Infosecurity News

  1. Pharma Giant Cencora Reports Cybersecurity Breach

    The breach was discovered on February 21 2024, according to an SEC filing published on the same day

  2. Savvy Seahorse Targets Investment Platforms With DNS Scams

    Infoblox said Savvy Seahorse uses fake ChatGPT and WhatsApp bots to lure victims

  3. Dark Web Market Revenues Rebound but Sector Fragments

    Chainalysis study of crypto flows reveals darknet markets made $1.7bn in 2023

  4. US Government Warns Healthcare is Biggest Target for BlackCat Affiliates

    The US government advisory warns healthcare organizations are being targeted by BlackCat amid an ongoing cyber-incident affecting Change Healthcare

  5. TimbreStealer Malware Targets Mexican Victims with Tax-Related Lures

    The maker of the Mispadu Trojan started distributing a new infostealer with financial lures to Mexican users, Cisco Talos found

  6. Biden Bans Mass Sale of Data to Hostile Nations

    A new presidential executive order attempts to prevent the mass sales of personal data to countries like China and Russia

  7. FBI Issues Alert on Russian Threats Targeting Ubiquiti Routers

    The routers were hijacked to steal credentials, proxy traffic, and host phishing pages and custom tools

  8. 34 Million Roblox Credentials Exposed on Dark Web in Three Years

    Kaspersky reported a 231% surge in compromised accounts from 4.7 million in 2021 to 15.5 million in 2023

  9. How Security Leaders Can Break Down Barriers to Enable Digital Trust

    ISACA's Rob Clyde and Pam Nigro discuss how to advance digital trust in a security context

  10. UK ICO Vows to Safeguard Privacy in AI Era, Rules Out Bespoke Regulation

    UK Information Commissioner John Edwards explains how the ICO is working to provide clarity around the lawful use of AI

  11. Over Half of UK Firms Concerned About Insider Threats

    Cifas claims that most business decision makers are worried about fraudsters targeting employees

  12. Ads for Zero-Day Exploit Sales Surge 70% Annually

    Group-IB research warns of rising use of zero-day threats in targeted attacks

  13. Industrial Cyber Espionage France's Top Threat Ahead of 2024 Paris Olympics

    Ransomware and destabilization attacks rose in 2023, yet France’s National Cybersecurity Agency is most concerned about a diversification of cyber espionage campaigns

  14. Four Million WordPress Sites Vulnerable to LiteSpeed Plugin Flaw

    The flaw, discovered by Patchstack, stems from a lack of input sanitization and output escaping in the plugin’s code

  15. NIST Releases Final Version of Cybersecurity Framework 2.0

    NIST has made further tweaks to Version 2.0 of its Cybersecurity Framework following feedback from the cybersecurity community

  16. Half of IT Leaders Identify IoT as Security Weak Point

    The Viakoo study also said 50% firms faced IoT cyber incidents in past year, 44% of which were severe

  17. Most Commercial Code Contains High-Risk Open Source Bugs

    Synopsys report reveals 74% of codebases now contain risky open source components

  18. 69% of Organizations Infected by Ransomware in 2023

    Proofpoint found that 69% of organizations experienced a successful ransomware incident in the past year, with 60% hit on four or more occasions

  19. Business Logic Abuse Dominates as API Attacks Surge

    Imperva finds attacks targeting API business logic increased to 27% in 2023

  20. White House Urges Tech Industry to Eliminate Memory Safety Vulnerabilities

    A new White House report has urged software and hardware developers to adopt memory safe programming languages, and eliminate one of the most pervasive classes of bugs

Why Not Watch?

  1. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  2. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  3. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  4. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

What’s Hot on Infosecurity Magazine?