Critical flaws include those in Oracle Supply Chain products This article has been indexed from www.infosecurity-magazine.com Read the original article: Oracle To Address 320 Vulnerabilities in January Patch Update
Tag: www.infosecurity-magazine.com
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing
Sophos has warned of IT impersonation vishing attacks designed to remotely deploy ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Ransomware Groups Deploy Email Bombing and Teams Vishing
Most European Privacy Teams Are Understaffed and Underfunded
ISACA research claims privacy budgets are set to decline further in 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: Most European Privacy Teams Are Understaffed and Underfunded
HPE Launches Investigation After Hacker Claims Data Breach
HPE is investigating claims of data breach by hacker IntelBroker, who offered stolen files for sale This article has been indexed from www.infosecurity-magazine.com Read the original article: HPE Launches Investigation After Hacker Claims Data Breach
Indian APT Group DONOT Misuses App for Intelligence Gathering
Android apps, linked to APT group DONOT, disguised as a chat platform for intelligence gathering This article has been indexed from www.infosecurity-magazine.com Read the original article: Indian APT Group DONOT Misuses App for Intelligence Gathering
Ukraine’s State Registers Restored Following Cyber-Attack
The December 2024 cyber-attack on the country’s state registers, was attributed to Russian military intelligence services This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukraine’s State Registers Restored Following Cyber-Attack
US Sanctions Chinese Hackers for Treasury, Telecom Breaches
The US has issued sanctions against an individual and a company involved in recent high-profile compromises of government officials by Chinese state-affiliated hackers This article has been indexed from www.infosecurity-magazine.com Read the original article: US Sanctions Chinese Hackers for Treasury,…
Former CIA Analyst Pleads Guilty to Sharing Top Secret Files
CIA analysts Asif William Rahman has pleaded guilty to sharing classified documents about an Israeli attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Former CIA Analyst Pleads Guilty to Sharing Top Secret Files
Data on Half a Million Hotel Guests Exposed After Otelier Breach
At least half a million accounts have been compromised after a breach at hotel management software firm Otelier This article has been indexed from www.infosecurity-magazine.com Read the original article: Data on Half a Million Hotel Guests Exposed After Otelier Breach
US Supreme Court Gives Green Light to TikTok Ban
The Supreme Court has upheld a law that could potentially ban TikTok in the US This article has been indexed from www.infosecurity-magazine.com Read the original article: US Supreme Court Gives Green Light to TikTok Ban
Lazarus Group Targets Developers in New Data Theft Campaign
SecurityScorecard identified a new campaign in which the North Korean Lazarus group aims to steal source code, secrets and cryptocurrency wallet keys from developer environments This article has been indexed from www.infosecurity-magazine.com Read the original article: Lazarus Group Targets Developers…
Star Blizzard Targets WhatsApp in New Campaign
Microsoft highlighted a new Star Blizzard campaign targeting WhatsApp accounts, as the group adapts its TTPs following the takedown of its infrastructure by law enforcement This article has been indexed from www.infosecurity-magazine.com Read the original article: Star Blizzard Targets WhatsApp…
Noyb Files GDPR Complaints Against TikTok and Five Chinese Tech Giants
AliExpress, Shein, Temu, TikTok, WeChat and Xiaomi are accused of operating unlawful data transfers to China This article has been indexed from www.infosecurity-magazine.com Read the original article: Noyb Files GDPR Complaints Against TikTok and Five Chinese Tech Giants
DORA Takes Effect: Financial Firms Still Navigating Compliance Headwinds
The EU’s DORA regulation is in effect as of January 17, with mixed evidence around compliance levels among financial firms This article has been indexed from www.infosecurity-magazine.com Read the original article: DORA Takes Effect: Financial Firms Still Navigating Compliance Headwinds
Middle Eastern Real Estate Fraud Grows with Online Listings
Middle East real estate scams are surging as fraudsters exploit online listings and bypassed due diligence checks This article has been indexed from www.infosecurity-magazine.com Read the original article: Middle Eastern Real Estate Fraud Grows with Online Listings
Trump’s Truth Social Users Targeted by Rampant Scams Online
Truth Social, launched by the Trump Media & Technology Group in 2022, has become a hotspot for scams like phishing and investment fraud This article has been indexed from www.infosecurity-magazine.com Read the original article: Trump’s Truth Social Users Targeted by…
Biden Tightens Software Supply Chain Security Requirements Ahead of Trump Takeover
The US President’s second cybersecurity Executive Order will impose stricter security standards on software providers This article has been indexed from www.infosecurity-magazine.com Read the original article: Biden Tightens Software Supply Chain Security Requirements Ahead of Trump Takeover
DORA Compliance Costs Soar Past €1m for Many UK and EU Businesses
Compliance with the Digital Operational Resilience Act (DORA) has cost many businesses over €1 million, according to research from Rubrik This article has been indexed from www.infosecurity-magazine.com Read the original article: DORA Compliance Costs Soar Past €1m for Many UK…
New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls
The leak likely comes from a zero-day exploit affecting Fortinet’s products This article has been indexed from www.infosecurity-magazine.com Read the original article: New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls
Hackers Use Image-Based Malware and GenAI to Evade Email Security
HP Wolf highlighted novel techniques used by attackers to bypass email protections, including embedding malicious code inside images and utilizing GenAI This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Use Image-Based Malware and GenAI to Evade…
GoDaddy Accused of Serious Security Failings by FTC
A proposed settlement order from the FTC will require GoDaddy to strengthen its security practices following multiple data breaches at the web hosting giant This article has been indexed from www.infosecurity-magazine.com Read the original article: GoDaddy Accused of Serious Security…
EU To Launch New Support Centre by 2026 to Boost Healthcare Cybersecurity
A new EU action plan will be structured around four pillars: prevention, threat detection and identification, response to cyber-attacks and deterrence This article has been indexed from www.infosecurity-magazine.com Read the original article: EU To Launch New Support Centre by 2026…
CISA Launches Playbook to Boost AI Cybersecurity Collaboration
CISA launched the JCDC AI Cybersecurity Playbook to enhance collaboration on AI cybersecurity risks This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Launches Playbook to Boost AI Cybersecurity Collaboration
Chinese PlugX Malware Deleted in Global Law Enforcement Operation
The FBI deleted Chinese PlugX malware from thousands of devices in the US, using a technique developed by French cybersecurity firm Sekoia.io This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese PlugX Malware Deleted in Global Law…
Multi-Cloud Adoption Surges Amid Rising Security Concerns
A new report from Fortinet reveals increased adoption of multi-cloud strategies and hybrid implementations combining on-premises and public cloud infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: Multi-Cloud Adoption Surges Amid Rising Security Concerns
Illicit Crypto-Inflows Set to Top $51bn in a Year
Chainalysis estimates threat actors made at least $51bn through crypto crime in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Illicit Crypto-Inflows Set to Top $51bn in a Year
Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls
The security provider published mitigation measures to prevent exploitation This article has been indexed from www.infosecurity-magazine.com Read the original article: Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls
Secureworks Exposes North Korean Links to Fraudulent Crowdfunding
Secureworks Counter Threat Unit (CTU) has identified links between North Korean IT workers and fraudulent crowdfunding activities, with the group known as Nickle Tapestry orchestrating scams to support North Korean interests This article has been indexed from www.infosecurity-magazine.com Read the…
Microsoft Patches Eight Zero-Days to Start the Year
Patch Tuesday saw Microsoft fix eight zero-days, three of which are being actively exploited This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Patches Eight Zero-Days to Start the Year
New AI Rule Aims to Prevent Misuse of US Technology
A new Interim Final Rule on Artificial Intelligence Diffusion issued in the US strengthens security, streamlines chip sales and prevents misuse of AI technology This article has been indexed from www.infosecurity-magazine.com Read the original article: New AI Rule Aims to…
Browser-Based Cyber-Threats Surge as Email Malware Declines
Browser-based cyber-threats surged in 2024, with credential abuse and infostealers on the rise This article has been indexed from www.infosecurity-magazine.com Read the original article: Browser-Based Cyber-Threats Surge as Email Malware Declines
Manchester Law Firm Leads 15,000 to Sue Google and Microsoft over AI Data
Barings Law is planning to sue the two tech giants over numerous alleged violations of data misuse, including for AI training This article has been indexed from www.infosecurity-magazine.com Read the original article: Manchester Law Firm Leads 15,000 to Sue Google…
UK Considers Ban on Ransomware Payments by Public Bodies
A UK government consultation has proposed banning public sector and critical infrastructure organizations from making ransomware payments to disincentivize attackers from targeting these services This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Considers Ban on Ransomware…
Remediation Times Drop Sharply as Cyber Hygiene Take Up Surges
CISA claims US critical infrastructure providers are improving cyber hygiene and remediation activities This article has been indexed from www.infosecurity-magazine.com Read the original article: Remediation Times Drop Sharply as Cyber Hygiene Take Up Surges
UK Registry Nominet Breached Via Ivanti Zero-Day
The .uk registry Nominet has been breached by a recently disclosed zero-day vulnerability in Ivanti products This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Registry Nominet Breached Via Ivanti Zero-Day
Critical Infrastructure Urged to Scrutinize Product Security During Procurement
A joint government advisory has set out steps critical infrastructure firms should take to ensure any OT products they purchase are secure by design This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Infrastructure Urged to Scrutinize…
Russian Malware Campaign Hits Central Asian Diplomatic Files
Diplomatic entities in Kazakhstan and Central Asia have been targeted by UAC-0063 using weaponized Word docs deploying HATVIBE malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Malware Campaign Hits Central Asian Diplomatic Files
Microsoft 365 MFA Outage Fixed
Microsoft confirmed an outage of its multi-factor authentication system impacting access to Microsoft 365, causing login failures and service disruption This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft 365 MFA Outage Fixed
New Ransomware Group Uses AI to Develop Nefarious Tools
Researchers at Check Point said FunkSec operators appear to use AI for malware development This article has been indexed from www.infosecurity-magazine.com Read the original article: New Ransomware Group Uses AI to Develop Nefarious Tools
WEF Warns of Growing Cyber Inequity Amid Escalating Complexities in Cyberspace
A new WEF report highlighted growing disparities in the cyber capabilities of different types of organizations and regions This article has been indexed from www.infosecurity-magazine.com Read the original article: WEF Warns of Growing Cyber Inequity Amid Escalating Complexities in Cyberspace
Three Russians Charged with Crypto Mixer Money Laundering
Three Russian men have been indicted on money laundering charges connected to cryptocurrency mixers This article has been indexed from www.infosecurity-magazine.com Read the original article: Three Russians Charged with Crypto Mixer Money Laundering
Telefonica Breach Hits 20,000 Employees and Exposes Jira Details
Telefonica has confirmed a breach of its internal ticketing system exposing more than 236,000 lines of customer data This article has been indexed from www.infosecurity-magazine.com Read the original article: Telefonica Breach Hits 20,000 Employees and Exposes Jira Details
Cybercriminals Use Fake CrowdStrike Job Offers to Distribute Cryptominer
CrowdStrike warned it had observed a phishing campaign impersonating the firm’s recruitment process to lure victims into downloading cryptominer This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Use Fake CrowdStrike Job Offers to Distribute Cryptominer
Slovakia Hit by Historic Cyber-Attack on Land Registry
A large-scale cyber-attack has targeted the information system of Slovakia’s land registry, impacting the management of land and property records This article has been indexed from www.infosecurity-magazine.com Read the original article: Slovakia Hit by Historic Cyber-Attack on Land Registry
Medusind Breach Exposes Sensitive Patient Data
The US medical billing firm is notifying over 360,000 customers that their personal, financial and medical data may have been exposed This article has been indexed from www.infosecurity-magazine.com Read the original article: Medusind Breach Exposes Sensitive Patient Data
Fake PoC Exploit Targets Security Researchers with Infostealer
Trend Micro detailed how attackers are using a fake proof-of-concept for a critical Microsoft vulnerability, designed to steal sensitive data from security researchers This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake PoC Exploit Targets Security Researchers…
Fancy Product Designer Plugin Flaws Expose WordPress Sites
Critical Fancy Product Designer plugin flaws risk remote code execution and SQL injection attacks on WordPress sites This article has been indexed from www.infosecurity-magazine.com Read the original article: Fancy Product Designer Plugin Flaws Expose WordPress Sites
Japan Faces Prolonged Cyber-Attacks Linked to China’s MirrorFace
Cyber-attacks by China-linked MirrorFace targeted Japan’s national security information in major campaigns operating since 2019 This article has been indexed from www.infosecurity-magazine.com Read the original article: Japan Faces Prolonged Cyber-Attacks Linked to China’s MirrorFace
PowerSchool Reportedly Pays Ransom to Prevent Student Data Leak
A school district said that PowerSchool paid a ransom to prevent the attackers releasing data it accessed of students and teachers in North America This article has been indexed from www.infosecurity-magazine.com Read the original article: PowerSchool Reportedly Pays Ransom to…
EU Commission Liable for Breaching EU’s Own Data Protection Rules
A court has ruled the EU Commission infringed an individual’s right to the protection of their personal data by transferring their details to the US This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Commission Liable for…
Government Launches £1.9m Initiative to Boost UK’s Cyber Resilience
The UK government has pledged nearly £2m to 30 new Cyber Local projects designed to enhance cyber resilience This article has been indexed from www.infosecurity-magazine.com Read the original article: Government Launches £1.9m Initiative to Boost UK’s Cyber Resilience
Critical Ivanti Zero-Day Exploited in the Wild
Ivanti customers are urged to patch two new bugs in the security vendor’s products, one of which is being actively exploited This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Ivanti Zero-Day Exploited in the Wild
Green Bay Packers Pro Shop Data Breach Compromises Customers
The Green Bay Packers disclosed on Monday that their official online store was breached and customer information stolen This article has been indexed from www.infosecurity-magazine.com Read the original article: Green Bay Packers Pro Shop Data Breach Compromises Customers
US Launches Cyber Trust Mark for IoT Devices
The voluntary Cyber Trust Mark labeling program will allow consumers to assess the cybersecurity of IoT devices when making purchasing decisions This article has been indexed from www.infosecurity-magazine.com Read the original article: US Launches Cyber Trust Mark for IoT Devices
Scammers Exploit Microsoft 365 to Target PayPal Users
A new PayPal phishing scam used genuine money requests, bypassing security checks to deceive recipients This article has been indexed from www.infosecurity-magazine.com Read the original article: Scammers Exploit Microsoft 365 to Target PayPal Users
Casio Admits Security Failings as Attackers Leak Employee and Customer Data
Electronics firm Casio revealed that ransomware attackers have leaked the personal data of employees, customers and business partners This article has been indexed from www.infosecurity-magazine.com Read the original article: Casio Admits Security Failings as Attackers Leak Employee and Customer Data
New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices
A newly identified Mirai botnet exploits over 20 vulnerabilities, including zero-days, in industrial routers and smart home devices This article has been indexed from www.infosecurity-magazine.com Read the original article: New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices
Fake Government Officials Use Remote Access Tools for Card Fraud
Group-IB has observed scammers impersonating government officials to trick disaffected consumers into divulging card details This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Government Officials Use Remote Access Tools for Card Fraud
New Research Highlights Vulnerabilities in MLOps Platforms
New research by Security Intelligence has revealed security risks in MLOps platforms including Azure ML, BigML and Google Vertex AI This article has been indexed from www.infosecurity-magazine.com Read the original article: New Research Highlights Vulnerabilities in MLOps Platforms
Moxa Urges Immediate Updates for Security Vulnerabilities
Moxa has reported two critical vulnerabilities in its routers and network security appliances that could allow system compromise and arbitrary code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: Moxa Urges Immediate Updates for Security Vulnerabilities
Phishing Click Rates Triple in 2024
Netskope observed a 190% growth in enterprise users clicking phishing links as attackers become more creative in delivering effective lures This article has been indexed from www.infosecurity-magazine.com Read the original article: Phishing Click Rates Triple in 2024
UK Government to Ban Creation of Explicit Deepfakes
The UK government is cracking down on the generation of sexually explicit deepfakes in a bid to protect women and girls This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government to Ban Creation of Explicit Deepfakes
CISA Claims Treasury Breach Did Not Impact Other Agencies
The US Cybersecurity and Infrastructure Security Agency claims a recent China-linked breach was confined to the Treasury This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Claims Treasury Breach Did Not Impact Other Agencies
Supply Chain Attack Targets Key Ethereum Development Tools
A new supply chain attack targets Ethereum tools, exploiting npm packages to steal sensitive data This article has been indexed from www.infosecurity-magazine.com Read the original article: Supply Chain Attack Targets Key Ethereum Development Tools
New PhishWP Plugin Enables Sophisticated Payment Page Scams
The PhishWP plugin enables scammers to create fake payment pages, stealing sensitive data via Telegram This article has been indexed from www.infosecurity-magazine.com Read the original article: New PhishWP Plugin Enables Sophisticated Payment Page Scams
Chinese Hackers Double Cyber-Attacks on Taiwan
Taiwan’s security service said government networks faced 2.4 million attacks in 2024, most of which are attributed to Chinese state actors This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers Double Cyber-Attacks on Taiwan
New Infostealer Campaign Uses Discord Videogame Lure
Threat actors are tricking victims into downloading malware with the promise of testing a new videogame This article has been indexed from www.infosecurity-magazine.com Read the original article: New Infostealer Campaign Uses Discord Videogame Lure
Scammers Drain $500m from Crypto Wallets in a Year
Scam Sniffer claims that threat actors used wallet drainers to steal $494m from victims in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Scammers Drain $500m from Crypto Wallets in a Year
US Sanctions Chinese Cybersecurity Firm for Global Botnet Attacks
The US government said that China based firm Integrity Technology Group provided infrastructure for Flax Typhoon to attack multiple US targets This article has been indexed from www.infosecurity-magazine.com Read the original article: US Sanctions Chinese Cybersecurity Firm for Global Botnet…
Atos Group Denies Space Bears’ Ransomware Attack Claims
Atos Group has denied the ransomware group Space Bears’ claims of compromising its database, calling the allegations unfounded This article has been indexed from www.infosecurity-magazine.com Read the original article: Atos Group Denies Space Bears’ Ransomware Attack Claims
Crypto Boss Extradited to Face $40bn Fraud Charges
Former Terraform CEO Do Hyeong Kwon is now in the US facing federal fraud charges This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto Boss Extradited to Face $40bn Fraud Charges
DDoS Disrupts Japanese Mobile Giant Docomo
Docomo has revealed a DDoS attack on Thursday took down key services This article has been indexed from www.infosecurity-magazine.com Read the original article: DDoS Disrupts Japanese Mobile Giant Docomo
Web3 Attacks Result in $2.3Bn in Cryptocurrency Losses
The amount of crypto stolen in the Web3 ecosystem rose by 31.6% compared to 2023, with phishing the most costly attack vector This article has been indexed from www.infosecurity-magazine.com Read the original article: Web3 Attacks Result in $2.3Bn in Cryptocurrency…
Apple Agrees $95M Settlement Over Siri Privacy Violations
Apple has agreed to a $95m settlement in a class action lawsuit alleging Siri privacy violations, with eligible users receiving up to $20 per Siri-enabled device This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple Agrees $95M…
US Confirms Russian GenAI Disinformation Op Targeted Election
The US government has sanctioned Russian state-affiliated entity CGE, which used a vast GenAI infrastructure to spread disinformation during the US Presidential election This article has been indexed from www.infosecurity-magazine.com Read the original article: US Confirms Russian GenAI Disinformation Op…
Global Campaign Targets PlugX Malware with Innovative Portal
Sekoia’s innovative PlugX malware disinfection campaign removed active threats across ten countries This article has been indexed from www.infosecurity-magazine.com Read the original article: Global Campaign Targets PlugX Malware with Innovative Portal
New DoubleClickjacking Attack Bypasses Protections
DoubleClickjacking bypasses X-Frame-Options and SameSite cookies in double-click sequences, exposing UI authentication flaws This article has been indexed from www.infosecurity-magazine.com Read the original article: New DoubleClickjacking Attack Bypasses Protections
HIPAA Rules Update Proposed to Combat Healthcare Data Breaches
The US government has set out proposals to increase security obligations on healthcare providers to protect patient data amid surging cyber-attacks in the sector This article has been indexed from www.infosecurity-magazine.com Read the original article: HIPAA Rules Update Proposed to…
Hackers Leak Rhode Island Citizens’ Data on Dark Web
The State of Rhode Island has confirmed that cybercriminals have begun publishing data stolen from its social services portal, the RIBridges system This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Leak Rhode Island Citizens’ Data on…
Dozens of Chrome Browser Extensions Hijacked by Data Thieves
Over 2.5 million end users are at risk as researchers discover 36 compromised Chrome extensions This article has been indexed from www.infosecurity-magazine.com Read the original article: Dozens of Chrome Browser Extensions Hijacked by Data Thieves
US Treasury Computers Accessed by China in Supply Chain Attack
Chinese hackers appear to have compromised Treasury machines via a trusted third party This article has been indexed from www.infosecurity-magazine.com Read the original article: US Treasury Computers Accessed by China in Supply Chain Attack
Majority of UK SMEs Lack Cybersecurity Policy
Insurance firm Markel Direct found that 69% of UK SMEs lack a cybersecurity policy, with a significant lack of basic cybersecurity measures in place across these firms This article has been indexed from www.infosecurity-magazine.com Read the original article: Majority of…
CISA’s 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration
The US Cybersecurity and Infrastructure Security Agency’s 2024 Year in Review marks Jen Easterly’s final report before resignation This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA’s 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration
Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%
The vacuum left by RedLine’s takedown will likely lead to a bump in the activity of other a infostealers This article has been indexed from www.infosecurity-magazine.com Read the original article: Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%
US and Japan Blame North Korea for $308m Crypto Heist
A joint US-Japan alert attributed North Korean hackers with a May 2024 crypto heist worth $308m from Japan-based company DMM This article has been indexed from www.infosecurity-magazine.com Read the original article: US and Japan Blame North Korea for $308m Crypto…
Spyware Maker NSO Group Liable for WhatsApp User Hacks
A US judge has ruled in favor of WhatsApp in a long-running case against commercial spyware-maker NSO Group This article has been indexed from www.infosecurity-magazine.com Read the original article: Spyware Maker NSO Group Liable for WhatsApp User Hacks
Major Biometric Data Farming Operation Uncovered
Researchers at iProov have discovered a dark web group compiling identity documents and biometric data to bypass KYC checks This article has been indexed from www.infosecurity-magazine.com Read the original article: Major Biometric Data Farming Operation Uncovered
Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP
The vulnerabilities, now patched, posed significant risks, including unauthorized file uploads, privilege escalation and SQL injection attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP
Ransomware Attack Exposes Data of 5.6 Million Ascension Patients
US healthcare giant Ascension revealed that 5.6 million individuals have had their personal, medical and financial information breached in a ransomware attack This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attack Exposes Data of 5.6 Million…
Cryptomining Malware Found in Popular Open Source Packages
Cryptomining malware hits popular npm packages rspack and vant, posing risks to open source tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Cryptomining Malware Found in Popular Open Source Packages
Interpol Identifies Over 140 Human Traffickers in New Initiative
A new digital operation has enabled Interpol to identify scores of human traffickers operating between South America and Europe This article has been indexed from www.infosecurity-magazine.com Read the original article: Interpol Identifies Over 140 Human Traffickers in New Initiative
ICO Warns of Mobile Phone Festive Privacy Snafu
The Information Commissioner’s Office has warned that millions of Brits don’t know how to erase personal data from their old devices This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Warns of Mobile Phone Festive Privacy Snafu
Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe
OpenAI must also initiate a six-month public awareness campaign across Italian media, explaining how it processes personal data for AI training This article has been indexed from www.infosecurity-magazine.com Read the original article: Italy’s Data Protection Watchdog Issues €15m Fine to…
LockBit Admins Tease a New Ransomware Version
The LockBitSupp persona said LockBit 4.0 will be launched in February 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Admins Tease a New Ransomware Version
Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers
The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers
Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns
The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging users isolate these devices from networks This article has been indexed from www.infosecurity-magazine.com Read the original article: Webcams and DVRs…
CISA Urges Encrypted Messaging After Salt Typhoon Hack
The US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Encrypted Messaging After Salt Typhoon Hack
Ransomware Attackers Target Industries with Low Downtime Tolerance
A Dragos report observed 23 new ransomware groups targeting industrial organizations in Q3 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attackers Target Industries with Low Downtime Tolerance
US Organizations Still Using Kaspersky Products Despite Ban
Bitsight found that 40% of US organizations who used Kaspersky products before the government ban came into effect still appear to be using them This article has been indexed from www.infosecurity-magazine.com Read the original article: US Organizations Still Using Kaspersky…
EU Opens Door for AI Training Using Personal Data
The EU Data Protection Board (EDPB) published a long-awaited opinion on how GDPR should apply to AI models This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Opens Door for AI Training Using Personal Data