Infosecurity News
Hacktivist Groups Target Romania Amid Geopolitical Tensions
CyberDragon and Cyber Army of Russia, among others, have claimed responsibility for the attacks
Half of SMEs Unprepared for Cyber-Threats
JumpCloud found that half of SME IT teams believe they lack the resources and staffing to defend their organization against cyber-threats
Kaspersky to Quit US Following Commerce Department Ban
Russian AV-maker Kaspersky is set to shutter its US operations from Saturday
Two-Fifths of Senior Citizens Suffer Frequent Fraud Attempts
A Portsmouth University study finds that large numbers of elderly citizens are being harassed by phone fraudsters
CRYSTALRAY Cyber-Attacks Grow Tenfold Using OSS Tools
Sysdig said CRYSTALRAY used a variety of open source security tools to scan for vulnerabilities
WP Time Capsule Plugin Update Urged After Critical Security Flaw
The WordPress plugin has over 20,000 active installations and is used for site backups and update management
Attackers Exploit URL Protections to Disguise Phishing Links
Barracuda has observed attackers using three different URL protection services to mask their phishing URLs, bypassing email security tools
Pharmacy Giant Rite Aid Hit By Ransomware
US pharmacy chain Rite Aid has confirmed a cybersecurity ‘incident’ in June
Google Lines Up $23bn Swoop For Startup Wiz Security
Google is in talks to acquire security startup Wiz Security
Hackers Downloaded Call Logs from Cloud Platform in AT&T Breach
AT&T discloses data breach where hackers accessed customer call logs from a cloud platform in April
Indiana County Files Disaster Declaration Following Ransomware Attack
Clay County, Indiana, said a ransomware attack has prevented the administration of critical services, leading to a disaster declaration being filed
Snowflake Breach at Advance Auto Parts Hits 2.3 Million People
Advance Auto Parts has confirmed a breach of its Snowflake account will impact millions
NATO Set to Build New Cyber Defense Center
NATO members have agreed to develop a new integrated facility to help improve collective cyber-resilience
CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities
An alert from the CISA and the FBI has urged software manufacturers to work towards the elimination of operating system (OS) command injection vulnerabilities
Fraud Campaign Targets Russians with Fake Olympics Tickets
Operation Ticket Heist involves 700 web domains to sell fake Olympic Games tickets to a Russian-speaking audience, QuoIntelligence has found
Ransomware Surges Annually Despite Law Enforcement Takedowns
Symantec figures suggest a 9% annual increase claimed ransomware attacks
Huione Guarantee Marketplace Exposed as Front for Cybercrime
Researchers at Elliptic claim multibillion dollar Huione Guarantee platform is enabler of scams and money laundering
Smishing Triad Targets India with Fraud Surge
Smishing Triad's MO involves registering fraudulent domain names that mimic legitimate organizations
Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability
For trusted senders, the flaw is zero-click, but requires one-click interactions for untrusted ones
Ransomware Groups Prioritize Defense Evasion for Data Exfiltration
A Cisco report highlighted TTPs used by the most prominent ransomware groups to evade detection, establish persistence and exfiltrate sensitive data
