Infosecurity News

  1. Modular Malware Boolka’s BMANAGER Trojan Exposed

    The group has been observed exploiting vulnerabilities through SQL injection attacks since 2022

  2. Android Users Warned of Rising Malware Threat From Rafel RAT

    An earlier publication by Check Point Research had already linked Rafel to the APT-C-35/DoNot Team

  3. China-Based RedJuliett Targets Taiwan in Cyber Espionage Campaign

    The likely Chinese state-sponsored group ran espionage campaigns against Taiwan’s government, academia and diplomacy from Fuzhou, China

  4. Polish Prosecutors Step Up Probe into Pegasus Spyware Operation

    Polish prosecutors investigating a massive political spying operation have seized Pegasus from a government agency

  5. Sellafield Pleads Guilty to Historic Cybersecurity Offenses

    UK’s most hazardous nuclear site, Sellafield, has admitted criminal charges related to IT security failings

  6. Chemical Facilities Warned of Possible Data Exfiltration Following CISA Breach

    CISA has informed chemical facilities that its Chemical Security Assessment Tool (CSAT) was infiltrated by a malicious actor, and potentially exfiltrated sensitive data

  7. US Bans Kaspersky Over Alleged Kremlin Links

    Kaspersky “poses an undue or unacceptable risk to national security,” according to the US Commerce Department’s Bureau of Industry and Security

  8. Synnovis Attackers Publish NHS Patient Data Online

    Ransomware group Qilin has reportedly published nearly 400GB of data stolen following the attack on NHS provider Synnovis in early June

  9. LockBit Most Prominent Ransomware Actor in May 2024

    The LockBit ransomware group returned the fold to launch 176 attacks in May 2024 following a law enforcement takedown, NCC Group found

  10. French Diplomatic Entities Targeted by Russian-Aligned Nobelium

    The French cybersecurity agency has warned that Russian-aligned threat actor has been targeting public organizations for years

  11. Crypto Firm Kraken Calls the Cops After Researchers Attempt “Extortion”

    A cryptocurrency exchange claims to have been extorted after ‘researchers’ exploited a vulnerability to steal millions

  12. Threat Actor Claims AMD and Apple Breaches

    Notorious threat actor IntelBroker is claiming to have stolen data from Apple and AMD

  13. Quishing Campaign Targets Chinese Citizens via Fake Official Documents

    Cyber threat intelligence provider Cyble observed a new malicious QR code phishing campaign targeting Chinese citizens

  14. Cybersecurity Burnout Costing Firms $700m+ Annually

    Hack The Box research claims employee burnout could be costing hundreds of millions in lost productivity

  15. G7 to Develop Cybersecurity Framework for Energy Sector

    The G7 nations agree to develop a cybersecurity framework for key technologies used to operate electricity, oil and natural gas systems

  16. CIISec Urges Employers to Target Young Talent in Gaming Centers

    The Chartered Institute of Information Security has issued a new guide to help firms recruit more talent

  17. 92% of Organizations Hit by Credential Compromise from Social Engineering Attacks

    A Barracuda report found that 92% of organizations experienced an average of six credential compromises caused by email-based social engineering attacks in 2023

  18. Fake Meeting Software Spreads macOS Infostealer

    Recorded Future has found that Vortax, a purported virtual meeting software, is actually malicious software spreading three information stealers

  19. VMware Discloses Critical Vulnerabilities, Urges Immediate Remediation

    VMware has disclosed critical vulnerabilities impacting its VMware vSphere and VMware Cloud Foundation products, with patches available for customers

  20. Quarter of Firms Suffer an API-Related Breach

    Salt Security study finds 23% of organizations suffered a breach via production APIs in 2023

What’s hot on Infosecurity Magazine?