Tag: http://www.infosecurity-magazine.com/rss/news/76/application-security/

Operation Zero will pay $20m for exploits like RCE, LPE and SBX, integral to a full-chain attack This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian Company Offers $20m For Non-NATO Mobile Exploits

Read more →

Operation Zero will pay $20m for exploits like RCE, LPE and SBX, integral to a full-chain attack This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Russian Company Offers $20M For Non-NATO Mobile Exploits

Read more →

Malwarebytes said the goal of these tactics is to lure victims into downloading malicious software This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft’s Bing AI Faces Malware Threat From Deceptive Ads

Read more →

The surge in these attacks has prompted DomainTools to delve into their origins and implications This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Phishing, Smishing Surge Targets US Postal Service

Read more →

UK ICO issues call after damaging police leak This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Privacy Regulator Orders End to Spreadsheet FOI Responses

Read more →

Chinese actor Storm-0558 compromised Outlook accounts This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Breach Exposed 60,000 State Department Emails

Read more →

CVSS 10.0 flaw was found in the WS_FTP Server software This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MOVEit Developer Patches Critical File Transfer Bugs

Read more →

Symantec explained that the attack leveraged a new variant of Budworm’s SysUpdate backdoor This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Budworm APT Evolves Toolset, Targets Telecoms and Government

Read more →

Perception Point research highlights the extensive reach of this issue, affecting hotels and resorts on a global scale This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Booking.com Customers Targeted in Major Phishing Campaign

Read more →

The Trojan utilizes the Obfuscapk obfuscator for Android APK files, Kaspersky explained This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Android Banking Trojan Zanubis Evolves to Target Peruvian Users

Read more →

If the US government shutdown occurs, it is expected that 80% of CISA employees will be furloughed This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Lawmaker: Government Shutdown Will Leave Americans Exposed to Cyber-Attacks

Read more →

It’s the fifth zero-day to be fixed this year This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Google Patches Chrome Zero-Day Used in Spyware Attacks

Read more →

BlackTech group blamed for cyber-espionage operation This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US and Japan Warn of Chinese Router Attacks

Read more →

Kettering-based KNP Logistics Group was hit in June This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Logistics Firm Forced to Close After Ransomware Breach

Read more →

Patchstack uncovered an unauthenticated role privilege escalation flaw and an account takeover vulnerability This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Simple Membership Plugin Flaws Expose WordPress Sites

Read more →

According to Resecurity, Ransomed.vc is demanding a ransom of over $1m from NTT Docomo This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ransomed.vc Group Hits NTT Docomo After Sony Breach Claims

Read more →

Abnormal Security also found a 167% increase in advanced email attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BEC Attacks Increase By 279% in Healthcare

Read more →

Lorraine Dryland, CISO at First Sentier Investors, discusses how to help executives make fast and informed decisions when presented with a ransomware demand This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Leading CISO Creates Model for Ransomware…

Read more →

Russia-backed cyber-attacks in Ukraine jumped 123% in the first half of 2023 – but were less critical than in 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cyber-Attacks on Ukraine Surge 123%, But Success Rates Plummet

Read more →

ICO says handling of domestic abuse victims’ data must improve This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Regulator Warns Breaches Can Cost Lives

Read more →

Region also experiences most DDoS events This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Attacks on European Financial Services Double in a Year

Read more →

UK security agency opens scheme to certify assured providers This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: NCSC Launches Cyber Incident Exercise Scheme

Read more →

Region also experiences most DDoS events This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Attacks on EMEA Financial Services Double in a Year

Read more →

ThreatFabric explained the malware relies on deceptive phishing webpages posing as a Chrome update This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: More than 30 US Banks Targeted in New Xenomorph Malware Campaign

Read more →

Discovered by Proofpoint, ZenRAT is a modular remote access trojan targeting Windows users This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: ZenRAT Malware Uncovered in Bitwarden Impersonation

Read more →

The investigation was conducted by Group-IB, Bridewell and threat researcher Michael Koczwara This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: ShadowSyndicate Investigation Reveals RaaS Ties

Read more →

Almost half of organizations have failed to report cyber-attacks to the appropriate authorities in 2023 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Half of Cyber-Attacks Go Unreported

Read more →

Financial services targeted remorselessly over past year This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Pension Firms Report 4000% Surge in Breaches

Read more →

Agency says it will help firms better manage supply chain risk This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Publishes Hardware Bill of Materials Framework

Read more →

IBM, Microsoft, MITRE and others join forces This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Tech Giants Launch Post-Quantum Cryptography Coalition

Read more →

Unit 42 uncovered three separate threat actor clusters: Stately Taurus, Alloy Taurus and Gelsemium This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Sophisticated APT Clusters Target Southeast Asia

Read more →

This extensive operation is directed at Tibetan, Uyghur and Taiwanese individuals and organizations This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: China-Linked EvilBamboo Targets Mobiles

Read more →

The move aims to combat the rampant spread of misinformation among American voters This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Voting Equipment Giants Team Up For Security

Read more →

The decentralized finance network has suspended deposits and withdrawals after what could be one of the biggest cyber-attacks on cryptocurrency projects This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Web3 Platform Mixin Network Hit by $200m Crypto…

Read more →

National Student Clearinghouse reveals more details of incident This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Almost 900 US Schools Breached Via MOVEit

Read more →

Malware is linked to UAE-backed spies This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Researchers Spot Novel “Deadglyph” Backdoor

Read more →

Nigerian was extradited to the US from Canada This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: BEC Scammer Pleads Guilty to Part in $6m Scheme

Read more →

National Student Clearinghouse reveals more details of incident This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Almost US 900 Schools Breached Via MOVEit

Read more →

Tabletop exercise assessed the cybersecurity response capabilities, plans and procedures for the event This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA and NFL Collaborate to Secure Super Bowl LVIII

Read more →

Kaspersky said these services range from $20 per day to $10,000 a month This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023

Read more →

SentinelLabs said the group’s tactics focus on stealthy lateral movements and minimal interactions This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Elusive Sandman APT Targets Telecom Giants With LuaJIT Toolkit

Read more →

Experts at the mWISE conference discussed who is behind the surge in zero-day exploits This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #mWISE: Why Zero Days Are Set for Highest Year on Record

Read more →

Maryland resident faces possible death penalty This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Government IT Staffer Arrested on Espionage Charges

Read more →

NCSC hopes research will inform future standards This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK Security Agency Publishes New Crypto Designs

Read more →

Bugs were found by Citizen Lab and Google This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Apple Patches Three Actively Exploited Zero-Days

Read more →

The agreement, which represents an extension to the EU-US Data Privacy Framework, will enable the free flow of personal data between the UK and US This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK-US Confirm Agreement for…

Read more →

The Trend Micro report observed that small organizations are being increasingly targeted by ransomware gangs, including LockBit and BlackCat This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Ransomware Victims Surge by 47% with Gangs Targeting Small…

Read more →

Netacea warns of growing threat from malicious automation This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Bot Attack Costs Double to $86m Annually

Read more →

Norton report warns generative AI is making an impact This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Scams Now Make Up 75% of Cyber-Threats

Read more →

Experts believe attacks have ramped up recently This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Government in Snatch Ransomware Warning

Read more →

The Ponemon and DTEX report found that the average annual cost of insider risks has risen by 40% over four years This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #NITAM: Average Annual Cost of Insider Incidents Reaches…

Read more →

A new legal requirement for medical devices in the US will introduce the first-ever SBOM mandate for the consumer market This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #mWISE: US to Implement Game-Changing Cyber Mandates on Medical…

Read more →

ICC says it’s putting additional protections in place This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: International Criminal Court Reveals Security Breach

Read more →

One in 10 have suffered from fraud in past 12 months This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Brits Lose $9.3bn to Scams in a Year

Read more →

Customs officers announce seizure of Piilopuoti server This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Finnish Authorities Shutter Dark Web Drugs Marketplace

Read more →

China is rising as a cyber superpower, sponsoring not just ever more highly sophisticated espionage campaigns, but also venturing into cybercrime and disinformation This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #mWISE: Chinese Cyber Power Bigger Than…

Read more →

The new backdoor is being used by Earth Lusca to conduct cyber-espionage campaigns, primarily against governments in Asia and the Balkans This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chinese Group Exploiting Linux Backdoor to Target Governments

Read more →

FBI director Christopher Wray said that partnerships with the private sector have changed the FBI’s approach to fighting cybercrime This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: #mWISE: FBI Director Urges Greater Private-Public Collaboration Against Cybercrime

Read more →

Database compromise dates back to March 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Threat Actor Claims Major TransUnion Data Breach

Read more →

Database compromise dates back to March 2022 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Threat Actor Claims Major TransUnion Customer Data Breach

Read more →

US manufacturer can’t say when operations will return to normal This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Clorox Struggling to Recover From August Cyber-Attack

Read more →

An overly permissive Shared Access Signature (SAS) token was to blame This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft AI Researchers Leak 38TB of Private Data

Read more →

Sophos researchers highlight a highly sophisticated operation utilizing fake trading pools of cryptocurrency from DeFi trading applications This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Fraudsters Steal Over $1m in Three Weeks Through ‘Pig Butchering’ Crypto Scam

Read more →

Around 25,000 global victims will receive full compensation This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Another $40m Dispersed to Western Union Fraud Victims

Read more →

Global cops support Spanish investigation into massive fraud This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Illegal Betting Ring Used Satellite Tech to Get Scoop on Results

Read more →

Chinese social media giant broke GDPR several times over This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: TikTok Fined $368m For Child Data Privacy Offenses

Read more →

Palo Alto Networks found that over 45% of organizations’ high-risk exposures in the cloud were due to cloud providers introducing new services This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cloud to Blame for Almost all Security…

Read more →

The report says China is likely to launch destructive cyber-attacks against the US Homeland in the event of a military conflict This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: China’s Malicious Cyber Activity Informing War Preparations, Pentagon…

Read more →

Incident exposed personal information at 3200 vendors This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Pirated Software Likely Cause of Airbus Breach

Read more →

APT33 activity resulted in data theft from small number of victims This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Iranian Threat Group Hits Thousands With Password Spray Campaign

Read more →

Attackers compromised loyalty program data via supplier This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Caesars Entertainment Reveals Major Ransomware Breach

Read more →

Officers working undercover or in sensitive roles like intelligence could be exposed This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Manchester Police Officers’ Data Breached in Third-Party Attack

Read more →

A new court filing from the US Department of Justice suggests the billionaire “may have jeopardized data privacy and security” at Twitter, now known as X This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Elon Musk in…

Read more →

North Korean actors have become prolific crypto-thieves This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Lazarus Group Blamed For $53m Heist at CoinEx

Read more →

Symantec says it was used in a failed LockBit attack This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Wake-Up Call as 3AM Ransomware Variant Is Discovered

Read more →

But IBM warns credential compromise is number one initial access vector This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cloud Vulnerabilities Surge 200% in a Year

Read more →

The new campaign is believed to be perpetrated by Storm-0324, which distributes the payloads of other attackers after achieving initial network compromise This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: New Microsoft Teams Phishing Campaign Targets Corporate…

Read more →

The malware researchers’ collective Vx-underground claimed that ALPHV/BlackCat was behind the attack against the casino giant This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MGM Criticized for Repeated Security Failures

Read more →

The parliamentary inquiry heard there are “particular shortages” of cybersecurity experts in the civil service, with pay restraints a major factor This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Chilling Lack of Cyber Experts in UK Government,…

Read more →

Microsoft announces updates for around 60 CVEs This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Microsoft Fixes Two Zero-Day Bugs Used in Attacks

Read more →

New roadmap will cover Fiscal Year 2024-26 This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: CISA Publishes Plan to Enhance Open Source Security

Read more →

Data protection regulator and security agency sign MoU This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: UK ICO and NCSC Set to Share Anonymized Threat Intelligence

Read more →

According to Fortinet security expert Cara Lin, the attack begins with a phishing email This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Windows Systems Targeted in Multi-Stage Malware Attack

Read more →

SlashNext research shows that most of these tools connect to jailbroken versions of public chatbots This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cyber-criminals “Jailbreak” AI Chatbots For Malicious Ends

Read more →

The incident disrupted key company services, impacting website, bookings and in-casino functions This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: MGM Resorts Hit By Cyber-Attack, Systems Down

Read more →

The report highlights the complex supply chain involved in ransomware attacks, requiring a more holistic approach to be taken by governments This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Fighting Individual Ransomware Strains Fruitless, UK Agencies Suggest

Read more →

Symantec warns of mounting threat to critical infrastructure This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Redfly Group Compromises National Power Grid

Read more →

Federal agencies have one month to fix BlastPass vulnerabilities This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: US Government Ordered to Urgently Patch Apple Zero-Day Bugs

Read more →

Policing group releases first ever report on the topic This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Europol: Financial Crime Makes “Billions” and Impacts “Millions”

Read more →

Kaspersky found suspicious files in December 2022 which activated the komar65 library known as BUGHATCH This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Cuba Ransomware Group Unleashes Undetectable Malware

Read more →

ESET explained the impact of the supply chain attack translated to a 16.8% increase in Trojan detections This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Lazarus Group Targets macOS in Supply Chain Assault

Read more →

Beavers emphasized ongoing modernization initiatives for IT architecture and user experience This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Pentagon Urges Collaboration in Cyber Defense

Read more →

The report found that many boards struggle to challenge what they hear about cybersecurity from their organization’s CISO This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Board Members Struggling to Understand Cyber Risks

Read more →

The government’s email system has suffered from a massive ransomware attack in August This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: Ransomware Attack Wipes Out Four Months of Sri Lankan Government Data

Read more →

Maidstone’s St Augustine Academy is latest victim This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: IT Systems Encrypted After UK School Hit By Ransomware

Read more →

Victims were targeted by follow-on phishing attacks This article has been indexed from http://www.infosecurity-magazine.com/rss/news/76/application-security/ Read the original article: AP Stylebook Breach May Have Hit Hundreds of Journalists

Read more →