Infosecurity News

  1. Critical Glibc Bug Puts Linux Distributions at Risk

    Qualys identified and exploited the vulnerability in Fedora 37/38, Ubuntu 22.04/23.04, Debian 12/13

  2. China Poised to Disrupt US Critical Infrastructure with Cyber-Attacks, Microsoft Warns

    Microsoft’s annual digital defense report found a rise in Chinese state-affiliated groups attempting to infiltrate sectors like medical infrastructure and telecommunication

  3. Record Numbers of Ransomware Victims Named on Leak Sites

    A new Secureworks report finds that 2023 is on course to be the biggest year on record for victim naming on ‘name and shame’ sites

  4. Scammers Impersonate Companies to Steal Cryptocurrency from Job Seekers

    CloudSEK warns 100,000 victims may have been impacted

  5. US Government Proposes SBOM Rules for Contractors

    Public comment open until December 4

  6. GoldDigger Android Trojan Drains Victim Bank Accounts

    Researchers warn of phishing links leading to spoofed Google Play pages

  7. LightSpy iPhone Spyware Linked to Chinese APT41 Group

    ThreatFabric found evidence that LighSpy is linked to Android spyware DragonEgg, attributed to the Chinese-sponsored group

  8. EvilProxy Phishing Attack Strikes Indeed, Targets Executives

    Menlo Labs brought this discovery to light in an advisory published on Tuesday

  9. Malware-Infected Devices Sold Through Major Retailers

    The BADBOX scheme deploys the Triada malware on various devices like smartphones and tablets

  10. Police Issue “Quishing” Email Warning

    Organizations urged to update staff awareness programs

  11. Arm and Qualcomm Chips Hit by Multiple Zero-Day Attacks

    Chip giants have released updates to fix the vulnerabilities

  12. Red Cross Issues Wartime Hacktivist Rules

    Non-profit warns of blurring between military and civilian attacks

  13. NSA Establishes AI Security Center

    NSA Director Gen. Nakasone made the announcement during a discussion in Washington last Thursday

  14. FortiGuard Uncovers Deceptive Install Scripts in npm Packages

    Fortinet said these packages can be categorized into nine sets based on their code and functions

  15. EU Cyber Resilience Act Could be Exploited for Surveillance, Experts Warn

    The open letter, signed by 50 leading cybersecurity figures, urges the EU to reconsider its proposals around vulnerability disclosure requirements

  16. Predator Spyware Linked to Madagascar's Government Ahead of Presidential Election

    Cybersecurity firm Sekoia has found new evidence that the Malagasy government has used Cytrox’s spyware ahead of the election

  17. Upstream Supply Chain Attacks Triple in a Year

    Sonatype detects over 245,000 malicious packages

  18. Half of Cybersecurity Professionals Report Increase in Cyber-Attacks

    New research by ISACA has found that the cybersecurity skills gap is contributing to businesses' cybersecurity preparedness

  19. CyberEPQ Course Triples Student Intake for the Coming Year

    Government funding will help more sixth-form students get into cyber

  20. Fifth of Brits Suspect They've Been Monitored by Employers

    Privacy regulator warns employees to stay within the law

Why Not Watch?

  1. How to Recover From a Cyber-Attack: A Step-by-Step Playbook

  2. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  3. Securing M365 Data and Identity Systems Against Modern Adversaries

  4. Why Your Organisation Needs Trusted Time Synchronisation

What’s Hot on Infosecurity Magazine?