Infosecurity News

  1. NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stalled

    Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US National Vulnerability Database (NVD) since May 9

  2. China Presents Defining Challenge to Global Cybersecurity, Says GCHQ

    GCHQ chief warns China's cyber actions threaten global internet security, while Russia and Iran pose immediate risks

  3. 44% of Cybersecurity Professionals Struggle with Regulatory Compliance

    Infosecurity Europe research highlights significant challenges faced by organisations in staying up to speed with increasing compliance requirements

  4. Russian Actors Weaponize Legitimate Services in Multi-Malware Attack

    Recorded Future details a novel campaign that abuses legitimate internet services to deploy multiple malware variants for credential theft

  5. UK Insurance and NCSC Join Forces to Fight Ransomware Payments

    UK insurers and the National Cybersecurity Centre release new guidance to discourage ransomware payments by businesses

  6. Hackers Use DNS Tunneling to Scan and Track Victims

    Palo Alto Networks warns threat actors are using DNS tunneling techniques to probe for network vulnerabilities

  7. FCC Names and Shames First Robocall Threat Actor

    In a first, the FCC has designated “Royal Tiger” as a malicious robocall threat group

  8. Critical Vulnerabilities in Cinterion Modems Exposed

    The flaws include CVE-2023-47610, a security weakness within the modem’s SUPL message handlers

  9. Mallox Ransomware Deployed Via MS-SQL Honeypot Attack

    Analyzing Mallox samples, Sekoia identified two distinct affiliates using different approaches

  10. Ascension Ransomware Attack Diverts Ambulances, Delays Appointments

    A ransomware attack on US private healthcare provider Ascension has disrupted patient care, with several hospitals currently on diversion

  11. Black Basta Ransomware Victim Count Tops 500

    Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations

  12. Threat Actor Claims Major Europol Data Breach

    A threat actor known as IntelBroker claims to be selling confidential Europol data after a May breach

  13. UK's AI Safety Institute Unveils Platform to Accelerate Safe AI Development

    The UK's open source AI safety evaluation platform, Inspect, is set to empower global collaboration for safer AI development

  14. RSAC: Experts Highlight Novel Cyber Threats and Tactics

    Well-funded cybercriminals are adopting more sophisticated techniques, creating a need for defenders to stay informed about the evolving threat landscape

  15. RSAC: Why Cybersecurity Professionals Have a Duty to Secure AI

    Experts at the RSA Conference urged cyber professionals to lead the way in securing AI systems today and pave the way for AI to solve huge societal challenges

  16. RSAC: How CISOs Should Protect Themselves Against Indictments

    Experts at the RSA Conference discussed what CISOs can do to protect themselves against legal pressure

  17. New 'LLMjacking' Attack Exploits Stolen Cloud Credentials

    Sysdig said the attackers gained access to these credentials from a vulnerable version of Laravel

  18. Mobile Banking Malware Surges 32%

    Afghanistan, Turkmenistan and Tajikistan victims experienced the highest share of banking Trojans

  19. AI-Powered Russian Network Pushes Fake Political News

    Researchers discover large-scale Russian influence operation using GenAI to influence voters

  20. Fake Online Stores Scam Over 850,000 Shoppers

    Researchers discover 75,000+ domains hosting fraudulent e-commerce sites, in a campaign dubbed BogusBazaar

What’s hot on Infosecurity Magazine?