Infosecurity News

  1. VMConnect: Python PyPI Threat Imitates Popular Modules

    ReversingLabs said the attackers displayed a sophisticated approach and techniques

  2. CISA Announces 2024-2026 Strategic Plan

    The US’ leading cybersecurity agency calls for us to “embody the hacker spirit” in its latest strategic plan

  3. Sophisticated Phishing Exploits Zero-Day Salesforce Vulnerability

    Guardio Labs detected the campaign and detailed its findings in a technical blog post

  4. Microsoft Warns of Growing Cyber-Threats to Sporting Events

    Microsoft observed attackers continually attempting to compromise connected systems at the 2022 World Cup

  5. Credentials Account For Over Half of Cloud Compromises

    Google Cloud figures also point to misconfiguration

  6. Legacy Flaws Dominate Top 12 Vulnerabilities List

    Security agencies urge timely patching

  7. UK Government: Cyber-Attacks Could Kill or Maim Thousands

    Risk assessment predicts critical infrastructure attacks could cost billions

  8. Hacktivist Collective “Mysterious Team Bangladesh” Revealed

    Group-IB said the group carried out 750 DDoS attacks and more than 70 website defacements in a year

  9. Cisco Talos Discusses Flaws in SOHO Routers Post-VPNFilter

    Over the last five years the firm reported and mitigated 141 advisories, encompassing 289 CVEs

  10. Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks

    The Russia-based actor exploited compromised Microsoft 365 tenants owned by small businesses

  11. Cyber-Attacks Targeting Government Agencies Increase 40%

    BlackBerry found that public services now rank as the second most targeted industry by threat actors

  12. Menlo Leverages Advanced Technology to Combat Surging Browser Threats

    Menlo Security co-founder highlights the challenge relating to web browser security and how to overcome them

  13. Humans Unable to Reliably Detect Deepfake Speech

    Research from UCL finds that humans struggle to identify deepfake audio

  14. Cocaine Smugglers that Posed as PC Sellers Jailed

    Four members behind bars after EncroChat bust

  15. Hundreds of Citrix Endpoints Compromised With Webshells

    Zero-day exploit warning was issued a week ago

  16. Ivanti Discloses Yet Another Critical Flaw

    Latest bug described as a patch bypass

  17. Manufacturing Sector Reeling From Financial Costs of Ransomware

    Analysis by Comparitech found that manufacturers have lost $46.2bn from ransomware attacks in downtime alone since 2018

  18. AI-Powered CryptoRom Scam Targets Mobile Users

    Sophos security researchers shared the findings in a report published today

  19. Threat Actors Use AWS SSM Agent as a Remote Access Trojan

    Mitiga’s research demonstrated two potential attack scenarios

  20. Cloud Firm Under Scrutiny For Suspected Support of APT Operations

    Halcyon said that Cloudzy has been playing a pivotal role in facilitating cyber-criminal activities

Why Not Watch?

  1. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  2. Modernizing GRC: From Checkbox to Strategic Advantage

  3. Audit & Compliance in the Era of AI and Emerging Technology

  4. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

What’s Hot on Infosecurity Magazine?