Infosecurity News
Patient Data at Risk in MediSecure Ransomware Attack
Electronic prescriptions provider MediSecure said the attack originated from a third-party vendor, and has impacted individuals’ personal and health information
Windows Quick Assist Exploited in Ransomware Attacks
Microsoft warned Storm-1811 started vishing attacks in April to gain access to target devices
SugarGh0st RAT Variant Used in Targeted AI Industry Attacks
Proofpoint said the attackers modified registry key names for persistence
53,000 Employees' Social Security Numbers Exposed in Nissan Data Breach
Car manufacturer Nissan revealed that over 53,000 of its North America employees had their social security numbers accessed by a ransomware attacker
CISO Confidence in AI Security Grows as GenAI Adoption Rises
Nearly six out of ten surveyed ClubCISO members are confident AI is used securely in their organizations
UK Lags Europe on Exploited Vulnerability Remediation
UK organizations are less likely than their European peers to have known exploited bugs but take longer to fix them
BreachForums Hacking Marketplace Taken Down Again
The FBI claims to have seized the domain and servers of hacking forum BreachForums
Cyber-Attack Disrupts Christie’s $840M Art Auctions
Despite this setback, the auction house said bids can still be placed by phone and in-person
PDF Exploitation Targets Foxit Reader Users
CPR said exploit builders in .NET and Python have been employed to deploy this malware
NCSC Expands Election Cybersecurity to Safeguard Candidates and Officials
The National Cyber Security Centre launches an opt-in Personal Internet Protection service to safeguard individuals from cyber threats during the upcoming election
Google Expands Synthetic Content Watermarking Tool to AI-Generated Text
Google DeepMind’s SynthID can now be used to watermark AI-generated images, audio, text and video
Santander Customer Data Compromised Following Third-Party Breach
Santander has warned that customer and employee data has been breached following unauthorized access to a database held by a third-party provider
Current Market Forces Disincentivizing Cybersecurity, Says NCSC CTO
NCSC CTO argues current market rewards prioritize cost over security, hindering the development of secure technology
A Third of CISOs Have Been Dismissed “Out of Hand” by the Board
Trend Micro research claims CISOs are often ignored or dismissed as “nagging” by their board
Microsoft Fixes Three Zero-Days in May Patch Tuesday
Microsoft has released patches for three zero-day vulnerabilities including two actively exploited in the wild
Data Breaches in US Schools Exposed 37.6M Records
Comparitech said 2023 was a record year for breaches with 954 reported, up from 139 in 2022 and 783 in 2021
Ebury Botnet Operators Diversify with Financial and Crypto Theft
The 15-year-old Ebury botnet is more active than ever, as ESET found 400,000 Linux servers compromised for cryptocurrency theft and financial gain
CISA and Partners Unveil Cybersecurity Guide For Civil Society Groups
The guide is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses
NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stalled
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US National Vulnerability Database (NVD) since May 9
China Presents Defining Challenge to Global Cybersecurity, Says GCHQ
GCHQ chief warns China's cyber actions threaten global internet security, while Russia and Iran pose immediate risks
