Infosecurity News
#RSAC: Two-Thirds of Organizations Failing to Address AI Risks, ISACA Finds
An ISACA survey found that just a third of organizations are adequately addressing security, privacy and ethical risks with AI
RSAC: Decoding US Government Plans to Shift the Software Security Burden
US government officials discussed plans on how to incentivize security by design principles in the software manufacturing process during RSA
RSAC: Log4J Still Among Top Exploited Vulnerabilities, Cato Finds
A new report by Cato Networks found that exploiting old vulnerabilities in unpatched systems is one of threat actors’ favorite initial access vectors
Ransomware Strikes Wichita, Services Disrupted
Online payment systems, such as those for water bills and court citations, are still offline
LockBit Leader aka LockBitSupp Identity Revealed
Russian national Dmitry Yuryevich Khoroshev is behind the LockBitSupp persona, law enforcement revealed
RSAC: Three Battle-Tested Tips for Surviving a Cyber-Attack
CISOs share their experience of managing real-life cyber incidents provide their recommendations to survive cyber-attacks
Report Shows AI Fraud, Deepfakes Are Top Challenges For Banks
Mitek surveyed 1500 financial services risk and innovation professionals in UK, US and Spain
BTC-e $9bn Crypto-Money Launderer Pleads Guilty
Russian national Alexander Vinnik has pleaded guilty to his role in a multibillion-dollar money laundering conspiracy
China Suspected After Major MoD Payroll Breach
Reports claim state-backed hackers accessed sensitive personal and financial information on UK military personnel
RSAC: Antony Blinken Highlights Urgency in Securing Foundational Tech
US Secretary of State Antony Blinken said that the US and its allies must work together to ensure foundational technologies are used for the betterment of humanity
RSAC: Threat Actors Weaponize Hacktivism for Financial Gain
Recorded Future’s Alexander Leslie highlights the increasingly blurred lines between hacktivism, financial cybercrime and nation-state activities during the RSA Conference 2024
RSAC: Law Enforcement Takedowns Force Ransomware Affiliates to Diversify
A new Chainalysis report showed that recent law enforcement operations have pushed ransomware affiliates to increasingly use multiple strains in order to stay afloat
RSAC: 70% of Businesses Prioritize Innovation Over Security in Generative AI Projects
An IBM report found that most organizations are exposing themselves to security risks when implementing generative AI tools
North Korean Hackers Spoofing Journalist Emails to Spy on Policy Experts
The US warns that the North Korea-linked Kimsuky group is exploiting poorly configured DMARC protocols to spoof legitimate domains in espionage phishing campaigns
Indonesia is a Spyware Haven, Amnesty International Finds
Amnesty International found in Indonesia a murky ecosystem of surveillance suppliers, brokers and resellers that obscures the sale and transfer of surveillance technology
Android Flaw Affected Apps With 4 Billion Installs
Microsoft illustrated the severity of the issue via a case study involving Xiaomi’s File Manager
Hackers Target New NATO Member Sweden with Surge of DDoS Attacks
Sweden experienced a wave of DDoS attacks as the country was working towards joining NATO, Netscout found
Three-Quarters of CISOs Admit App Security Incidents
Dynatrace research claims global CISOs are concerned AI is driving advanced app security threats and poor developer practices
Security Breach Exposes Dropbox Sign Users
Attackers accessed emails, usernames, phone numbers, hashed passwords and authentication information
REvil Ransomware Affiliate Sentenced to Over 13 Years in Prison
A US court has sentenced a Ukrainian national to 13 years and seven months in prison for his role in over 2500 ransomware attacks using the REvil strain
