Infosecurity News

  1. Avast Provides DoNex Ransomware Decryptor to Victims

    Researchers at Avast found a flaw in the cryptographic schema of the DoNex ransomware and have been sending out decryptor keys to victims since March 2024

  2. Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection

    Study confirms most manufacturers with DMARC don’t have it configured to most secure policy

  3. Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak

    Tickets to Foo Fighters, Aerosmith, Pink and Usher gigs have been leaked by a threat actor trying to extort Ticketmaster

  4. New APT CloudSorcerer Malware Hits Russian Targets

    The malware issues commands via a hardcoded charcode table and Microsoft COM object interfaces

  5. Mekotio Trojan Targets Latin American Banking Credentials

    Trend Micro said the trojan has been observed masquerading as communications from tax agencies

  6. Cisco Warns regreSSHion Vulnerability Impacts Multiple Products

    Cisco has told customers that 42 of its products are impacted by the OpenSSH regreSSHion vulnerability, with a further 51 products being investigated

  7. Russia Blocks VPN Services in Information Crackdown

    The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens

  8. Crypto Thefts Double to $1.4 Billion, TRM Labs Finds

    Higher average token prices are the likely cause of the surge rather than a change in the crypto threat landscape

  9. 10 Billion Passwords Leaked on Hacking Forum

    A Cybernews investigation found that nearly 10 billion unique passwords have been posted on a popular hacking forum, putting users worldwide at risk of account compromises

  10. Vinted Fined €2.3m Over Data Protection Failure

    The Lithuanian data protection authority has imposed a fine of almost $2.5m on second-hand specialist Vinted for breaching GDPR

  11. EU Opens Applications for Cybersecurity and Digital Skills Funding

    The EU’s Digital Europe Programme (DEP) will provide over €210m in funding for cybersecurity and digital skills projects

  12. Europol Warns of Home Routing Challenges For Lawful Interception

    Law Enforcement Agencies can’t intercept communications without an agreement disabling PET in home routing

  13. Meta Faces Suspension of AI Data Training in Brazil

    The action comes in response to concerns over the company’s updated privacy policy

  14. Over $1bn in Cryptocurrency Lost to Web3 Cyber Incidents in 2024

    Certik observed the loss of $1.1bn worth of cryptocurrency across Web3 platforms in the first half of 2024, with phishing the most common vector

  15. Gamers' Data Exposed in RPG Platform Roll20 Breach

    Roll20 confirmed its administrative website account was accessed by a “bad actor,” leaving its users’ personal information exposed

  16. New Ransomware Group Phones Execs to Extort Payment

    Researchers claim the Volcano Demon ransomware group personally phone victims to pressure them into paying

  17. UK’s NCA Leads Major Cobalt Strike Takedown

    Global law enforcers have share intelligence leading to the takedown of hundreds of IP addresses hosting Cobalt Strike

  18. WordPress Plugins at Risk From Polyfill Library Compromise

    The attack exploits the polyfill.io domain, which was recently acquired by Funnull, a China-based entity

  19. Microsoft Uncovers Major Flaws in Rockwell PanelView Plus

    The vulnerabilities stem from manipulable custom classes in PanelView Plus

  20. Cyber Extortion Soars: SMBs Hit Four Times Harder

    Orange Cyberdefense’s latest Cy-Xplorer report shows a 77% rise in cyber extortion, with SMBs impacted 4.2 times more often than large enterprises

Why Not Watch?

  1. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

  2. Securing M365 Data and Identity Systems Against Modern Adversaries

  3. Audit & Compliance in the Era of AI and Emerging Technology

  4. How To Enhance Security Operations with AI-Powered Defenses

What’s Hot on Infosecurity Magazine?