions with the Atlantida stealer This article has been indexed from www.infosecurity-magazine.com Read the original article: MHTML Exploited By APT Group Void Banshee

Read more →

Disney unreleased projects and internal data are part of a data leak claimed by hacktivist group ‘NullBulge’ This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacktivists Claim Leak Over 1 Terabyte of Disney Data

Read more →

The Iranian APT group has shifted away from using legitimate remote monitoring tools to compromise its victims This article has been indexed from www.infosecurity-magazine.com Read the original article: Iranian MuddyWater Upgrades Arsenal With New Custom Backdoor

Read more →

CyberDragon and Cyber Army of Russia, among others, have claimed responsibility for the attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacktivist Groups Target Romania Amid Geopolitical Tensions

Read more →

JumpCloud found that half of SME IT teams believe they lack the resources and staffing to defend their organization against cyber-threats This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of SMEs Unprepared for Cyber-Threats

Read more →

Russian AV-maker Kaspersky is set to shutter its US operations from Saturday This article has been indexed from www.infosecurity-magazine.com Read the original article: Kaspersky to Quit US Following Commerce Department Ban

Read more →

Russian AV-maker Kaspersky is set to shutter its US operations from Saturday This article has been indexed from www.infosecurity-magazine.com Read the original article: Kaspersky to Quit US This Weekend

Read more →

A Portsmouth University study finds that large numbers of elderly citizens are being harassed by phone fraudsters This article has been indexed from www.infosecurity-magazine.com Read the original article: Two-Fifths of Senior Citizens Suffer Frequent Fraud Attempts

Read more →

Sysdig said CRYSTALRAY used a variety of open source security tools to scan for vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: CRYSTALRAY Cyber-Attacks Grow Tenfold Using OSS Tools

Read more →

The WordPress plugin has over 20,000 active installations and is used for site backups and update management This article has been indexed from www.infosecurity-magazine.com Read the original article: WP Time Capsule Plugin Update Urged After Critical Security Flaw

Read more →

Barracuda has observed attackers using three different URL protection services to mask their phishing URLs, bypassing email security tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Exploit URL Protections to Disguise Phishing Links

Read more →

US pharmacy chain Rite Aid has confirmed a cybersecurity ‘incident’ in June This article has been indexed from www.infosecurity-magazine.com Read the original article: Pharmacy Giant Rite Aid Hit By Ransomware

Read more →

Google is in talks to acquire security startup Wiz Security This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Lines Up $23bn Swoop For Startup Wiz Security

Read more →

AT&T discloses data breach where hackers accessed customer call logs from a cloud platform in April This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Downloaded Call Logs from Cloud Platform in AT&T Breach

Read more →

Clay County, Indiana, said a ransomware attack has prevented the administration of critical services, leading to a disaster declaration being filed This article has been indexed from www.infosecurity-magazine.com Read the original article: Indiana County Files Disaster Declaration Following Ransomware Attack

Read more →

Advance Auto Parts has confirmed a breach of its Snowflake account will impact millions This article has been indexed from www.infosecurity-magazine.com Read the original article: Snowflake Breach at Advance Auto Parts Hits 2.3 Million People

Read more →

NATO members have agreed to develop a new integrated facility to help improve collective cyber-resilience This article has been indexed from www.infosecurity-magazine.com Read the original article: NATO Set to Build New Cyber Defense Center

Read more →

An alert from the CISA and the FBI has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Software Makers to…

Read more →

Operation Ticket Heist involves 700 web domains to sell fake Olympic Games tickets to a Russian-speaking audience, QuoIntelligence has found This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraud Campaign Targets Russians with Fake Olympics Tickets

Read more →

Symantec figures suggest a 9% annual increase claimed ransomware attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Surges Annually Despite Law Enforcement Takedowns

Read more →

Researchers at Elliptic claim multibillion dollar Huione Guarantee platform is enabler of scams and money laundering This article has been indexed from www.infosecurity-magazine.com Read the original article: Huione Guarantee Marketplace Exposed as Front for Cybercrime

Read more →

Smishing Triad’s MO involves registering fraudulent domain names that mimic legitimate organizations This article has been indexed from www.infosecurity-magazine.com Read the original article: Smishing Triad Targets India with Fraud Surge

Read more →

For trusted senders, the flaw is zero-click, but requires one-click interactions for untrusted ones This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability

Read more →

A Cisco report highlighted TTPs used by the most prominent ransomware groups to evade detection, establish persistence and exfiltrate sensitive data This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Groups Prioritize Defense Evasion for Data Exfiltration

Read more →

RT leverages the Meliorator software to create fake personas on social media, US, Canadian and Dutch agencies have found This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Media Uses AI-Powered Software to Spread Disinformation

Read more →

Next DLP study finds majority of security professionals have used unauthorised apps in past year This article has been indexed from www.infosecurity-magazine.com Read the original article: Most Security Pros Admit Shadow SaaS and AI Use

Read more →

Microsoft has addressed two actively exploited and two publicly disclosed zero-day bugs this month This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Four Zero-Days in July Patch Tuesday

Read more →

In a statement on Monday, Evolve confirmed the breach includes over 20,000 customers in Maine This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber-Attack on Evolve Bank Exposed Data of 7.6 Million Customers

Read more →

Group-IB also revealed the ransomware uses Chacha20 and RSA-OAEP for encryption This article has been indexed from www.infosecurity-magazine.com Read the original article: Eldorado Ransomware Strikes Windows and Linux Networks

Read more →

A joint government advisory warned that the Chinese state-sponsored actor APT40 is capable of immediately exploiting newly public vulnerabilities in widely used software This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese State Actor APT40 Exploits N-Day…

Read more →

Researchers at Avast found a flaw in the cryptographic schema of the DoNex ransomware and have been sending out decryptor keys to victims since March 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Avast Provides DoNex…

Read more →

Study confirms most manufacturers with DMARC don’t have it configured to most secure policy This article has been indexed from www.infosecurity-magazine.com Read the original article: Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection

Read more →

Tickets to Foo Fighters, Aerosmith, Pink and Usher gigs have been leaked by a threat actor trying to extort Ticketmaster This article has been indexed from www.infosecurity-magazine.com Read the original article: Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak

Read more →

The malware issues commands via a hardcoded charcode table and Microsoft COM object interfaces This article has been indexed from www.infosecurity-magazine.com Read the original article: New APT CloudSorcerer Malware Hits Russian Targets

Read more →

Trend Micro said the trojan has been observed masquerading as communications from tax agencies This article has been indexed from www.infosecurity-magazine.com Read the original article: Mekotio Trojan Targets Latin American Banking Credentials

Read more →

Cisco has told customers that 42 of its products are impacted by the OpenSSH regreSSHion vulnerability, with a further 51 products being investigated This article has been indexed from www.infosecurity-magazine.com Read the original article: Cisco Warns regreSSHion Vulnerability Impacts Multiple…

Read more →

The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens This article has been indexed from www.infosecurity-magazine.com Read the original article: Russia Blocks VPN Services in Information Crackdown

Read more →

Higher average token prices are the likely cause of the surge rather than a change in the crypto threat landscape This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto Thefts Double to $1.4 Billion, TRM Labs Finds

Read more →

A Cybernews investigation found that nearly 10 billion unique passwords have been posted on a popular hacking forum, putting users worldwide at risk of account compromises This article has been indexed from www.infosecurity-magazine.com Read the original article: 10 Billion Passwords…

Read more →

The Lithuanian data protection authority has imposed a fine of almost $2.5m on second-hand specialist Vinted for breaching GDPR This article has been indexed from www.infosecurity-magazine.com Read the original article: Vinted Fined €2.3m Over Data Protection Failure

Read more →

The EU’s Digital Europe Programme (DEP) will provide over €210m in funding for cybersecurity and digital skills projects This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Opens Applications for Cybersecurity and Digital Skills Funding

Read more →

Law Enforcement Agencies can’t intercept communications without an agreement disabling PET in home routing This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Warns of Home Routing Challenges For Lawful Interception

Read more →

The action comes in response to concerns over the company’s updated privacy policy This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Faces Suspension of AI Data Training in Brazil

Read more →

Certik observed the loss of $1.1bn worth of cryptocurrency across Web3 platforms in the first half of 2024, with phishing the most common vector This article has been indexed from www.infosecurity-magazine.com Read the original article: Over $1bn in Cryptocurrency Lost…

Read more →

Roll20 confirmed its administrative website account was accessed by a “bad actor,” leaving its users’ personal information exposed This article has been indexed from www.infosecurity-magazine.com Read the original article: Gamers’ Data Exposed in RPG Platform Roll20 Breach

Read more →

Researchers claim the Volcano Demon ransomware group personally phone victims to pressure them into paying This article has been indexed from www.infosecurity-magazine.com Read the original article: New Ransomware Group Phones Execs to Extort Payment

Read more →

Global law enforcers have share intelligence leading to the takedown of hundreds of IP addresses hosting Cobalt Strike This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s NCA Leads Major Cobalt Strike Takedown

Read more →

The attack exploits the polyfill.io domain, which was recently acquired by Funnull, a China-based entity This article has been indexed from www.infosecurity-magazine.com Read the original article: WordPress Plugins at Risk From Polyfill Library Compromise

Read more →

The vulnerabilities stem from manipulable custom classes in PanelView Plus This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Uncovers Major Flaws in Rockwell PanelView Plus

Read more →

Orange Cyberdefense’s latest Cy-Xplorer report shows a 77% rise in cyber extortion, with SMBs impacted 4.2 times more often than large enterprises This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Extortion Soars: SMBs Hit Four Times…

Read more →

A ThinkCyber survey conducted at Infosecurity Europe 2024 found that half of employees are afraid of reporting security mistakes This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Employees Fear Punishment for Reporting Security Mistakes

Read more →

Payments professionals have highlighted authorized push payment (APP) fraud as the top threat facing businesses and consumers This article has been indexed from www.infosecurity-magazine.com Read the original article: APP Fraud Singled Out as Biggest Financial Crime Threat

Read more →

A new report reveals the hidden mental health toll of ransomware attacks on victims, urging a focus on well-being alongside data and system recovery This article has been indexed from www.infosecurity-magazine.com Read the original article: New RUSI Report Exposes Psychological…

Read more →

Police have arrested 54 suspected members of a vishing group who stole the life savings of scores of victims This article has been indexed from www.infosecurity-magazine.com Read the original article: Dozens of Arrests Disrupt €2.5m Vishing Gang

Read more →

Proofpoint highlighted how smishing, impersonation and spam are eroding trust in mobile messaging This article has been indexed from www.infosecurity-magazine.com Read the original article: Mobile Political Spam Surges Threefold For 2024 Election

Read more →

The move follows a series of reported compliance failures and lack of progress in addressing publicly disclosed incidents This article has been indexed from www.infosecurity-magazine.com Read the original article: Chrome Update Will Block Entrust Certificates by November 2024

Read more →

Comparitech calculated that the average ransom demand was over $5.2m in the first six months of 2024, with 421 confirmed incidents during this period This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attack Demands Reach a…

Read more →

The former CEO and COO of a health startup will spend years in jail after conducting a large-scale fraud scheme This article has been indexed from www.infosecurity-magazine.com Read the original article: Health Tech Execs Get Jail Time For $1bn Fraud…

Read more →

Cisco has patched a zero-day vulnerability exploited by a Chinese APT group to compromise Nexus switches This article has been indexed from www.infosecurity-magazine.com Read the original article: Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group

Read more →

The EU Commission said Meta’s pay or consent model means users cannot freely consent to their personal data being collected for advertising purposes This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta’s ‘Pay or Consent’ Data Model…

Read more →

A newly discovered RCE vulnerability, which can lead to full system compromise, has put over 14 million OpenSSH server instances are potentially at risk, according to Qualys This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical OpenSSH…

Read more →

Evil twin Wi-Fi access points mimicked legitimate networks to capture personal data from unsuspecting victims who mistakenly connected to them This article has been indexed from www.infosecurity-magazine.com Read the original article: Australian Police Arrest Suspect in Fake Wi-Fi Scam Targeting…

Read more →

Insurance broker Howden says premiums are falling as security best practice takes hold This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber-Insurance Premiums Decline as Firms Build Resilience

Read more →

Outsourcer Infosys McCamish Systems has revealed millions of victims were impacted by a ransomware attack last year This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Six Million Hit by Ransomware Breach at Infosys McCamish Systems

Read more →

Remote software provider TeamViewer has revealed it has been hit by a cyber-attack that it attributes to Russian state actor Midnight Blizzard This article has been indexed from www.infosecurity-magazine.com Read the original article: TeamViewer Cyber-Attack Attributed to Russian APT Midnight…

Read more →

From an average of one cybersecurity expert for 1285 employees in 2023, large organizations now have one for every 1086 employees, according to Wavestone This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Workforce Grows 15% at…

Read more →

Google warned of high levels of activity from Chinese influence operator Dragon Bridge, which is increasingly experimenting with generative AI tools to create content This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Thwarts Over 10,000 Attempts…

Read more →

The data from Bugcrowd also reveals 40% of them think most firms don’t understand breach risks This article has been indexed from www.infosecurity-magazine.com Read the original article: CISOs Reveal Firms Prioritize Savings Over Long-Term Security

Read more →

The operation, orchestrated by Interpol, resulted in the arrest of 3950 suspects This article has been indexed from www.infosecurity-magazine.com Read the original article: Operation First Light Seizes $257m in Global Scam Bust

Read more →

A CISA analysis in collaboration with international partners concluded most critical open source projects potentially contain memory safety vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Majority of Critical Open Source Projects Contain Memory Unsafe Code

Read more →

The US government is offering up to $10m for information on Amin Timovich Stigal’s location or his malicious cyber activity This article has been indexed from www.infosecurity-magazine.com Read the original article: US Charges Russian Individual for Pre-Invasion Ukraine Hack

Read more →

Corelight study claims many IT leaders see benefit of GenAI but similar share are concerned about data exposure This article has been indexed from www.infosecurity-magazine.com Read the original article: IT Leaders Split on Using GenAI For Cybersecurity

Read more →

A new report warns that Chinese APT groups are using ransomware to conceal cyber-espionage activity This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese State Actors Use Ransomware to Conceal Real Intent

Read more →

Two authentication bypass vulnerabilities affect Progress Software’s MOVEit Transfer SFTP service in a default configuration and MOVEit Gateway This article has been indexed from www.infosecurity-magazine.com Read the original article: Progress Discloses Two New Vulnerabilities in MOVEit Products

Read more →

A novel malware strain, Snowblind, bypasses security measures in banking apps on Android, leading to financial losses and fraud, according to Promon This article has been indexed from www.infosecurity-magazine.com Read the original article: Novel Banking Malware Targets Customers in Southeast…

Read more →

A growing number of malware operators have turned to cloud-based command and control servers to deploy malicious campaigns, Fortinet researchers found This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Attackers Turn to Cloud Services to Deploy…

Read more →

Identity-related crimes declined 16% annually in 2023 with the majority related to compromised credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Identity Crime Reports Drop 16% Annually but Job Scams Surge

Read more →

The FBI has urged cryptocurrency scam victims to be on the alert for fraudsters posing as lawyers This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Law Firms Con Victims of Crypto Scams, Warns FBI

Read more →

Cleafy identified five different botnets operated by affiliates, each targeting different geographical areas This article has been indexed from www.infosecurity-magazine.com Read the original article: New Medusa Trojan Variant Emerges with Enhanced Stealth Features

Read more →

According to Resecurity, a significant portion of the stolen data was found on the XSS underground forum This article has been indexed from www.infosecurity-magazine.com Read the original article: Dark Web Sees 230% Rise in Singapore Identity Theft

Read more →

A Thales report found that 44% of organizations have experienced a cloud data breach, with human error and misconfigurations the leading root causes This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloud Breaches Impact Nearly Half of…

Read more →