Infosecurity News

  1. Litespeed Cache Plugin Flaw Allows XSS Attack, Update Now

    The new LiteSpeed Cache flaw (CVE-2024-47374) allows unauthenticated code injection across more than six million active installations

  2. Microsoft and US Government Disrupt Russian Star Blizzard Operations

    Microsoft and the US government have collectively seized over 100 websites used by Russian nation-state actor Star Blizzard

  3. CeranaKeeper Emerges as New Threat to Thai Government Networks

    China-aligned CeranaKeeper discovered targeting Thai govt institutions using cloud services for data exfiltration

  4. Cybersecurity Spending on the Rise, But Security Leaders Still Feel Vulnerable

    A new report by Red Canary has found that while cybersecurity budgets have risen, many security leaders still feel overwhelmed by the growing threat landscape

  5. Northern Ireland Police Data Leak Sees Service Fined by ICO

    The ICO blamed the Police Service of Northern Ireland for procedural failings that exposed the personal data of 9843 personnel, putting police officers at risk

  6. Crypto-Doubling Scams Surge Following Presidential Debate

    Researchers see an uptick in crypto-doubling investment scams following the first presidential debate

  7. Email Phishing Attacks Surge as Attackers Bypass Security Controls

    Egress found that attackers are becoming more adept at bypassing email security, such as using compromised accounts and the use of commodity campaigns

  8. FIN7 Gang Hides Malware in AI “Deepnude” Sites

    Threat group FIN7 is hiding infostealer malware on sites promising AI deepnude downloads

  9. ACSC and CISA Launch Critical OT Cybersecurity Guidelines

    The ACSC, in collaboration with CISA and international partners, has released a guide for securing operational technology in critical sectors

  10. Stonefly Group Targets US Firms With New Malware Tools

    North Korean APT Stonefly continues to launch cyber-attacks on US firms despite July indictment

  11. 80% of Manufacturing Firms Have Critical Vulnerabilities

    A Black Kite report found that 67% of manufacturing firms have at least one vulnerability from CISA’s Known Exploited Vulnerabilities (KEV) catalog

  12. Meta Teams Up with Banks to Target Fraudsters

    Meta has announced a new information-sharing partnership with UK financial institutions to target social media fraud

  13. Share of Women in UK Cyber Roles Now Just 17%

    Socura finds the percentage of women in cybersecurity positions has fallen seven percentage points since 2021 to 17%

  14. British Hacker Charged in the US For $3.75m Insider Trading Scheme

    UK hacker Robert Westbrook allegedly gained unauthorized access to corporate executives’ email accounts to profit from confidential financial information

  15. Evil Corp's LockBit Ties Exposed in Latest Phase of Operation Cronos

    The UK has sanctioned 16 members of the notorious Russian hacking group Evil Corp, exposing their links to the prolific LockBit ransomware group

  16. Ransomware Attack Forces UMC to Divert Emergency Patients

    UMC in Lubbock, Texas, confirmed a ransomware attack last week, disrupting patient care and IT systems

  17. T-Mobile to Pay $15.75m Penalty for Multiple Data Breaches

    T-Mobile will pay $15.75m to the US Treasury for multiple data breaches in 2021, 2022 and 2023 and has agreed to invest in improved cybersecurity defenses

  18. Ten Million Brits Hit By Fraud in Just Three Years

    New Santander research claims 10 million UK consumers have suffered fraud since 2021, costing the economy £16bn

  19. ISACA: European Security Teams Are Understaffed and Underfunded

    New ISACA research reveals most cybersecurity teams are suffering from staffing and funding shortages

  20. NVIDIA Container Toolkit Vulnerability Exposes AI Systems to Risk

    The vulnerability, discovered by Wiz researchers, affects both cloud-based and on-premises AI applications using the toolkit

What’s hot on Infosecurity Magazine?