Infosecurity News

  1. Attackers Exploit URL Protections to Disguise Phishing Links

    Barracuda has observed attackers using three different URL protection services to mask their phishing URLs, bypassing email security tools

  2. Pharmacy Giant Rite Aid Hit By Ransomware

    US pharmacy chain Rite Aid has confirmed a cybersecurity ‘incident’ in June

  3. Google Lines Up $23bn Swoop For Startup Wiz Security

    Google is in talks to acquire security startup Wiz Security

  4. Hackers Downloaded Call Logs from Cloud Platform in AT&T Breach

    AT&T discloses data breach where hackers accessed customer call logs from a cloud platform in April

  5. Indiana County Files Disaster Declaration Following Ransomware Attack

    Clay County, Indiana, said a ransomware attack has prevented the administration of critical services, leading to a disaster declaration being filed

  6. Snowflake Breach at Advance Auto Parts Hits 2.3 Million People

    Advance Auto Parts has confirmed a breach of its Snowflake account will impact millions

  7. NATO Set to Build New Cyber Defense Center

    NATO members have agreed to develop a new integrated facility to help improve collective cyber-resilience

  8. CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities

    An alert from the CISA and the FBI has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities

  9. Fraud Campaign Targets Russians with Fake Olympics Tickets

    Operation Ticket Heist involves 700 web domains to sell fake Olympic Games tickets to a Russian-speaking audience, QuoIntelligence has found

  10. Ransomware Surges Annually Despite Law Enforcement Takedowns

    Symantec figures suggest a 9% annual increase claimed ransomware attacks

  11. Huione Guarantee Marketplace Exposed as Front for Cybercrime

    Researchers at Elliptic claim multibillion dollar Huione Guarantee platform is enabler of scams and money laundering

  12. Smishing Triad Targets India with Fraud Surge

    Smishing Triad's MO involves registering fraudulent domain names that mimic legitimate organizations

  13. Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability

    For trusted senders, the flaw is zero-click, but requires one-click interactions for untrusted ones

  14. Ransomware Groups Prioritize Defense Evasion for Data Exfiltration

    A Cisco report highlighted TTPs used by the most prominent ransomware groups to evade detection, establish persistence and exfiltrate sensitive data

  15. Russian Media Uses AI-Powered Software to Spread Disinformation

    RT leverages the Meliorator software to create fake personas on social media, US, Canadian and Dutch agencies have found

  16. Most Security Pros Admit Shadow SaaS and AI Use

    Next DLP study finds majority of security professionals have used unauthorised apps in past year

  17. Microsoft Fixes Four Zero-Days in July Patch Tuesday

    Microsoft has addressed two actively exploited and two publicly disclosed zero-day bugs this month

  18. Cyber-Attack on Evolve Bank Exposed Data of 7.6 Million Customers

    In a statement on Monday, Evolve confirmed the breach includes over 20,000 customers in Maine

  19. Eldorado Ransomware Strikes Windows and Linux Networks

    Group-IB also revealed the ransomware uses Chacha20 and RSA-OAEP for encryption

  20. Chinese State Actor APT40 Exploits N-Day Vulnerabilities “Within Hours”

    A joint government advisory warned that the Chinese state-sponsored actor APT40 is capable of immediately exploiting newly public vulnerabilities in widely used software

Why Not Watch?

  1. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

  2. Mastering AI Security With ISACA’s New AAISM Certification

  3. Modernizing GRC: From Checkbox to Strategic Advantage

  4. How To Enhance Security Operations with AI-Powered Defenses

What’s Hot on Infosecurity Magazine?