Infosecurity News

  1. City Cyber Taskforce Launches to Secure Corporate Finance

    A new initiative led by the ICAEW and NCSC launches today to improve cybersecurity during deals and investments

  2. Schneider Electric Confirms Data Accessed in Ransomware Attack

    Energy firm Schneider Electric said a ransomware incident, reportedly perpetrated by the Cactus group, has led to data being accessed from its Sustainability Business division

  3. Orange España Breach: Dark Web Flooded With Operator Credentials

    Resecurity discovered over 1572 compromised customers from RIPE, APNIC, AFRINIC and LACNIC

  4. Alpha Ransomware Group Launches Data Leak Site on the Dark Web

    Netenrich analyzed the ransom note pattern saying the group is refining their messages to victims

  5. Rust Payloads Exploiting Ivanti Zero-Days Linked to Sophisticated Sliver Toolkit

    After analyzing the 12 Rust payloads exploiting Ivanti ConnectSecure vulnerabilities, Synacktiv found they all enabled a sophisticated post-exploitation toolkit

  6. Ransomware Incidents Hit Record High, But Law Enforcement Takedowns Slow Growth

    New data from Corvus found that ransomware incidents rose by 68% in 2023 compared to 2022, but law enforcement takedowns led to a fall in Q4

  7. FBI: Scammers Are Sending Couriers to Collect Cash From Victims

    The FBI is warning the public not to fall for scams where they are urged to liquidate assets and hand them to couriers for ‘safekeeping’

  8. UK House of Lords Calls For Legislation on Facial Recognition Tech

    The House of Lords has questioned the legal basis for police use of facial recognition and wants parliament to legislate

  9. Phobos Ransomware Family Expands With New FAUST Variant

    FortiGuard said the variant was found in an Office document using a VBA script

  10. US Senator Exposes NSA Purchase of Americans’ Internet Records

    The call follows an FTC order saying data brokers must secure consent before selling user data

  11. Nigerian 'Yahoo Boys' Behind Social Media Sextortion Surge in the US

    Nigeria-based cybercriminals known as Yahoo Boys are the main drivers of a financial sextortion increase on TikTok, Instagram and Snapchat, targeting English-speaking teenagers

  12. Microsoft Provides Defense Guidance After Nation-State Compromise

    Microsoft said the Russian nation-state group Midnight Blizzard obfuscated its attack through the use of an OAuth application

  13. Dark Web Drugs Vendor Forfeits $150m After Guilty Plea

    Drug trafficker Banmeet Singh made $150m in cryptocurrency from dark web sales

  14. CI/CD at Risk as Exploits Released For Critical Jenkins Bug

    Customers are urged to patch now after exploits are released for critical vulnerability in Jenkins

  15. Ukraine Arrests Hacker for Assisting Russian Missile Strikes

    Ukraine’s security services said that the IT specialist from Kharkiv targeted government websites and provided intelligence to Russia to carry out missile strikes

  16. New Leaks Expose Web of Iranian Intelligence and Cyber Companies

    Recorded Future analyzed leaks describing the close relationship between the Iranian government and Iran-aligned APT groups

  17. Data Privacy Week: Companies are Banning Generative AI Due to Privacy Risks

    Cisco found that privacy and data security risks have led to over a quarter of organizations banning generative AI, at least temporarily, while a majority have instituted controls

  18. China-Aligned APT Group Blackwood Unleashes NSPX30 Implant

    ESET said Blackwood has been actively engaged in cyber-espionage since at least 2018

  19. Government Security Vulnerabilities Surge By 151%, Report Finds

    Bugcrowd’s latest report also recorded a 30% surge in web submissions in 2023

  20. North Korea Hacks Crypto: More Targets, Lower Gains

    A global drop in DeFi hacking gains prompted North Korean threat actors to diversify and extend their victim portfolio, Chainalysis found

What’s Hot on Infosecurity Magazine?