Tag: www.infosecurity-magazine.com

Northern Ireland Police Data Leak Sees Service Fined by ICO

The ICO blamed the Police Service of Northern Ireland for procedural failings that exposed the personal data of 9843 personnel, putting police officers at risk This article has been indexed from www.infosecurity-magazine.com Read the original article: Northern Ireland Police Data…

FIN7 Gang Hides Malware in AI “Deepnude” Sites

Threat group FIN7 is hiding infostealer malware on sites promising AI deepnude downloads This article has been indexed from www.infosecurity-magazine.com Read the original article: FIN7 Gang Hides Malware in AI “Deepnude” Sites

ACSC and CISA Launch Critical OT Cybersecurity Guidelines

The ACSC, in collaboration with CISA and international partners, has released a guide for securing operational technology in critical sectors This article has been indexed from www.infosecurity-magazine.com Read the original article: ACSC and CISA Launch Critical OT Cybersecurity Guidelines

80% of Manufacturing Firms Have Critical Vulnerabilities

A Black Kite report found that 67% of manufacturing firms have at least one vulnerability from CISA’s Known Exploited Vulnerabilities (KEV) catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: 80% of Manufacturing Firms Have Critical Vulnerabilities

Meta Teams Up with Banks to Target Fraudsters

Meta has announced a new information-sharing partnership with UK financial institutions to target social media fraud This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Teams Up with Banks to Target Fraudsters

Share of Women in UK Cyber Roles Now Just 17%

Socura finds the percentage of women in cybersecurity positions has fallen seven percentage points since 2021 to 17% This article has been indexed from www.infosecurity-magazine.com Read the original article: Share of Women in UK Cyber Roles Now Just 17%

British Hacker Charged in the US For $3.75m Insider Trading Scheme

UK hacker Robert Westbrook allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information This article has been indexed from www.infosecurity-magazine.com Read the original article: British Hacker Charged in the US For $3.75m Insider Trading…

T-Mobile to Pay $15.75m Penalty for Multiple Data Breaches

T-Mobile will pay $15.75m to the US Treasury for multiple data breaches in 2021, 2022 and 2023 and has agreed to invest in improved cybersecurity defenses This article has been indexed from www.infosecurity-magazine.com Read the original article: T-Mobile to Pay…

Ten Million Brits Hit By Fraud in Just Three Years

New Santander research claims 10 million UK consumers have suffered fraud since 2021, costing the economy £16bn This article has been indexed from www.infosecurity-magazine.com Read the original article: Ten Million Brits Hit By Fraud in Just Three Years

Cyber-Attacks Hit Over a Third of English Schools

A survey by Ofqual found that 20% of English schools and colleges were unable to immediately recover after being hit by a cyber incident This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber-Attacks Hit Over a Third…

PwC Urges Boards to Give CISOs a Seat at the Table

PwC claims fewer than 50% of businesses involve their CISOs in strategic planning on cyber This article has been indexed from www.infosecurity-magazine.com Read the original article: PwC Urges Boards to Give CISOs a Seat at the Table

UK and US Warn of Growing Iranian Spear Phishing Threat

Security agencies from the UK and US are urging individuals with Middle East links to beware of Iranian spear phishing attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: UK and US Warn of Growing Iranian Spear…

Man Arrested Over UK Railway Station Wi-Fi Hack

The suspect is an employee of Global Reach Technology, which provides some Wi-Fi services to Network Rail This article has been indexed from www.infosecurity-magazine.com Read the original article: Man Arrested Over UK Railway Station Wi-Fi Hack

Russian Hackers Target Ukrainian Servicemen via Messaging Apps

Russian cyber-attacks on Ukrainian servicemen underscore the escalating use of digital warfare tactics in the ongoing conflict This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Hackers Target Ukrainian Servicemen via Messaging Apps

Data Breach at MC2 Data Leaves 100 Million at Risk of Fraud

The data leak exposed personal data of 100m US citizens, resulting from a misconfigured database made accessible online This article has been indexed from www.infosecurity-magazine.com Read the original article: Data Breach at MC2 Data Leaves 100 Million at Risk of…

First Mobile Crypto Drainer Found on Google Play

Researchers discover mobile crypto drainer malware hidden in WalletConnect app garnering 10,000 downloads This article has been indexed from www.infosecurity-magazine.com Read the original article: First Mobile Crypto Drainer Found on Google Play

82% of Phishing Sites Now Target Mobile Devices

82% of all phishing sites target mobile devices, with 76% using HTTPS to appear secure This article has been indexed from www.infosecurity-magazine.com Read the original article: 82% of Phishing Sites Now Target Mobile Devices

CrowdStrike Apologizes for IT Outage, Defends Microsoft Kernel Access

Adam Meyers, CrowdStrike VP for counter-adversary operations, appeared before a US congressional committee to answer questions about its July faulty software update This article has been indexed from www.infosecurity-magazine.com Read the original article: CrowdStrike Apologizes for IT Outage, Defends Microsoft…

Threat Actors Shift to JavaScript-Based Phishing Attacks

Cybercriminals are increasingly prioritizing script-based phishing techniques over one based on traditional malicious documents This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actors Shift to JavaScript-Based Phishing Attacks

US Mulls Ban on Russian, Chinese Parts in Connected Vehicles

The US Commerce Department wants to prohibit the sale or import of connected vehicles with Russian or Chinese-made hardware and software This article has been indexed from www.infosecurity-magazine.com Read the original article: US Mulls Ban on Russian, Chinese Parts in…

Telegram Boss Agrees to Closer Police Cooperation

Pavel Durov says he will share details of “bad actors” and clean up Telegram’s search function This article has been indexed from www.infosecurity-magazine.com Read the original article: Telegram Boss Agrees to Closer Police Cooperation

Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox

Kryptina, a free Ransomware-as-a-Service tool available on dark web forums, is now being used by Mallox ransomware affiliates This article has been indexed from www.infosecurity-magazine.com Read the original article: Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox

Vulnerabilities Found in Popular Houzez Theme and Plugin

The flaws are dangerous as the Houzez theme and Login Register plugin could allow privilege escalation by unauthenticated users This article has been indexed from www.infosecurity-magazine.com Read the original article: Vulnerabilities Found in Popular Houzez Theme and Plugin

LinkedIn Pauses GenAI Training Following ICO Concerns

The Information Commissioner’s Office says it’s pleased that LinkedIn has temporarily suspended its generative AI model training This article has been indexed from www.infosecurity-magazine.com Read the original article: LinkedIn Pauses GenAI Training Following ICO Concerns

German Police Shutter 47 Criminal Crypto Exchanges

Officers in Germany have shut down 47 cryptocurrency exchanges they accused of facilitating cybercrime This article has been indexed from www.infosecurity-magazine.com Read the original article: German Police Shutter 47 Criminal Crypto Exchanges

Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable

A new report by Check Point Software highlights a significant increase in cloud security incidents, largely due to a lack of cybersecurity expertise and employee training This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Skills Gap…

Western Agencies Warn Risk from Chinese-Controlled Botnet

Cyber and law enforcement agencies across the “Five Eyes” countries issue warning about large-scale botnet linked to Chinese firm and Flax Typhoon group This article has been indexed from www.infosecurity-magazine.com Read the original article: Western Agencies Warn Risk from Chinese-Controlled…

Cryptojacking Gang TeamTNT Makes a Comeback

Group-IB claims to have found evidence of a new TeamTNT cryptojacking campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: Cryptojacking Gang TeamTNT Makes a Comeback

Insecure APIs and Bot Attacks Cost Global Firms $186bn

Thales claims API insecurity and automated bot abuse is costing organizations an estimated $186bn annually This article has been indexed from www.infosecurity-magazine.com Read the original article: Insecure APIs and Bot Attacks Cost Global Firms $186bn

Google Street View Images Used For Extortion Scams

Attackers use Google Street View images to put pressure on victims of “sextortion” scams This article has been indexed from www.infosecurity-magazine.com Read the original article: Google Street View Images Used For Extortion Scams

CISA Issues Advice to Help Eliminate XSS Bugs

The US Cybersecurity and Infrastructure Security Agency is trying to eradicate cross-site scripting vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Issues Advice to Help Eliminate XSS Bugs

US Looks to Align Security Across Government

CISA project will align cybersecurity polices across the Federal Civilian Executive Branch of US government This article has been indexed from www.infosecurity-magazine.com Read the original article: US Looks to Align Security Across Government

ICO Acts Against Sky Betting and Gaming Over Cookies

Online gambling site, Sky Betting and Gaming, found to have “unlawfully” processed data through advertising cookies This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Acts Against Sky Betting and Gaming Over Cookies

Singapore Launches Accelerator for International Cybersecurity Startups

The CyberBoost: Catalyse is supported by the Cyber Security Agency of Singapore, the National University of Singapore and UK-based innovation hub Plexal This article has been indexed from www.infosecurity-magazine.com Read the original article: Singapore Launches Accelerator for International Cybersecurity Startups

US Ramps Up Sanctions on Spyware-Maker Intellexa

The US Treasury has issued more sanctions against directors of notorious spyware developer Intellexa This article has been indexed from www.infosecurity-magazine.com Read the original article: US Ramps Up Sanctions on Spyware-Maker Intellexa

Over Half of Breached UK Firms Pay Ransom

Cohesity claims ransomware attacks are on the rise in the UK, with 59% of breached firms paying their extortionists This article has been indexed from www.infosecurity-magazine.com Read the original article: Over Half of Breached UK Firms Pay Ransom

Half of UK Firms Lack Basic Cybersecurity Skills

A new government report reveals that nearly half of UK businesses lack basic cybersecurity skills, while advanced skills like penetration testing and incident management are even more scarce This article has been indexed from www.infosecurity-magazine.com Read the original article: Half…

Advanced Phishing Attacks Put X Accounts at Risk

SIM swapping and “adversary-in-the-middle” can bypass security for accounts on X (formerly Twitter) This article has been indexed from www.infosecurity-magazine.com Read the original article: Advanced Phishing Attacks Put X Accounts at Risk

Apple to Drop Spyware Lawsuit Over Security Concerns

Apple filed a motion to drop its lawsuit against NSO Group, fears key elements of its cyber defensive measures could be revealed to other spyware vendors This article has been indexed from www.infosecurity-magazine.com Read the original article: Apple to Drop…

Meta Goes Ahead With Controversial AI Training in UK

Meta has unpaused a project to train AI on Facebook and Instagram posts, despite privacy concerns This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Goes Ahead With Controversial AI Training in UK

23andMe Agrees to $30m Data Breach Settlement

Under-fire DNA testing firm 23andMe will pay $30m to settle class action lawsuit This article has been indexed from www.infosecurity-magazine.com Read the original article: 23andMe Agrees to $30m Data Breach Settlement

UK Hosts International Cyber Skills Conference

Nations participating in the event include the US, Canada, EU countries, India, Japan, Singapore, Ghana and Oman This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Hosts International Cyber Skills Conference

Record $65m Settlement for Hacked Patient Photos

Over 600 patients and employees of Lehigh Valley Health Network in Pennsylvania had their medical record photos hacked and posted on the internet This article has been indexed from www.infosecurity-magazine.com Read the original article: Record $65m Settlement for Hacked Patient…

Microsoft Vows to Prevent Future CrowdStrike-Like Outages

Microsoft will introduce new security capabilities for solution providers outside of kernel mode, preventing events like the CrowdStrike global outage This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Vows to Prevent Future CrowdStrike-Like Outages

Irish Data Protection Regulator to Investigate Google AI

Ireland’s Data Protection Commission launches inquiry into whether Google followed GDPR rules over AI model training This article has been indexed from www.infosecurity-magazine.com Read the original article: Irish Data Protection Regulator to Investigate Google AI

TfL Confirms Customer Data Breach, 17-Year-Old Suspect Arrested

TfL has revealed that some customer data was accessed in a recent cyber-attack, potentially including the bank details of 5000 people This article has been indexed from www.infosecurity-magazine.com Read the original article: TfL Confirms Customer Data Breach, 17-Year-Old Suspect Arrested

Schools Face Million-Dollar Bills as Ransomware Rises

Ransomware gangs are targeting schools and higher education, with victims facing soaring ransom and recovery costs This article has been indexed from www.infosecurity-magazine.com Read the original article: Schools Face Million-Dollar Bills as Ransomware Rises

Lazarus Group Targets Developers in Fresh VMConnect Campaign

Lazarus Group has been observed impersonating Capital One staff to lure developers into downloading malware on open source repositories This article has been indexed from www.infosecurity-magazine.com Read the original article: Lazarus Group Targets Developers in Fresh VMConnect Campaign

Operational Technology Leaves Itself Open to Cyber-Attack

Excessive use of remote access tools is leaving operational technology devices vulnerable, with even basic security features missing This article has been indexed from www.infosecurity-magazine.com Read the original article: Operational Technology Leaves Itself Open to Cyber-Attack

Gallup: Pollster Acts to Close Down Security Threat

As the US presidential election draws near, polling company Gallup acts to block XSS vulnerability This article has been indexed from www.infosecurity-magazine.com Read the original article: Gallup: Pollster Acts to Close Down Security Threat

Crypto Scams Reach New Heights, FBI Reports $5.6bn in Losses

The Federal Bureau of Investigation’s Internet Crime Complaint Center (IC3) reported a 45% increase in cryptocurrency-related scams in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto Scams Reach New Heights, FBI Reports $5.6bn in Losses

Poland’s Supreme Court Blocks Pegasus Spyware Probe

The Polish Supreme Court has ruled that a parliamentary commission investigating the previous government’s use of the Pegasus spyware was unconstitutional This article has been indexed from www.infosecurity-magazine.com Read the original article: Poland’s Supreme Court Blocks Pegasus Spyware Probe

Microsoft Fixes Four Actively Exploited Zero-Days

September’s Patch Tuesday fix-list features scores of CVEs including four zero-day vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Four Actively Exploited Zero-Days

DoJ Distributes $18.5m to Western Union Fraud Victims

The Justice Department has begun the latest round of fraud reimbursement from the Western Union Remission Fund This article has been indexed from www.infosecurity-magazine.com Read the original article: DoJ Distributes $18.5m to Western Union Fraud Victims