Tag: www.infosecurity-magazine.com

A threat actor claimed to get hold of an exposed GitLab configuration file containing Zendesk API access tokens This article has been indexed from www.infosecurity-magazine.com Read the original article: Stolen Access Tokens Lead to New Internet Archive Breach

Read more →

The August ransomware attack stole 50,000+ documents from Nidec, leaked after ransom refusal This article has been indexed from www.infosecurity-magazine.com Read the original article: 50,000 Files Exposed in Nidec Ransomware Attack

Read more →

The malware loader taken down by Europol in May 2024 could be back with a vengeance This article has been indexed from www.infosecurity-magazine.com Read the original article: Netskope Reports Possible Bumblebee Loader Resurgence

Read more →

Businesses in Australia must update their privacy policies with clear and transparent information about their use of AI, said the regulator This article has been indexed from www.infosecurity-magazine.com Read the original article: Australia’s Privacy Watchdog Publishes Guidance on Commercial AI…

Read more →

Long-lived credentials in the cloud put organizations at high risk of breaches, a report from Datadog has found This article has been indexed from www.infosecurity-magazine.com Read the original article: Half of Organizations Have Unmanaged Long-Lived Cloud Credentials

Read more →

Internet Archive founder confirmed the allegedly exposed data was “safe” This article has been indexed from www.infosecurity-magazine.com Read the original article: Internet Archive and Wayback Machine Resurrect After DDoS Wave

Read more →

Microsoft urges macOS users to apply a fix for the vulnerability, which it believes may be under active exploitation by the Adload malware family This article has been indexed from www.infosecurity-magazine.com Read the original article: macOS Vulnerability Could Expose User…

Read more →

Instagram has announced new security features to protect users from sextortion scams, including hiding follower lists, preventing screenshots, and launching an awareness campaign This article has been indexed from www.infosecurity-magazine.com Read the original article: Instagram Rolls Out New Sextortion Protection…

Read more →

The Redmond-based firm was the most impersonated brand in the third quarter of 2024, while Alibaba entered the Top 10 for the first time This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Named Most Imitated Brand…

Read more →

US authorities have charged a man for involvement in the SEC X account hack in January 2024, which falsely announced the approval of Bitcoin Exchange Traded Funds This article has been indexed from www.infosecurity-magazine.com Read the original article: US Arrest…

Read more →

Cicada3301 ransomware has targeted critical sectors in US/UK, leaking data from 30 firms in three months This article has been indexed from www.infosecurity-magazine.com Read the original article: Cicada3301 Ransomware Targets Critical Sectors in US and UK

Read more →

US authorities have charged two Sudanese linked to DDoS cybercrime group, Anonymous Sudan, which caused $10m in damages This article has been indexed from www.infosecurity-magazine.com Read the original article: US Charges Anonymous Sudan Members in DDoS Cybercrime Case

Read more →

The ongoing campaign targets multiple critical infrastructure sectors, including healthcare, government, information technology, engineering, and energy This article has been indexed from www.infosecurity-magazine.com Read the original article: Iranian Hackers Target Critical Infrastructure with Brute Force Attacks

Read more →

Secureworks said it had observed a case where a fake North Korean IT contractor exfiltrated proprietary data before issuing a ransom demand to their former employer This article has been indexed from www.infosecurity-magazine.com Read the original article: North Korea Escalates…

Read more →

Symantec data reveals RansomHub claimed more attacks than any other group in Q3 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: RansomHub Overtakes LockBit as Most Prolific Ransomware Group

Read more →

Netskope claims 66% of malware attacks last year were backed by nation states This article has been indexed from www.infosecurity-magazine.com Read the original article: Two-thirds of Attributable Malware Linked to Nation States

Read more →

CISA is asking for feedback on future guidance outlining bad security practices in product development as part of its Secure by Design initiative This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Seeks Feedback on Upcoming Product…

Read more →

NIS2 will be enforced as of October 17, yet many organizations and even EU member states appear completely unprepared for implementation This article has been indexed from www.infosecurity-magazine.com Read the original article: NIS2 Confusion: Concerns Over Readiness as Deadline Reached

Read more →

CISA released the third edition of SBOM guidelines to enhance software component transparency This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Improvements in US Software Supply Chain Transparency

Read more →

A new Bugcrowd study shows 71% of ethical hackers now see AI boosting hacking value, up from 21% in 2023 This article has been indexed from www.infosecurity-magazine.com Read the original article: Ethical Hackers Embrace AI Tools Amid Rising Cyber Threats

Read more →

A surge in phishing emails claiming to be from Starbucks is offering recipients a “free Coffee Lovers Box” in an attempt to steal personal or install malware on devices This article has been indexed from www.infosecurity-magazine.com Read the original article:…

Read more →

New NCSC CEO Dr Richard Horne warned in a speech that there is a widening gap between escalating threats and society’s ability to defend against them This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Threats Escalating…

Read more →

The new set of specifications could enable users to securely move passkeys and all other credentials across providers This article has been indexed from www.infosecurity-magazine.com Read the original article: FIDO Alliance Proposes New Passkey Exchange Standard

Read more →

DigiCert says imminent crypto threat from quantum computing has been over-hyped This article has been indexed from www.infosecurity-magazine.com Read the original article: Experts Play Down Significance of Chinese Quantum “Hack”

Read more →

New government grants for AI safety research are designed to fund work into deepfakes and other cyber risks This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Launches AI Safety Scheme to Tackle Deepfakes

Read more →

Researchers have discovered a new cyber-attack method called ConfusedPilot that can manipulate AI-generated responses by injecting malicious content into documents referenced by AI systems This article has been indexed from www.infosecurity-magazine.com Read the original article: New ConfusedPilot Attack Targets AI…

Read more →

Cyber threats surge ahead of the 2024 election, including phishing, ransomware and Darknet activity This article has been indexed from www.infosecurity-magazine.com Read the original article: Darknet Activity Increases Ahead of 2024 Presidential Vote

Read more →

The service, developed in collaboration with Cloudflare and Accenture, is available for UK schools and most education service providers This article has been indexed from www.infosecurity-magazine.com Read the original article: UK: NCSC Offers Education Organizations Free Cyber Services

Read more →

Most organizations are not prepared for the post-quantum threat, despite the recent publication of NIST’s first three finalized post-quantum encryption standards This article has been indexed from www.infosecurity-magazine.com Read the original article: Most Organizations Unprepared for Post-Quantum Threat

Read more →

Microsoft has observed nation states ramping up cooperation with cybercriminals to conduct operations in the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft: Nation-States Team Up with Cybercriminals for Attacks

Read more →

The sophisticate campaign, ErrorFather, employs keylogging, virtual networks and a domain generation algorithm to target Android users This article has been indexed from www.infosecurity-magazine.com Read the original article: Cerberus Android Banking Trojan Deployed in New Multi-Stage Malicious Campaign

Read more →

Coalition’s new service aims to mitigate the impact of growing UK corporate fraud losses This article has been indexed from www.infosecurity-magazine.com Read the original article: Insurer Aims to “Clawback” BEC Losses After £1.4m Success

Read more →

Zscaler has found more than 200 malicious apps on Google Play with over eight million installs This article has been indexed from www.infosecurity-magazine.com Read the original article: Eight Million Users Install 200+ Malicious Apps from Google Play

Read more →

Online scammers are targeting Booking.com and Airbnb users with Telekopye, a Telegram-based toolkit This article has been indexed from www.infosecurity-magazine.com Read the original article: Telekopye Scammers Target Booking.com and Airbnb Users

Read more →

CISA urged organizations to tackle security risks from unencrypted cookies in F5 BIG-IP LTM systems This article has been indexed from www.infosecurity-magazine.com Read the original article: CISA Urges Encryption of Cookies in F5 BIG-IP Systems

Read more →

The US DoD has finalized the Cybersecurity Maturity Model Certification (CMMC) Program, which defense contractors must pass to bid for government contracts This article has been indexed from www.infosecurity-magazine.com Read the original article: US DoD Tightens Cybersecurity Standards for Defense…

Read more →

Personal data of over 2600 employees has been exposed and insider information about the Switch 2 and future Pokémon games leaked This article has been indexed from www.infosecurity-magazine.com Read the original article: Pokémon Developer Game Freak Suffers Data Breach

Read more →

Japanese electronics firm Casio has reported a ransomware attack and data breach This article has been indexed from www.infosecurity-magazine.com Read the original article: Casio Confirms Ransomware Outage and Data Breach

Read more →

Sophos claims that a lack of cybersecurity talent is considered a major risk by SMBs This article has been indexed from www.infosecurity-magazine.com Read the original article: Skills Shortages Now a Top-Two Security Risk for SMBs

Read more →

NHS England has issued an alert regarding a critical Veeam Backup & Replication vulnerability that is being actively exploited, potentially leading to remote code execution This article has been indexed from www.infosecurity-magazine.com Read the original article: NHS England Warns of…

Read more →

Access Now announced that the US Customs and Border Protection agency released records on its app following the NGO’s lawsuit This article has been indexed from www.infosecurity-magazine.com Read the original article: US Border Agency Under Fire for App’s Handling of…

Read more →

Russian-backed APT29 has been spying on US and European organizations since at least 2021, a US-UK joint advisory said This article has been indexed from www.infosecurity-magazine.com Read the original article: Russia’s SVR Targets Zimbra, TeamCity Servers for Cyber Espionage

Read more →

A new Sonatype report reveals a 156% surge in open source malware, with over 704,102 malicious packages identified since 2019, as OSS adoption continues to skyrocket This article has been indexed from www.infosecurity-magazine.com Read the original article: Sonatype Reports 156%…

Read more →

Operation MiddleFloor targets Moldova’s October elections, spreading EU disinformation via email This article has been indexed from www.infosecurity-magazine.com Read the original article: Disinformation Campaign Targets Moldova Ahead of EU Referendum

Read more →

The data breach exposed more than 10m customer conversations from an AI call center platform in the Middle East This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 10m Conversations Exposed in AI Call Center Hack

Read more →

The EU’s Cyber Resilience Act requires cybersecurity standards for all connected products throughout their entire lifecycle This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Adopts Cyber Resilience Act for Connected Devices

Read more →

Marriott will pay $52m to 50 US states for a data breach impacting 131.5 million American customers, and has agreed to implement stronger security practices This article has been indexed from www.infosecurity-magazine.com Read the original article: Marriott Agrees $52m Settlement…

Read more →

The non-profit digital library was also hit by at least two DDoS attacks in two days This article has been indexed from www.infosecurity-magazine.com Read the original article: Internet Archive Breached, 31 Million Records Exposed

Read more →

Two former RAC employees have been handed suspended prison sentences for trading in personal data This article has been indexed from www.infosecurity-magazine.com Read the original article: Former RAC Employees Get Suspended Sentence for Data Theft

Read more →

Supply chain victim numbers surge as more than 240 million US residents are impacted by data breaches in Q3 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: Over 240 Million US Breach Victims Recorded in Q3

Read more →

The privacy flaw in Apple’s iPhone mirroring feature enables personal apps on an iPhone to be listed in a company’s software inventory when the feature is used on work computers This article has been indexed from www.infosecurity-magazine.com Read the original…

Read more →

New BeaverTail malware targets tech job seekers via fake recruiters on LinkedIn and X This article has been indexed from www.infosecurity-magazine.com Read the original article: New BeaverTail Malware Targets Job Seekers via Fake Recruiters

Read more →

Barracuda researchers have identified a new wave of QR code phishing attacks that evade traditional security measures and pose a significant threat to email security This article has been indexed from www.infosecurity-magazine.com Read the original article: New Generation of Malicious…

Read more →

The UK government’s Cyber Team Competition offer applicants the chance to receive advanced training, mentorship and networking opportunities This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Launches New Competition to Spur Cybersecurity Careers

Read more →

The Australian government’s Cyber Security Bill 2024 will mandate cybersecurity standards for smart devices and introduce ransomware reporting requirements This article has been indexed from www.infosecurity-magazine.com Read the original article: Australia Introduces First Standalone Cybersecurity Law

Read more →

The Appeals Centre Europe is supported by Meta’s Oversight Board Trust and certified by Ireland’s media regulator This article has been indexed from www.infosecurity-magazine.com Read the original article: New EU Body to Centralize Complaints Against Facebook, TikTok, YouTube

Read more →

Ivanti’s Cloud Services Appliance is being targeted by threat actors exploiting three zero-day bugs This article has been indexed from www.infosecurity-magazine.com Read the original article: Ivanti: Three CSA Zero-Days Are Being Exploited in Attacks

Read more →

October’s Patch Tuesday saw Microsoft patch over 100 CVEs including five zero-day vulnerabilities This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft Fixes Five Zero-Days in October Patch Tuesday

Read more →

American Water, the largest water utility in the US, discovered a cyber-attack impacting internal systems on October 3 This article has been indexed from www.infosecurity-magazine.com Read the original article: American Water Hit by Cyber-Attack, Billing Systems Disrupted

Read more →

American Water, the largest water utility in the US, discovered a cyber-attack impacting internal systems on October 3 This article has been indexed from www.infosecurity-magazine.com Read the original article: American Water Hit by Cyberattack, Billing Systems Disrupted

Read more →

Tenable’s latest report reveals 38% of organizations face risks from a “toxic cloud triad” of security gaps This article has been indexed from www.infosecurity-magazine.com Read the original article: Cloud Security Risks Surge as 38% of Firms Face Exposures

Read more →

Secureworks reports a 30% increase in active ransomware groups despite law enforcement efforts, with 31 new groups emerging in the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: 31 New Ransomware Groups Join the Ecosystem…

Read more →

Iran is targeting the US presidential race, China the congressional races, and Russia both This article has been indexed from www.infosecurity-magazine.com Read the original article: US Warns of Foreign Interference in Congressional Races Ahead of Election

Read more →

A UN report found that organized crime groups in the region have rapidly integrated malware, generative AI and deepfakes to enhance their fraud activities This article has been indexed from www.infosecurity-magazine.com Read the original article: Cyber Fraud Cost up to…

Read more →

Europol claims its EMPACT operation has revealed dozens of human trafficking victims and suspects This article has been indexed from www.infosecurity-magazine.com Read the original article: Global Police Track Human Traffickers in Online Crackdown

Read more →

MoneyGram has issued a data breach notification to customers following a security incident This article has been indexed from www.infosecurity-magazine.com Read the original article: MoneyGram Reveals Data Breach After Incident Downed Services

Read more →

UMG, a major music corporation, reported a July 2024 data breach affecting 680 US residents This article has been indexed from www.infosecurity-magazine.com Read the original article: Universal Music Group Admits Data Breach

Read more →

GoldenJackal targeted air-gapped government systems from May 2022 to March 2024, ESET found This article has been indexed from www.infosecurity-magazine.com Read the original article: Advanced Threat Group GoldenJackal Exploits Air-Gapped Systems

Read more →

The UK NCSC found that there is a lot of confusion between board members and security leaders of who is responsible for cybersecurity within their organizations This article has been indexed from www.infosecurity-magazine.com Read the original article: Board-CISO Mismatch on…

Read more →

The UK’s ICO said the framework is designed to help businesses build trust and encourage a positive data protection culture This article has been indexed from www.infosecurity-magazine.com Read the original article: ICO Releases New Data Protection Audit Framework

Read more →

Risk managers association FERMA has warned that new EU cyber legislation means there is an inconsistent approach to incident reporting requirements This article has been indexed from www.infosecurity-magazine.com Read the original article: EU Urged to Harmonize Incident Reporting Requirements

Read more →

A new O’Reilly survey showed a shortage of AI security skills, while AI-enabled security tools become tech professionals’ top priority for the coming year This article has been indexed from www.infosecurity-magazine.com Read the original article: Tech Professionals Highlight Critical AI…

Read more →

The Chartered Trading Standards Institute is concerned a new cap on fraud reimbursement is too low This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraud Repayment Rules Could Leave Victims Struggling, CTSI Claims

Read more →

The Chartered Trading Standards Institute is concerned a new cap on fraud reimbursement is too low This article has been indexed from www.infosecurity-magazine.com Read the original article: Fraud Repayment Rules Could Leave Victims Struggling – Non-Profit

Read more →

A new scam detection tool from Get Safe Online uses AI to help individuals and small businesses protect themselves This article has been indexed from www.infosecurity-magazine.com Read the original article: Get Safe Online Launches New Scam Detector

Read more →

Infosecurity recently joined an Immersive Labs Cyber Drill to experience how organizations can enhance their preparedness through training and simulations This article has been indexed from www.infosecurity-magazine.com Read the original article: How Confidence Between Teams Impacts Cyber Incident Outcomes

Read more →

Cisco Talos has observed the financially motivated threat actor targeting organizations globally with a MedusaLocker ransomware variant called “BabyLockerKZ” This article has been indexed from www.infosecurity-magazine.com Read the original article: New MedusaLocker Ransomware Variant Deployed by Threat Actor

Read more →

A UK court has fined Sellafield Ltd £332,500 for cybersecurity failings related to the running of the Sellafield nuclear facility This article has been indexed from www.infosecurity-magazine.com Read the original article: Sellafield Fined for Cybersecurity Failures at Nuclear Site

Read more →

The Counter Ransomware Initiative has released new guidance discouraging organizations from making ransomware payments This article has been indexed from www.infosecurity-magazine.com Read the original article: CRI Releases Guidance on Avoiding Ransomware Payments

Read more →

The new LiteSpeed Cache flaw (CVE-2024-47374) allows unauthenticated code injection across more than six million active installations This article has been indexed from www.infosecurity-magazine.com Read the original article: Litespeed Cache Plugin Flaw Allows XSS Attack, Update Now

Read more →

Microsoft and the US government have collectively seized over 100 websites used by Russian nation-state actor Star Blizzard This article has been indexed from www.infosecurity-magazine.com Read the original article: Microsoft and US Government Disrupt Russian Star Blizzard Operations

Read more →

China-aligned CeranaKeeper discovered targeting Thai govt institutions using cloud services for data exfiltration This article has been indexed from www.infosecurity-magazine.com Read the original article: CeranaKeeper Emerges as New Threat to Thai Government Networks

Read more →

A new report by Red Canary has found that while cybersecurity budgets have risen, many security leaders still feel overwhelmed by the growing threat landscape This article has been indexed from www.infosecurity-magazine.com Read the original article: Cybersecurity Spending on the…

Read more →

The ICO blamed the Police Service of Northern Ireland for procedural failings that exposed the personal data of 9843 personnel, putting police officers at risk This article has been indexed from www.infosecurity-magazine.com Read the original article: Northern Ireland Police Data…

Read more →

Researchers see an uptick in crypto-doubling investment scams following the first presidential debate This article has been indexed from www.infosecurity-magazine.com Read the original article: Crypto-Doubling Scams Surge Following Presidential Debate

Read more →

Egress found that attackers are becoming more adept at bypassing email security, such as using compromised accounts and the use of commodity campaigns This article has been indexed from www.infosecurity-magazine.com Read the original article: Email Phishing Attacks Surge as Attackers…

Read more →

Threat group FIN7 is hiding infostealer malware on sites promising AI deepnude downloads This article has been indexed from www.infosecurity-magazine.com Read the original article: FIN7 Gang Hides Malware in AI “Deepnude” Sites

Read more →

The ACSC, in collaboration with CISA and international partners, has released a guide for securing operational technology in critical sectors This article has been indexed from www.infosecurity-magazine.com Read the original article: ACSC and CISA Launch Critical OT Cybersecurity Guidelines

Read more →

North Korean APT Stonefly continues to launch cyber-attacks on US firms despite July indictment This article has been indexed from www.infosecurity-magazine.com Read the original article: Stonefly Group Targets US Firms With New Malware Tools

Read more →

A Black Kite report found that 67% of manufacturing firms have at least one vulnerability from CISA’s Known Exploited Vulnerabilities (KEV) catalog This article has been indexed from www.infosecurity-magazine.com Read the original article: 80% of Manufacturing Firms Have Critical Vulnerabilities

Read more →

Meta has announced a new information-sharing partnership with UK financial institutions to target social media fraud This article has been indexed from www.infosecurity-magazine.com Read the original article: Meta Teams Up with Banks to Target Fraudsters

Read more →

Socura finds the percentage of women in cybersecurity positions has fallen seven percentage points since 2021 to 17% This article has been indexed from www.infosecurity-magazine.com Read the original article: Share of Women in UK Cyber Roles Now Just 17%

Read more →

UK hacker Robert Westbrook allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information This article has been indexed from www.infosecurity-magazine.com Read the original article: British Hacker Charged in the US For $3.75m Insider Trading…

Read more →

UMC in Lubbock, Texas, confirmed a ransomware attack last week, disrupting patient care and IT systems This article has been indexed from www.infosecurity-magazine.com Read the original article: Ransomware Attack Forces UMC to Divert Emergency Patients

Read more →

The UK has sanctioned 16 members of the notorious Russian hacking group Evil Corp, exposing their links to the prolific LockBit ransomware group This article has been indexed from www.infosecurity-magazine.com Read the original article: Evil Corp’s LockBit Ties Exposed in…

Read more →

T-Mobile will pay $15.75m to the US Treasury for multiple data breaches in 2021, 2022 and 2023 and has agreed to invest in improved cybersecurity defenses This article has been indexed from www.infosecurity-magazine.com Read the original article: T-Mobile to Pay…

Read more →

New Santander research claims 10 million UK consumers have suffered fraud since 2021, costing the economy £16bn This article has been indexed from www.infosecurity-magazine.com Read the original article: Ten Million Brits Hit By Fraud in Just Three Years

Read more →

New ISACA research reveals most cybersecurity teams are suffering from staffing and funding shortages This article has been indexed from www.infosecurity-magazine.com Read the original article: ISACA: European Security Teams Are Understaffed and Underfunded

Read more →

The vulnerability, discovered by Wiz researchers, affects both cloud-based and on-premises AI applications using the toolkit This article has been indexed from www.infosecurity-magazine.com Read the original article: NVIDIA Container Toolkit Vulnerability Exposes AI Systems to Risk

Read more →

The newly identified vulnerabilities exploit improper input validation when managing printer requests over the network This article has been indexed from www.infosecurity-magazine.com Read the original article: Critical RCE Vulnerabilities Found in Common Unix Printing System

Read more →