Infosecurity News

  1. Clop Ransom Gang Breaches Big Names Via MOVEit Flaw

    Boots, BA, the BBC and more have data compromised

  2. Satacom Malware Campaign Steals Crypto Via Stealthy Browser Extension

    The extension employs various JavaScript scripts to manipulate users' browsers

  3. Critical Zero-Day Flaw Exploited in MOVEit Transfer

    The vulnerability (CVE-2023-34362) can grant escalated privileges and unauthorized access

  4. Spanish Bank Globalcaja Hit By Ransomware Attack

    The firm said the attack occurred last Thursday and prompted it to activate its security protocols

  5. UK Closes CCP Cyber Certification Scheme

    Certified Cyber Professional will be replaced by new chartered scheme

  6. North Korea Makes 50% of Income from Cyber-Attacks: Report

    US assessment highlights significance of offensive capabilities

  7. Atomic Wallet Customers Lose Over $35m in Crypto Attacks

    Digital wallet provider still investigating cause of incidents

  8. Enzo Biochem Hit by Ransomware, 2.5 Million Patients' Data Compromised

    The information includes names, test information and 600,000 Social Security numbers

  9. US and Korean Agencies Issue Warning on North Korean Cyber-Attacks

    The advisory identifies several actors: Kimsuky, Thallium, APT43, Velvet Chollima and Black Banshee

  10. Malicious PyPI Packages Use Compiled Python Code to Bypass Detection

    According to ReversingLabs this could be the first supply chain attack capitalizing on PYC files

  11. Insurers Predict $33bn Bill for Catastrophic "Cyber Event"

    One-in-200 year event could stem from cloud, data breach or ransomware

  12. Chinese Phishing Gang "PostalFurious" Expands Campaign

    Latest victims of smishing attacks are UAE residents

  13. Kaspersky Says it is Being Targeted By Zero-Click Exploits

    Possible US campaign began in 2019

  14. Horabot Campaign Targets Spanish-Speaking Users in the Americas

    Cisco Talos said the threat actor behind the campaign is believed to be located in Brazil

  15. Void Rabisu's RomCom Backdoor Reveals Shifting Threat Actor Goals

    Trend Micro said the motives of Void Rabisu seem to have changed since at least October 2022

  16. Potential Backdoor in Gigabyte PCs Exposes Supply Chain Risks

    Eclypsium is working closely with Gigabyte to rectify insecure implementation of its app center

  17. HMRC in New Tax Credits Scam Warning

    Claimants bombarded by phishing emails, phone calls and texts

  18. Amazon to Pay $31m After FTC's Security and Privacy Allegations

    Regulator's proposed order to cover civil penalty and consumer refunds

  19. Zyxel Customers Urged to Patch Exploited Bug

    Vulnerability being "widely exploited" in Mirai-based botnet attacks

  20. New "Migraine" Flaw Enables Attackers to Bypass MacOS Security

    Discovered by Microsoft and dubbed "Migraine," the flaw was disclosed to Apple and patched

Why Not Watch?

  1. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  2. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  3. Securing M365 Data and Identity Systems Against Modern Adversaries

  4. How To Enhance Security Operations with AI-Powered Defenses

What’s Hot on Infosecurity Magazine?