Infosecurity News

  1. IBM: Identity Compromises Surge as Top Initial Access Method for Cybercriminals

    Compromising valid identities became the top initial access vector in 2023 while phishing dropped to second place, IBM found in a new report

  2. Russian Hackers Launch Email Campaigns to Demoralize Ukrainians

    ESET researchers reveal a Russian threat actor has targeted Ukrainian citizens with PYSOPs messages warning of impacts such as food and medicine shortages from the war

  3. NCSC Sounds Alarm Over Private Branch Exchange Attacks

    The UK’s National Cyber Security Centre has produced new guidance for smaller firms on PBX attacks

  4. Attacker Breakout Time Falls to Just One Hour

    It now takes threat actors on average just 62 minutes to move laterally from initial access, Crowdstrike claims

  5. New Typosquatting and Repojacking Tactics Uncovered on PyPI

    ReversingLabs uncovered two suspicious packages on PyPI: NP6HelperHttptest and NP6HelperHttper

  6. Linux Malware Campaign “Migo” Targets Redis For Cryptomining

    Cado Security said this campaign introduces unique techniques to compromise the security of Redis servers

  7. Top UK Universities Recovering Following Targeted DDoS Attack

    The attack, which has been claimed by Anonymous Sudan, has been confirmed to have impacted IT services at the universities of Cambridge and Manchester

  8. Initial Ransomware Demands Jump 20% to $600,000 in 2023

    Arctic Wolf found that the median ransomware demand was $600,000 in 2023, a 20% rise on the previous year

  9. Insider Steals 80,000 Email Addresses From District Councils

    A former employee at Stratford-on-Avon District Council stole residents’ emails to promote his business

  10. LockBit Infrastructure Disrupted by Global Law Enforcers

    UK’s National Crime Agency has led an international operation to disrupt the LockBit ransomware group

  11. Anatsa Banking Trojan Resurfaces, Targets European Banks

    ThreatFabric said the campaign has evolved since last year, employing sophisticated methods and mainly targeting Samsung devices

  12. Fake Tokens Exploit BRICS Investment Hype

    Resecurity said bad actors exploited geopolitical narratives, spreading misinformation

  13. EU Launches Investigation Into TikTok Over Child Protection and Privacy Concerns

    TikTok is suspected of breaching the EU’s Digital Services Act requirements on transparency, privacy and obligations to protect minors

  14. Ukrainian Faces Decades in Prison for Leading Prolific Malware Campaigns

    The US DoJ said that the Ukrainian national has pleaded guilty to leading the Zeus and IcedID malware campaigns, which resulted in losses of tens of millions of dollars

  15. Israeli Aircraft Survive “Cyber-Hijacking” Attempts

    Hackers have attempted to divert two commercial Israeli aircraft in recent days, reports claim

  16. Fifth of British Kids Have Broken the Law Online

    A new National Crime Agency study reveals 20% of 10- to 16-year-olds have violated the Computer Misuse Act

  17. New Ivanti Vulnerability Observed as Widespread Security Concerns Grow

    After discovering a new vulnerability impacting its Connect Secure, Policy Secure, and ZTA gateways, Ivanti is under fire for poor security practices

  18. Hackers Exploit EU Agenda in Spear Phishing Campaigns

    Adversaries targeting EU-based victims increasingly leverage EU affairs in spear phishing attacks, CERT-EU found

  19. PDF Malware on the Rise, Used to Spread WikiLoader, Ursnif and DarkGate

    Cybercriminals are increasingly using PDFs to deliver malware, with a 7% rise in threats detected in Q4 2023 compared to Q1, according to a HP Wolf Security report

  20. Google Warns Unfair AI Rules Could Empower Hackers, Harming Defense

Why Not Watch?

  1. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  2. Modernizing GRC: From Checkbox to Strategic Advantage

  3. Mastering AI Security With ISACA’s New AAISM Certification

  4. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

What’s Hot on Infosecurity Magazine?