Infosecurity News
CISA Warns Phone Scammers Are Impersonating its Staff
The US Cybersecurity and Infrastructure Security Agency has observed an uptick in vishing scams
WithSecure Reveals Mass Exploitation of Edge Software and Infrastructure Appliances
In a new report, WithSecure found that higher severity vulnerabilities in edge services and infrastructure devices are rising fast
Scattered Spider Now Affiliated with RansomHub Following BlackCat Exit
GuidePoint has assessed with high confidence that the notorious Scattered Spider group has become an affiliate of RaaS operator RansomHub
70% of Cybersecurity Pros Often Work Weekends, 64% Looking for New Jobs
Bitdefender found that 70% of cybersecurity professionals often have to work weekends to address security concerns at their organization
Chinese Hackers Leveraging 'Noodle RAT' Backdoor
The ELF backdoor, initially thought to be a variant of existing malware, has a Windows and a Linux version
Microsoft Patches One Critical and One Zero-Day Vulnerability
June Patch Tuesday sees Microsoft fix over 50 bugs, including one already publicly disclosed
Chinese FortiGate Espionage Campaign Snares 20,000+ Victims
Dutch authorities reveal that a cyber-espionage campaign using novel “Coathanger” malware was much more extensive than first thought
Phishing Attacks Targeting US and European Organizations Double
Phishing campaigns targeting European organizations rose by a staggering 112% between 2023 and 2024
Threat Actor Breaches Snowflake Customers, Victims Extorted
Mandiant warns that a financially-motivated threat actor stole a significant volume of customer data from Snowflake, and is extorting many of the victims
UK Police Arrest Two People for Smishing via Fake Cell Tower
Two individuals are believed to have used a homemade mobile antenna to send thousands of SMS phishing messages
NVIDIA and Arm Urge Customers to Patch Bugs
Chip giants NVIDIA and Arm have released details of new vulnerabilities including a zero-day bug
UK and Canadian Privacy Regulators Investigate 23andMe
The ICO and OPC have launched a joint investigation into an October 2023 breach at 23andMe
Industry Veterans and New Talent Recognised at European Cybersecurity Blogger Awards 2024
The winners of the European Cybersecurity Blogger Awards were announced at a ceremony held at Tapa Tapa, London, on June 5 at Infosecurity Europe 2024
IoT Vulnerabilities Skyrocket, Becoming Key Entry Point for Attackers
A new Forescout report found that IoT devices containing vulnerabilities surged 136% compared to a year ago, becoming a key focus for attackers
Threat Actor Claims to Leak 270GB of New York Times Data
An anonymous 4Chan user is claiming to have shared a trove of source code stolen from the New York Times
NHS Appeals For Blood and Volunteers After Cyber-Attack
London hospitals continue to suffer the after-effects of a major ransomware attack last week
EmailGPT Exposed to Prompt Injection Attacks
The flaw enables attackers to gain control over the AI service by submitting harmful prompts
#Infosec2024: Cyber Resilience Means Being Willing to Learn From a Crisis
Experts advised that crisis management and recovery is as much about communications and testing as it is about technical defense measures
Security Flaws Found in Popular WooCommerce Plugin
Despite reported attempts from Patchstack to contact the vendor, no response has been received
#Infosec2024: Collaboration is Key to an Effective Security Culture
Organizations need a culture that goes beyond reporting incidents, where the business wants to collaborate with the security team
