Tag: www.infosecurity-magazine.com

Proofpoint said TA4903 adopted new tactics, including lure themes referencing confidential docs and ACH payments This article has been indexed from www.infosecurity-magazine.com Read the original article: TA4903 Phishing Campaigns Evolve, Target US Government

Read more →

Cado said the payloads facilitated RCE attacks by leveraging common misconfigurations and known vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Linux Malware Targets Docker, Apache Hadoop, Redis and Confluence

Read more →

The EU has agreed new rules to strengthen cyber incident response and recovery across member states, encompassing closer cooperation mechanisms This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Agrees ‘Cyber Solidarity Act’ to Bolster Incident Response…

Read more →

The UK’s Chartered Institute of Information Security warns that many professionals are prepared to moonlight for cybercrime groups This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Pros Turn to Cybercrime as Salaries Stagnate

Read more →

A new threat actor has been observed by Zscaler distributing remote access Trojans (RATs) via online meeting lures This article has been indexed from www.infosecurity-magazine.com Read the original article: Skype, Google Meet, and Zoom Used in New Trojan Scam Campaign

Read more →

The US Treasury has designated individuals and entities associated with Predator spyware developer, Intellexa This article has been indexed from www.infosecurity-magazine.com Read the original article: US Sanctions Predator Spyware Maker Intellexa

Read more →

The US Treasury has designated individuals and entities associated with Predator spyware developer, Intellexa This article has been indexed from www.infosecurity-magazine.com Read the original article: US Sanctions Predator Spyware-Maker Intellexa

Read more →

Cisco Talos uncovered two new tools developed by the group: the “GhostSec Deep Scan tool” and “GhostPresser” This article has been indexed from www.infosecurity-magazine.com Read the original article: GhostSec Evolves With Website Compromise Tools

Read more →

With a claimed 80% efficiency, the new AI detection tool will be used to inform the police during criminal investigations This article has been indexed from www.infosecurity-magazine.com Read the original article: South Korean Police Develops Deepfake Detection Tool Ahead of…

Read more →

Speculations about the shut down range from a potential exit scam to a rebranding initiative This article has been indexed from www.infosecurity-magazine.com Read the original article: ALPHV/BlackCat Ransomware Servers Go Down

Read more →

American Express has informed customers that their credit card details may have been compromised following a breach of a third-party merchant processor This article has been indexed from www.infosecurity-magazine.com Read the original article: American Express Warns Credit Card Data Exposed…

Read more →

Ukraine’s military intelligence service says it hacked and stole sensitive documents from Russia’s Ministry of Defense This article has been indexed from www.infosecurity-magazine.com Read the original article: Ukraine Claims it Hacked Russian MoD

Read more →

JetBrains says on-premises TeamCity servers must be upgraded to mitigate two new bugs This article has been indexed from www.infosecurity-magazine.com Read the original article: TeamCity Users Urged to Patch Critical Vulnerabilities

Read more →

The researchers developed a worm, dubbed “Morris II,” which targets generative AI ecosystems through the use of adversarial self-replicating prompts This article has been indexed from www.infosecurity-magazine.com Read the original article: Self-Propagating Worm Created to Target Generative AI Systems

Read more →

Sekoia.io observed developments in the group’s DDoS tools, including updates enhancing compatibility with different processor architectures and OS This article has been indexed from www.infosecurity-magazine.com Read the original article: Hacktivist Collective NoName057 Strikes European Targets

Read more →

Proofpoint warned the method could be used for data gathering and further malicious activities This article has been indexed from www.infosecurity-magazine.com Read the original article: TA577 Exploits NTLM Authentication Vulnerability

Read more →

Despite being exposed to human rights violations, the Predator spyware continues to be used across the world – including in new countries This article has been indexed from www.infosecurity-magazine.com Read the original article: Predator Spyware Targeted Mobile Phones in New…

Read more →

UK’s National Cyber Security Centre warns of dangers of insecure perimeter products This article has been indexed from www.infosecurity-magazine.com Read the original article: Securing Perimeter Products Must Be a Priority, Says NCSC

Read more →

German police have dismantled the country’s largest underground marketplace: Crimemarket This article has been indexed from www.infosecurity-magazine.com Read the original article: Drugs and Cybercrime Market Busted By German Cops

Read more →

President Biden warned that connected vehicles built in China could be used to steal sensitive data of US citizens and critical infrastructure This article has been indexed from www.infosecurity-magazine.com Read the original article: Biden Warns Chinese Cars Could Steal US…

Read more →

Government agencies from the Five Eyes coalition said that Ivanti’s own tools are not sufficient to detect compromise This article has been indexed from www.infosecurity-magazine.com Read the original article: Five Eyes Warn of Ivanti Vulnerabilities Exploitation, Detection Tools Insufficient

Read more →

The Home Office failed to assess the privacy intrusion of the continuous collection of migrants’ location information in breach of UK data protection law, according to the ICO This article has been indexed from www.infosecurity-magazine.com Read the original article: UK…

Read more →

The breach was discovered on February 21 2024, according to an SEC filing published on the same day This article has been indexed from www.infosecurity-magazine.com Read the original article: Pharma Giant Cencora Reports Cybersecurity Breach

Read more →

Infoblox said Savvy Seahorse uses fake ChatGPT and WhatsApp bots to lure victims This article has been indexed from www.infosecurity-magazine.com Read the original article: Savvy Seahorse Targets Investment Platforms With DNS Scams

Read more →

Chainalysis study of crypto flows reveals darknet markets made $1.7bn in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Dark Web Market Revenues Rebound but Sector Fragments

Read more →

The US government advisory warns healthcare organizations are being targeted by BlackCat amid an ongoing cyber-incident affecting Change Healthcare This article has been indexed from www.infosecurity-magazine.com Read the original article: US Government Warns Healthcare is Biggest Target for BlackCat Affiliates

Read more →

The maker of the Mispadu Trojan started distributing a new infostealer with financial lures to Mexican users, Cisco Talos found This article has been indexed from www.infosecurity-magazine.com Read the original article: TimbreStealer Malware Targets Mexican Victims with Tax-Related Lures

Read more →

A new presidential executive order attempts to prevent the mass sales of personal data to countries like China and Russia This article has been indexed from www.infosecurity-magazine.com Read the original article: Biden Bans Mass Sale of Data to Hostile Nations

Read more →

The routers were hijacked to steal credentials, proxy traffic, and host phishing pages and custom tools This article has been indexed from www.infosecurity-magazine.com Read the original article: FBI Issues Alert on Russian Threats Targeting Ubiquiti Routers

Read more →

Kaspersky reported a 231% surge in compromised accounts from 4.7 million in 2021 to 15.5 million in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: 34 Million Roblox Credentials Exposed on Dark Web in Three Years

Read more →

The UK government provided a preview of its future Cybersecurity Governance Code of Practice, which aims to be the go-to cyber guideline for UK business leaders This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Unveils Draft…

Read more →

UK Information Commissioner John Edwards explains how the ICO is working to provide clarity around the lawful use of AI This article has been indexed from www.infosecurity-magazine.com Read the original article: UK ICO Vows to Safeguard Privacy in AI Era,…

Read more →

ISACA’s Rob Clyde and Pam Nigro discuss how to advance digital trust in a security context This article has been indexed from www.infosecurity-magazine.com Read the original article: How Security Leaders Can Break Down Barriers to Enable Digital Trust

Read more →

Cifas claims that most business decision makers are worried about fraudsters targeting employees This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half of UK Firms Concerned About Insider Threats

Read more →

Group-IB research warns of rising use of zero-day threats in targeted attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Ads for Zero-Day Exploit Sales Surge 70% Annually

Read more →

Ransomware and destabilization attacks rose in 2023, yet France’s National Cybersecurity Agency is most concerned about a diversification of cyber espionage campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: Industrial Cyber Espionage France’s Top Threat Ahead…

Read more →

NIST has made further tweaks to Version 2.0 of its Cybersecurity Framework following feedback from the cybersecurity community This article has been indexed from www.infosecurity-magazine.com Read the original article: NIST Releases Final Version of Cybersecurity Framework 2.0

Read more →

The flaw, discovered by Patchstack, stems from a lack of input sanitization and output escaping in the plugin’s code This article has been indexed from www.infosecurity-magazine.com Read the original article: Four Million WordPress Sites Vulnerable to LiteSpeed Plugin Flaw

Read more →

The Viakoo study also said 50% firms faced IoT cyber incidents in past year, 44% of which were severe This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of IT Leaders Identify IoT as Security Weak Point

Read more →

Synopsys report reveals 74% of codebases now contain risky open source components This article has been indexed from www.infosecurity-magazine.com Read the original article: Most Commercial Code Contains High-Risk Open Source Bugs

Read more →

Proofpoint found that 69% of organizations experienced a successful ransomware incident in the past year, with 60% hit on four or more occasions This article has been indexed from www.infosecurity-magazine.com Read the original article: 69% of Organizations Infected by Ransomware…

Read more →

Imperva finds attacks targeting API business logic increased to 27% in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Business Logic Abuse Dominates as API Attacks Surge

Read more →

A new White House report has urged software and hardware developers to adopt memory safe programming languages, and eliminate one of the most pervasive classes of bugs This article has been indexed from www.infosecurity-magazine.com Read the original article: White House…

Read more →

Known as Midnight Blizzard, the Dukes or Cozy Bear, the group has been identified as a Russian entity likely operating under the SVR This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Issues Alert on APT29’s Cloud…

Read more →

Kaspersky said that in 2023, the number of mobile attacks soared to nearly 33.8 million This article has been indexed from www.infosecurity-magazine.com Read the original article: Expert Warns of Growing Android Malware Activity

Read more →

What businesses should know about Operation Cronos and LockBit, one of the largest ransomware takedowns in history This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Takedown: What You Need to Know about Operation Cronos

Read more →

The FTC order found that Avast sold browsing data to advertisers that could reveal highly sensitive insights about users, misleading them about privacy protections in the process This article has been indexed from www.infosecurity-magazine.com Read the original article: Avast Faces…

Read more →

The UK’s National Cyber Security Centre is preparing a new cyber governance training pack for boards This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC to Offer Cyber Governance Guidance to Boards

Read more →

Moving giant U-Haul has revealed that 67,000 customers were caught in a data breach last year This article has been indexed from www.infosecurity-magazine.com Read the original article: U-Haul Informs Customers of Major Data Breach

Read more →

Law enforcement agencies involved in Operation Cronos have announced they have been in contact with the LockBit kingpin aka LockbitSupp This article has been indexed from www.infosecurity-magazine.com Read the original article: Operation Cronos: Who Are the LockBit Admins

Read more →

The UK’s ICO has ruled Serco Leisure’s use facial recognition technology and fingerprint scanning to monitor employee attendance is in breach of data protection law This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Bans Serco Leisure’s…

Read more →

Cybereason found that 78% of organizations who paid a ransom demand were hit by a second ransomware attack, often by the same threat actor This article has been indexed from www.infosecurity-magazine.com Read the original article: 78% of Organizations Suffer Repeat…

Read more →

Kaspersky explained the fraudulent emails prompted recipients to enable two-factor authentication This article has been indexed from www.infosecurity-magazine.com Read the original article: SMBs at Risk From SendGrid-Focused Phishing Tactics

Read more →

The incident has impacted numerous Change Healthcare applications, including pharmacy, medical records This article has been indexed from www.infosecurity-magazine.com Read the original article: Change Healthcare Cyber-Attack Leads to Prescription Delays

Read more →

SentinelLabs and ClearSky said the group leverage a substantial network of social media accounts This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian-Aligned Network Doppelgänger Targets German Elections

Read more →

The OWASP Foundation provides new guidelines to deploy secure-by-design LLM use cases This article has been indexed from www.infosecurity-magazine.com Read the original article: OWASP Releases Security Checklist Generative AI Deployment

Read more →

ISC2 found that 82% of cybersecurity professionals believe AI will improve the efficiency of their jobs This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Pros Embrace AI, Over 80% Believe It Will Enhance Jobs

Read more →

Two Maryland residents have been convicted of a multimillion-dollar fraud scheme against Apple This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese Duo Found Guilty of $3m Apple Fraud Plot

Read more →

Researchers warn of a “ransomware free-for-all” after ScreenConnect vulnerability is exploited This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Warning as CVSS 10.0 ScreenConnect Bug is Exploited

Read more →

Kaspersky’s recent report said the shortage is particularly acute in Europe, Russia and Latin America This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 40% of Firms Struggle With Cybersecurity Talent Shortage

Read more →

The White House Executive Order will give new powers to the US Coast Guard to manage cyber threats in ports and issue cybersecurity standards This article has been indexed from www.infosecurity-magazine.com Read the original article: Biden Executive Order to Bolster…

Read more →

Since emerging in May 2023, the group claims to have victimized 77 companies and public institutions This article has been indexed from www.infosecurity-magazine.com Read the original article: Exclusive: eSentire Confirms Rhysida Ransomware Victims

Read more →

Compromising valid identities became the top initial access vector in 2023 while phishing dropped to second place, IBM found in a new report This article has been indexed from www.infosecurity-magazine.com Read the original article: IBM: Identity Compromises Surge as Top…

Read more →

ESET researchers reveal a Russian threat actor has targeted Ukrainian citizens with PYSOPs messages warning of impacts such as food and medicine shortages from the war This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Hackers Launch…

Read more →

The UK’s National Cyber Security Centre has produced new guidance for smaller firms on PBX attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Sounds Alarm Over Private Branch Exchange Attacks

Read more →

It now takes threat actors on average just 62 minutes to move laterally from initial access, Crowdstrike claims This article has been indexed from www.infosecurity-magazine.com Read the original article: Attacker Breakout Time Falls to Just One Hour

Read more →

ReversingLabs uncovered two suspicious packages on PyPI: NP6HelperHttptest and NP6HelperHttper This article has been indexed from www.infosecurity-magazine.com Read the original article: New Typosquatting and Repojacking Tactics Uncovered on PyPI

Read more →

Cado Security said this campaign introduces unique techniques to compromise the security of Redis servers This article has been indexed from www.infosecurity-magazine.com Read the original article: Linux Malware Campaign “Migo” Targets Redis For Cryptomining

Read more →

What businesses should know about Operation Cronos and LockBit, one of the largest ransomware takedowns in history This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Ransomware Takedown: What You Need to Know about Operation Cronos

Read more →

The attack, which has been claimed by Anonymous Sudan, has been confirmed to have impacted IT services at the universities of Cambridge and Manchester This article has been indexed from www.infosecurity-magazine.com Read the original article: Top UK Universities Recovering Following…

Read more →

Arctic Wolf found that the median ransomware demand was $600,000 in 2023, a 20% rise on the previous year This article has been indexed from www.infosecurity-magazine.com Read the original article: Initial Ransomware Demands Jump 20% to $600,000 in 2023

Read more →

UK’s National Crime Agency has led an international operation to disrupt the LockBit ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: LockBit Infrastructure Disrupted by Global Law Enforcers

Read more →

A former employee at Stratford-on-Avon District Council stole residents’ emails to promote his business This article has been indexed from www.infosecurity-magazine.com Read the original article: Insider Steals 80,000 Email Addresses From District Councils

Read more →

UK’s National Crime Agency has led an international operation to disrupt the Lockbit ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: Lockbit Infrastructure Disrupted by Global Law Enforcers

Read more →

ThreatFabric said the campaign has evolved since last year, employing sophisticated methods and mainly targeting Samsung devices This article has been indexed from www.infosecurity-magazine.com Read the original article: Anatsa Banking Trojan Resurfaces, Targets European Banks

Read more →

Resecurity said bad actors exploited geopolitical narratives, spreading misinformation This article has been indexed from www.infosecurity-magazine.com Read the original article: Fake Tokens Exploit BRICS Investment Hype

Read more →

TikTok is suspected of breaching the EU’s Digital Services Act requirements on transparency, privacy and obligations to protect minors This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Launches Investigation Into TikTok Over Child Protection and Privacy…

Read more →

The US DoJ said that the Ukrainian national has pleaded guilty to leading the Zeus and IcedID malware campaigns, which resulted in losses of tens of millions of dollars This article has been indexed from www.infosecurity-magazine.com Read the original article:…

Read more →

Hackers have attempted to divert two commercial Israeli aircraft in recent days, reports claim This article has been indexed from www.infosecurity-magazine.com Read the original article: Israeli Aircraft Survive “Cyber-Hijacking” Attempts

Read more →

A new National Crime Agency study reveals 20% of 10- to 16-year-olds have violated the Computer Misuse Act This article has been indexed from www.infosecurity-magazine.com Read the original article: Fifth of British Kids Have Broken the Law Online

Read more →

After discovering a new vulnerability impacting its Connect Secure, Policy Secure, and ZTA gateways, Ivanti is under fire for poor security practices This article has been indexed from www.infosecurity-magazine.com Read the original article: New Ivanti Vulnerability Observed as Widespread Security…

Read more →

Adversaries targeting EU-based victims increasingly leverage EU affairs in spear phishing attacks, CERT-EU found This article has been indexed from www.infosecurity-magazine.com Read the original article: Hackers Exploit EU Agenda in Spear Phishing Campaigns

Read more →

Cybercriminals are increasingly using PDFs to deliver malware, with a 7% rise in threats detected in Q4 2023 compared to Q1, according to a HP Wolf Security report This article has been indexed from www.infosecurity-magazine.com Read the original article: PDF…

Read more →

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Warns Unfair AI Rules Could Empower Hackers, Harming Defense

Read more →

A new Fortinet analysis revealed a plethora of final-stage payloads delivered by a series of malware droppers This article has been indexed from www.infosecurity-magazine.com Read the original article: “TicTacToe Dropper” Malware Distribution Tactics Revealed

Read more →

The breach exposed administrative and user data from specific IT systems, but there is no evidence of customer or client data compromise This article has been indexed from www.infosecurity-magazine.com Read the original article: Prudential Financial Faces Cybersecurity Breach

Read more →

Chainalysis data reveals a near-30% fall in the value of digital currency being laundered in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto-Money Laundering Records 30% Annual Decline

Read more →

Microsoft and OpenAI found that nation-state groups are using generative AI tools to support cyber campaigns rather than developing novel attack techniques This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft, OpenAI Confirm Nation-States are Weaponizing Generative…

Read more →

Group-IB warns of new Trojan GoldPickaxe designed to bypass banking facial recognition with deepfakes This article has been indexed from www.infosecurity-magazine.com Read the original article: GoldPickaxe Trojan Blends Biometrics Theft and Deepfakes to Scam Banks

Read more →

CVE-2024-21412 was used to evade Microsoft Defender SmartScreen and implant victims with DarkMe This article has been indexed from www.infosecurity-magazine.com Read the original article: Water Hydra’s Zero-Day Attack Chain Targets Financial Traders

Read more →

Menlo Security’s latest report also revealed a 26% surge in security policies tailored for generative AI sites This article has been indexed from www.infosecurity-magazine.com Read the original article: PII Input Sparks Cybersecurity Alarm in 55% of DLP Events

Read more →

Iran-aligned adversaries have attempted to use cyber tactics to sway public opinion of the Israel-Hamas war, Google found in a new report This article has been indexed from www.infosecurity-magazine.com Read the original article: Iranian Hackers Target Israel and US to…

Read more →

JumpCloud found that 41% of SME IT professionals expect cybersecurity spending to be cut in their organization, increasing the risk of cyber-attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Spending Expected to be Slashed in…

Read more →

Two zero-day bugs actively exploited in the wild now have official Microsoft patches This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Two Zero-Days in February Patch Tuesday

Read more →

Mozilla warns of serious security and privacy concerns over romantic chatbots downloaded by 100 million users This article has been indexed from www.infosecurity-magazine.com Read the original article: Romantic AI Chatbots Fail the Security and Privacy Test

Read more →

UK utilities firm Southern Water has informed 5-10% of its customer base that their personal data has been accessed following a ransomware attack in January This article has been indexed from www.infosecurity-magazine.com Read the original article: Southern Water Notifies Customers…

Read more →

A notification letter sent to the Attorney General of Maine showed 57,028 individuals were impacted This article has been indexed from www.infosecurity-magazine.com Read the original article: Bank of America Customers at Risk After Data Breach

Read more →

These will focus on countering APTs, fortifying critical infrastructure and anticipating emerging risks This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Reveals JCDC’s 2024 Cybersecurity Priorities

Read more →

Threat intelligence provider Tidal Cyber found that 64 countries holding elections in 2024 could face cyber interference threats This article has been indexed from www.infosecurity-magazine.com Read the original article: US, UK and India Among the Countries Most At Risk of…

Read more →

Proofpoint researchers observed a new Bumblebee social engineering campaign in February following a four-month absence This article has been indexed from www.infosecurity-magazine.com Read the original article: Notorious Bumblebee Malware Re-emerges with New Attack Methods

Read more →