Infosecurity News

  1. Security Serious Unsung Heroes Awards 2023 Open for Nominations

    Nominations are open for the eighth annual Security Serious Unsung Heroes Awards.

  2. UK MoD Error Sends Emails to Russia’s Ally Instead of US

    The MoD clarified that the incident involved fewer than 20 emails and none were top secret

  3. New Study Reveals Forged Certificate Attack Risks

    Attempts can lead to unauthorized access to important company resources

  4. 40% of Ubuntu Cloud Workloads Vulnerable to Exploits

    Wiz Research said the vulnerabilities were discovered in the Linux filesystem, OverlayFS

  5. Microsoft Accused of Negligence in Recent Email Compromise

    In an open letter, Senator Ron Wyden urged federal agencies to investigate Microsoft following a Chinese campaign that compromised US government emails

  6. Australia and US Issue Warning About Web App Threats

    The advisory issues recommendations for developers and end users on reducing the prevalence of access control vulnerabilities

  7. SSNDOB Marketplace Admin Pleads Guilty

    Site was used to trade stolen data

  8. North Korean Hackers Bag Another $100m in Crypto Heists

    Two new breaches traced back to prolific Lazarus group

  9. MOVEit Campaign Claims Millions More Victims

    US government services firm is latest to reveal compromise

  10. Security Incident Impacts CardioComm’s Operations

    Several of the company’s products are affected by the outage

  11. High Severity Vulnerabilities Discovered in Ninja Forms Plugin

    The popular forms builder plugin for WordPress has over 900,000 active installations

  12. China’s Wuhan Earthquake Center Suffers Cyber-Attack

    Responding to the news, a Chinese Foreign Ministry Spokesperson claimed the US is engaging in malicious cyber operations across the world

  13. “Mysterious Elephant” Emerges, Kaspersky Reports

    Kaspersky also sheds light on more information related to the “Operation Triangulation” campaign

  14. OpenAI, Microsoft, Google and Anthropic Form Body to Regulate AI

    Four generative AI pioneers launched the Frontier Model Forum, which will focus on ‘safe and responsible’ creation of new AI models

  15. NCSC Publishes New Guidance on Shadow IT

    Security agency suggests mitigations and technical solutions

  16. Supply Chain Attack Hits NHS Ambulance Trusts

    Electronic patient records unavailable for over a week

  17. SEC Wants Cyber-Incident Disclosure Within Four Days

    More consistent notification rules required of public firms

  18. Repeatable VEC Attacks Target Critical Infrastructure

    Likelihood of a firm falling victim to a VEC attack rose from 45% in June 2022 to 70% in May 2023

  19. VMware Patches Vulnerability Exposing Admin Credentials

    The issue arises from the logging of credentials in hex encoding in platform system audit logs

  20. Group-IB Founder Sentenced in Russia to 14 Years for Treason

    Reports said Ilya Sachkov was suspected of passing on state secrets

Why Not Watch?

  1. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  2. Audit & Compliance in the Era of AI and Emerging Technology

  3. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  4. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

What’s Hot on Infosecurity Magazine?