Infosecurity News

  1. Hackers Downloaded Call Logs from Cloud Platform in AT&T Breach

    AT&T discloses data breach where hackers accessed customer call logs from a cloud platform in April

  2. Indiana County Files Disaster Declaration Following Ransomware Attack

    Clay County, Indiana, said a ransomware attack has prevented the administration of critical services, leading to a disaster declaration being filed

  3. Snowflake Breach at Advance Auto Parts Hits 2.3 Million People

    Advance Auto Parts has confirmed a breach of its Snowflake account will impact millions

  4. NATO Set to Build New Cyber Defense Center

    NATO members have agreed to develop a new integrated facility to help improve collective cyber-resilience

  5. CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities

    An alert from the CISA and the FBI has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities

  6. Fraud Campaign Targets Russians with Fake Olympics Tickets

    Operation Ticket Heist involves 700 web domains to sell fake Olympic Games tickets to a Russian-speaking audience, QuoIntelligence has found

  7. Ransomware Surges Annually Despite Law Enforcement Takedowns

    Symantec figures suggest a 9% annual increase claimed ransomware attacks

  8. Huione Guarantee Marketplace Exposed as Front for Cybercrime

    Researchers at Elliptic claim multibillion dollar Huione Guarantee platform is enabler of scams and money laundering

  9. Smishing Triad Targets India with Fraud Surge

    Smishing Triad's MO involves registering fraudulent domain names that mimic legitimate organizations

  10. Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability

    For trusted senders, the flaw is zero-click, but requires one-click interactions for untrusted ones

  11. Ransomware Groups Prioritize Defense Evasion for Data Exfiltration

    A Cisco report highlighted TTPs used by the most prominent ransomware groups to evade detection, establish persistence and exfiltrate sensitive data

  12. Russian Media Uses AI-Powered Software to Spread Disinformation

    RT leverages the Meliorator software to create fake personas on social media, US, Canadian and Dutch agencies have found

  13. Most Security Pros Admit Shadow SaaS and AI Use

    Next DLP study finds majority of security professionals have used unauthorised apps in past year

  14. Microsoft Fixes Four Zero-Days in July Patch Tuesday

    Microsoft has addressed two actively exploited and two publicly disclosed zero-day bugs this month

  15. Cyber-Attack on Evolve Bank Exposed Data of 7.6 Million Customers

    In a statement on Monday, Evolve confirmed the breach includes over 20,000 customers in Maine

  16. Eldorado Ransomware Strikes Windows and Linux Networks

    Group-IB also revealed the ransomware uses Chacha20 and RSA-OAEP for encryption

  17. Chinese State Actor APT40 Exploits N-Day Vulnerabilities “Within Hours”

    A joint government advisory warned that the Chinese state-sponsored actor APT40 is capable of immediately exploiting newly public vulnerabilities in widely used software

  18. Avast Provides DoNex Ransomware Decryptor to Victims

    Researchers at Avast found a flaw in the cryptographic schema of the DoNex ransomware and have been sending out decryptor keys to victims since March 2024

  19. Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection

    Study confirms most manufacturers with DMARC don’t have it configured to most secure policy

  20. Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak

    Tickets to Foo Fighters, Aerosmith, Pink and Usher gigs have been leaked by a threat actor trying to extort Ticketmaster

What’s hot on Infosecurity Magazine?