Tag: www.infosecurity-magazine.com

A novel skimming attack has been observed by Jscramber, using the Stripe API to steal payment information by injecting malicious scripts into pages This article has been indexed from www.infosecurity-magazine.com Read the original article: Stripe API Skimming Campaign Unveils New…

Read more →

A cyber threat actor has claimed to have leaked 144GB of data from Royal Mail users This article has been indexed from www.infosecurity-magazine.com Read the original article: Royal Mail Investigates Data Breach Affecting Supplier

Read more →

Gray bots surge as generative AI scraper activity increases, impacting web applications with millions of requests daily This article has been indexed from www.infosecurity-magazine.com Read the original article: Gray Bots Surge as Generative AI Scraper Activity Increases

Read more →

Hackers stole $1.67bn of cryptocurrencies in the first quarter of 2025, a 303% increase This article has been indexed from www.infosecurity-magazine.com Read the original article: Bybit Heist Fuels Record Crypto-Theft Surge, Says CertiK

Read more →

Google has found a significant increase in North Korean actors attempting to gain employment as IT workers in European companies, leading to data theft and extortion This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korea’s Fake…

Read more →

Gaming community Steam appeared most often in phishing emails and texts detected by Guardio in Q1 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: Steam Surges to Top of Most Spoofed Brands List in Q1

Read more →

The UK’s data protection regulator says it is overwhelmed with complaints from the public This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Apologizes After Data Protection Response Snafu

Read more →

The CERT-UA investigation concluded that the attack’s techniques were “characteristic of Russian intelligence services” This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukraine Blames Russia for Railway Hack, Labels It “Act of Terrorism”

Read more →

WP Ultimate CSV Importer flaws expose 20,000 websites to attacks enabling attackers to achieve full site compromise This article has been indexed from www.infosecurity-magazine.com Read the original article: WP Ultimate CSV Importer Flaws Expose 20,000 Websites to Attacks

Read more →

A new attack targeting Microsoft Teams users used vishing, remote access tools and DLL sideloading to deploy a JavaScript backdoor This article has been indexed from www.infosecurity-magazine.com Read the original article: New Phishing Attack Combines Vishing and DLL Sideloading Techniques

Read more →

Google is set to roll out end-to-end encryption for all Gmail users, boosting security, compliance and data sovereignty efforts This article has been indexed from www.infosecurity-magazine.com Read the original article: Google to Switch on E2EE for All Gmail Users

Read more →

BlueVoyant found that the use of lookalike domains in email-based attacks is allowing actors to extend the types of individuals and organizations being targeted This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Expand Use of Lookalike…

Read more →

A thousand UK service providers will be expected to comply with the forthcoming Cyber Security and Resilience Bill This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Security and Resilience Bill Will Apply to 1000 UK Firms

Read more →

CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282 This article has been indexed from www.infosecurity-magazine.com Read the original article: New Malware Variant RESURGE Exploits Ivanti Vulnerability

Read more →

New “ClickFake Interview” campaign attributed to the Lazarus Group targets crypto professionals with fake job offers This article has been indexed from www.infosecurity-magazine.com Read the original article: ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers

Read more →

The funding will go to several projects within the Digital Europe Programme (DIGITAL) work program for 2025 to 2027 This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Commission to Invest €1.3bn in Cybersecurity and AI

Read more →

The UK’s National Cyber Security Agency has called on Next.js users to patch CVE-2025-29927 This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Urges Users to Patch Next.js Flaw Immediately

Read more →

The DoJ has managed to recoup over $8m from scammers, stolen in romance baiting schemes This article has been indexed from www.infosecurity-magazine.com Read the original article: US Seizes $8.2m from Romance Baiting Scammers

Read more →

Claroty revealed that 89% of healthcare organizations use the top 1% of riskiest Internet-of-Medical-Things (IoMT) devices This article has been indexed from www.infosecurity-magazine.com Read the original article: Nine in Ten Healthcare Organizations Use the Most Vulnerable IoT Devices

Read more →

Forescout researchers found multiple vulnerabilities in leading solar power system manufacturers, which could be exploited to cause emergencies and blackouts This article has been indexed from www.infosecurity-magazine.com Read the original article: Solar Power System Vulnerabilities Could Result in Blackouts

Read more →

Expert speakers discussed the impact of reported cutbacks to CISA on the ability of local officials to protect against surging cyber-attacks on US election infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: Trump CISA Cuts Threaten…

Read more →

A PhaaS platform, dubbed ‘Morphing Meerkat,’ uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel This article has been indexed from www.infosecurity-magazine.com Read the original article: Morphing Meerkat PhaaS Platform Spoofs 100+…

Read more →

Newly identified CoffeeLoader uses multiple evasion techniques and persistence mechanisms to deploy payloads and bypass endpoint security This article has been indexed from www.infosecurity-magazine.com Read the original article: CoffeeLoader Malware Loader Linked to SmokeLoader Operations

Read more →

PJobRAT malware targets Taiwan Android users, stealing data through fake messaging platforms This article has been indexed from www.infosecurity-magazine.com Read the original article: PJobRAT Malware Targets Users in Taiwan via Fake Apps

Read more →

The ICO’s Deputy Commissioner told Infosecurity that organizations that fail to implement MFA and suffer a breach can expect heavy penalties This article has been indexed from www.infosecurity-magazine.com Read the original article: No MFA? Expect Hefty Fines, UK’s ICO Warns

Read more →

Once considered inactive, the Chinese cyber espionage group FamousSparrow has reemerged, targeting organizations across the US, Mexico and Honduras This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US

Read more →

The UK’s National Crime Agency is warning of a growing cyber and physical threat from homegrown teens This article has been indexed from www.infosecurity-magazine.com Read the original article: NCA Warns of Sadistic Online “Com” Networks

Read more →

The UK’s National Cyber Security Centre has released new guidance to help domain registrars enhance security This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Urges Domain Registrars to Improve Security

Read more →

In its 2025 Global Third-Party Breach Report, SecurityScorecard has found that 35.5% of all cyber breaches in 2024 were third-party related, up from 29% in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: SecurityScorecard Observes Surge…

Read more →

Threat actors are exploiting cloud platforms like Adobe and Dropbox to evade email gateways and steal credentials This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actors Abuse Trust in Cloud Collaboration Platforms

Read more →

A newly discovered malware campaign uses malicious npm packages to deploy reverse shells, compromising development environments This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious npm Packages Deliver Sophisticated Reverse Shells

Read more →

Standards body ETSI has defined a scheme for key encapsulation mechanisms with access control (KEMAC), enabling quantum-secure encryption This article has been indexed from www.infosecurity-magazine.com Read the original article: ETSI Publishes New Quantum-Safe Encryption Standards

Read more →

EU security agency ENISA has released a new report outlining the threats and potential mitigations for the space sector This article has been indexed from www.infosecurity-magazine.com Read the original article: ENISA Probes Space Threat Landscape in New Report

Read more →

The UK government’s new fraud minister will today announce plans for a newly expanded fraud strategy This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government’s New Fraud Strategy to Focus on Tech-Enabled Threats

Read more →

McAfee researchers have identified a new wave of Android malware campaigns leveraging .NET MAUI to steal sensitive user information through fake apps This article has been indexed from www.infosecurity-magazine.com Read the original article: New Android Malware Uses .NET MAUI to…

Read more →

Cybercriminals are increasingly leveraging Atlantis AIO, which automates credential stuffing attacks across more than 140 platforms This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Use Atlantis AIO to Target 140+ Platforms

Read more →

NIST has urged more research and emphasis on developing mitigations for attacks on AI and ML systems This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Warns of Significant Limitations in AI/ML Security Mitigations

Read more →

Sygnia has uncovered Weaver Ant, a Chinese threat actor that spied on telecommunications networks for years This article has been indexed from www.infosecurity-magazine.com Read the original article: China-Linked Weaver Ant Hackers Exposed After Four-Year Telco Infiltration

Read more →

Kela researchers detect a 200%+ increase in dark web chatter about malicious AI tools This article has been indexed from www.infosecurity-magazine.com Read the original article: Dark Web Mentions of Malicious AI Tools Spike 200%

Read more →

Wiz Security finds four critical RCE vulnerabilities in the Ingress NGINX Controller for Kubernetes This article has been indexed from www.infosecurity-magazine.com Read the original article: IngressNightmare: Four Critical Bugs Found in 40% of Cloud Systems

Read more →

VanHelsingRaaS, a new ransomware-as-a-service program, infected three victims within two weeks of release, demanding ransoms of $500,000 This article has been indexed from www.infosecurity-magazine.com Read the original article: VanHelsingRaaS Expands Rapidly in Cybercrime Market

Read more →

Ukraine’s national railway company has suffered a “large-scale” cyber-attack, disrupting online services and operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukraine Railway Systems Hit by Targeted Cyber-Attack

Read more →

Authorities in seven African countries have arrested 306 suspects and seized 1842 devices in Operation Red Card This article has been indexed from www.infosecurity-magazine.com Read the original article: Authorities Seize 1842 Devices in Africa’s Cybercrime Crackdown

Read more →

Two years after a data breach that compromised almost seven million customers, 23andMe’s CEO has resigned as the company files for bankruptcy This article has been indexed from www.infosecurity-magazine.com Read the original article: California AG Reminds 23andMe Customers of Data…

Read more →

The UK’s National Crime Agency has launched a new campaign designed to raise awareness of sextortion among teenage boys This article has been indexed from www.infosecurity-magazine.com Read the original article: Teen Boys at Risk of Sextortion as 74% Lack Basic…

Read more →

Threat actors are looking to compromise Google accounts to further malvertising and data theft This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Account Hijackers Target Victims Via Semrush Ads

Read more →

Trend Micro observed a continuous development of Albabat ransomware, designed to expand attacks and streamline operations This article has been indexed from www.infosecurity-magazine.com Read the original article: Albabat Ransomware Evolves to Target Linux and macOS

Read more →

A security researcher has observed threat actors exploiting vulnerabilities in a driver used by CheckPoint’s ZoneAlarm antivirus to bypass Windows security measures This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybercriminals Exploit CheckPoint Antivirus Driver in Malicious…

Read more →

Attackers are exploiting user familiarity with CAPTCHAs to distribute the Lumma Stealer RAT via malicious PowerShell commands, according to HP This article has been indexed from www.infosecurity-magazine.com Read the original article: Attackers Use Fake CAPTCHAs to Deploy Lumma Stealer RAT

Read more →

The FishMonger APT Group has been linked with I-SOON, targeting governments, NGOs and think tanks in cyber-espionage campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: FishMonger APT Group Linked to I-SOON in Espionage Campaigns

Read more →

Rooted devices are 250 times more vulnerable to security incidents, Zimperium warned This article has been indexed from www.infosecurity-magazine.com Read the original article: Rooted Devices 250 Times More Vulnerable to Compromise

Read more →

Bridewell has released its annual report on critical infrastructure security leaders’ perceived cybersecurity maturity and threats This article has been indexed from www.infosecurity-magazine.com Read the original article: UK CNI Security Leaders Express Confidence in Cybersecurity, Despite 95% Breach Rate

Read more →

February’s Operation Henhouse resulted in hundreds of arrests and the seizure of £7.5m This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Police Arrest 422 in Major Fraud Crackdown

Read more →

The Pennsylvania State Education Association (PSEA) has sent breach notifications to over 500,000 current and former members This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half a Million Hit by Pennsylvania Schools Union Breach

Read more →

New NCSC guidance sets out a three-phase migration to post-quantum cryptography, designed to ensure all systems are protected from quantum attacks by 2035 This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Sets 2035 Deadline for Post-Quantum…

Read more →

Newly discovered vulnerability ZDI-CAN-25373 takes advantage of Windows shortcuts has been exploited by 11 state-sponsored groups since 2017 This article has been indexed from www.infosecurity-magazine.com Read the original article: Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups

Read more →

A surge in browser-based phishing attacks has been recorded over the past year, with a 140% increase compared to 2023 according to Menlo Security This article has been indexed from www.infosecurity-magazine.com Read the original article: 752,000 Browser Phishing Attacks Mark…

Read more →

World-renowned physicist, Professor Brian Cox, will headline day one of Infosecurity Europe, analyzing the science behind quantum computing and the challenges it brings This article has been indexed from www.infosecurity-magazine.com Read the original article: Brian Cox to Discuss Quantum Computing’s…

Read more →

The US Cybersecurity and Infrastructure Security Agency added flaws in Fortinet and a popular GitHub Action to its Known Exploited Vulnerabilities catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: Fortinet Vulnerability Exploited in Ransomware Attack, CISA…

Read more →

Security firm Barracuda said it has detected more than a million phishing-as-a-service (PhaaS) attacks in 2025 This article has been indexed from www.infosecurity-magazine.com Read the original article: Sneaky 2FA Joins Tycoon 2FA and EvilProxy in 2025 Phishing Surge

Read more →

Gartner has claimed that AI agents will reduce the time it takes to exploit exposed accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Gartner Warns Agentic AI Will Accelerate Account Takeovers

Read more →

Europol’s annual report warns of a growing threat from aligned state and cybercrime groups, enabled by AI technologies This article has been indexed from www.infosecurity-magazine.com Read the original article: Europol Warns of “Shadow Alliance” Between States and Criminals

Read more →

A Cato Networks researcher discovered a new LLM jailbreaking technique enabling the creation of password-stealing malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Researcher Proves GenAI Tools Can Develop Google Chrome Infostealers

Read more →

Report reveals common password use in RDP attacks, highlighting weak credentials remain a major security flaw This article has been indexed from www.infosecurity-magazine.com Read the original article: New Report Highlights Common Passwords in RDP Attacks

Read more →

Google is set to acquire Wiz, a cloud security platform founded in 2020, for $32bn in an all-cash deal This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Buys Wiz in $32bn Cloud Security Push

Read more →

Leaked chat logs have exposed connections between the BlackBasta ransomware group and Russian authorities, according to new analysis by Trellix This article has been indexed from www.infosecurity-magazine.com Read the original article: BlackBasta Ransomware Ties to Russian Authorities Uncovered

Read more →

Flashpoint data points to a surge in data breaches fueled by compromised credentials, ransomware and exploits This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 16.8 Billion Records Exposed as Data Breaches Increase 6%

Read more →

Bitdefender said the malicious app campaign has resulted in more than 60 million downloads of malicious apps from the Google Play Store This article has been indexed from www.infosecurity-magazine.com Read the original article: Large-Scale Malicious App Campaign Bypassing Android Security

Read more →

Bitsight reveals that UK companies are more exposed to cyber risk than global peers via their digital supply chains This article has been indexed from www.infosecurity-magazine.com Read the original article: Third of UK Supply Chain Relies on “Chinese Military” Companies

Read more →

Cloudflare introduces E2E post-quantum cryptography, enhancing security against quantum threats This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloudflare Introduces E2E Post-Quantum Cryptography Protections

Read more →

From March 17, Ofcom will enforce rules requiring tech platforms operating in the UK to remove illegal content, including child abuse material This article has been indexed from www.infosecurity-magazine.com Read the original article: UK’s Online Safety Act: Ofcom Can Now…

Read more →

DarkAtlas researchers have uncovered a direct link between BlackLock and the Eldorado ransomware group, confirming a rebranded identity of the notorious threat actor This article has been indexed from www.infosecurity-magazine.com Read the original article: Researchers Confirm BlackLock as Eldorado Rebrand

Read more →

A bipartisan delegation of US Congresspeople and Senators has asked the hearing between the UK government and Apple to be made public This article has been indexed from www.infosecurity-magazine.com Read the original article: US Legislators Demand Transparency in Apple’s UK…

Read more →

Action Fraud reported a spike in social media and email account hacks in 2024, resulting in losses of nearly £1m This article has been indexed from www.infosecurity-magazine.com Read the original article: £1M Lost as UK Social Media and Email Account…

Read more →

Common Good Cyber has released a new mapping database designed to help NGOs find the security tools they need This article has been indexed from www.infosecurity-magazine.com Read the original article: Security Database Aims to Empower Non-Profits

Read more →

Researchers warn that popular open source software package tj-actions has been compromised This article has been indexed from www.infosecurity-magazine.com Read the original article: Tj-actions Supply Chain Attack Exposes 23,000 Organizations

Read more →

US authorities have extradited Rostislav Panev on charges of being a developer of the notorious LockBit ransomware This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Ransomware Developer Extradited to US

Read more →

Barracuda observed threat actors impersonating the Clop ransomware group via email to extort payments, claiming to have exfiltrated sensitive data This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraudsters Impersonate Clop Ransomware to Extort Businesses

Read more →

Sir Jeremy Fleming spoke during Palo Alto Networks’ Ignite event in London on March 13 This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director

Read more →

Volt Typhoon’s ten-month intrusion of Littleton Electric Light and Water Departments exposes vulnerabilities in the US electric grid This article has been indexed from www.infosecurity-magazine.com Read the original article: Volt Typhoon Accessed US OT Network for Nearly a Year

Read more →

CISA and FBI warn of Medusa ransomware impacting over 300 victims across critical infrastructure sectors with double extortion tactics This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA, FBI Warn of Medusa Ransomware Impacting Critical Infrastructure

Read more →

Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware This article has been indexed from www.infosecurity-magazine.com Read the original article: ‘ClickFix’ Phishing Scam Impersonates Booking.com to Target Hospitality

Read more →

Palo Alto Networks found that nearly two-thirds of UK organizations cited technology complexity as the most significant challenge towards building a sophisticated security posture This article has been indexed from www.infosecurity-magazine.com Read the original article: Tech Complexity Puts UK Cybersecurity…

Read more →

VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously This article has been indexed from www.infosecurity-magazine.com Read the original article: VC Investment in Cyber Startups Surges 35%

Read more →

The UK’s information commissioner has warned that all digital firms using children’s data must follow the GDPR This article has been indexed from www.infosecurity-magazine.com Read the original article: UK ICO Fires GDPR “Warning Shot” Over Use of Children’s Data

Read more →

ISACA London Chapter members demand e-voting system investigation over security and privacy concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: ISACA London Chapter’s E-Voting System Comes Under Scrutiny

Read more →

In a new round of cuts since Donald Trump became president, 100 people working with the US Cybersecurity and Infrastructure Agency saw their contracts terminated This article has been indexed from www.infosecurity-magazine.com Read the original article: Trump Administration Shakes Up…

Read more →

iOS 18.3.2 patches actively exploited WebKit flaw, addressing critical security risks for users This article has been indexed from www.infosecurity-magazine.com Read the original article: iOS 18.3.2 Patches Actively Exploited WebKit Vulnerability

Read more →

Surging machine identities, faster threat detection and fewer vulnerabilities are shaping cloud security according to a new report This article has been indexed from www.infosecurity-magazine.com Read the original article: Machine Identities Outnumber Humans Increasing Risk Seven-Fold

Read more →

Mandiant revealed that Chinese espionage actor UNC3886 has deployed modified versions of the TinyShell backdoor across multiple Juniper OS routers This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Hackers Implant Backdoor Malware on Juniper Routers

Read more →

Microsoft has fixed seven zero-days this Patch Tuesday, including one not currently being actively exploited This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Patches a Whopping Seven Zero-Days in March

Read more →

The UK’s cybersecurity sector added thousands of workers and over £1bn in revenue in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Cybersecurity Sector Revenue Grows 12% to Top £13bn

Read more →

Blind Eagle has been running campaigns targeting the Colombian government with malicious .url files and phishing attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Blind Eagle Targets Colombian Government with Malicious .url Files

Read more →

New York sues Allstate over data breach, alleging security failures that exposed the driver’s license numbers of nearly 200,000 individuals This article has been indexed from www.infosecurity-magazine.com Read the original article: New York Sues Allstate Over Data Breach and Security…

Read more →

Mimecast found that insider threats, credential misuse and user-driven errors were involved in most security incidents last year This article has been indexed from www.infosecurity-magazine.com Read the original article: 95% of Data Breaches Tied to Human Error in 2024

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has added five new flaws in Ivanti and VeraCore products to its Known Exploited Vulnerabilities catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges All Organizations to…

Read more →

More than 14,500 girls from across the UK took part in this year’s CyberFirst Girls competition This article has been indexed from www.infosecurity-magazine.com Read the original article: Record Number of Girls Compete in CyberFirst Contest

Read more →

Pro-Palestine Dark Storm Team group claims responsibility for major DDoS attacks on X This article has been indexed from www.infosecurity-magazine.com Read the original article: DDoS Blamed as X Suffers Multiple Outages

Read more →

SIM swapping fraud surges in the Middle East as cybercriminals exploit websites mimicking legitimate services to steal personal data This article has been indexed from www.infosecurity-magazine.com Read the original article: SIM Swapping Fraud Surges in the Middle East

Read more →

A new report by Fortinet reveals techniques used by attackers to evade detection and compromise systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Surge in Malicious Software Packages Exploits System Flaws

Read more →