Infosecurity News

  1. Google Warns Against Commercial Spyware Exploiting Zero-Days

    Spyware vendors facilitated the spread of malware by government-backed threat actors

  2. Clop Ransomware Group Exploits GoAnywhere MFT Flaw

    The vulnerability has a CVSS score of 7.2 and was exploited against several companies in the US

  3. Attacks Targeting APIs Increased By 400% in Last Six Months

    The new Salt Security report found that 80% of attacks happened over authenticated APIs

  4. ChatGPT Vulnerability May Have Exposed Users’ Payment Information

    The breach was caused by a bug in an open-source library

  5. Tech Industry Bids to Tackle Cyber-Mercenary Epidemic

    New principles designed to disrupt and limit a rapidly growing market

  6. Just 1% of Cloud Permissions Are Actively Used

    Microsoft warns of "permissions gap" security threat

  7. Experts Warn of Self-Funding North Korean Group APT43

    Mandiant says unit is focused on espionage and crypto theft

  8. Clipboard-Injector Attacks Target Cryptocurrency Users

    The malware campaign relying on this technique was observed abusing Tor Browser installers

  9. Apple Releases Security Patches For Older iPhone and iPad Models

    The vulnerability refers to a type confusion bug in the WebKit browser engine

  10. France Bans TikTok, Other 'Fun' Apps From Government Devices

    The move is expected to affect roughly 2.5 million government officials

  11. Four Years Behind Bars for Prolific BEC Scammer

    Solomon Ekunke Okpe and others made over $1m from online fraud

  12. Call for Submissions to UK's New Computer Misuse Act

    Bugcrowd is concerned about a lack of protection for ethical hackers

  13. US Moves to Ban "Anti-Democratic" Spyware

    White House says use of tools must be aligned with human rights

  14. Microsoft Fixes Security Flaw in Windows Screenshot Tools

    Information disclosure vulnerability aCropalypse could enable malicious actors to recover sections of screenshots

  15. Three Variants of IcedID Malware Discovered

    The new variants hint that considerable effort is going into the future of IcedID and its codebase

  16. New MacStealer Targets Catalina, Newer MacOS Versions

    The malware can extract information from documents, browser cookies and login information

  17. NCA Harvests Info on DDoS-For-Hire With Fake Booter Sites

    Agency attempts to disrupt the cybercrime underground

  18. New BEC Tactics Enable Fake Asset Purchases

    FBI warns of scammers using Net-30 and Net-60 terms

  19. Latitude Financial Admits Breach Impacted Millions

    Over 14 million records stolen from consumer lender

  20. CISA Unveils Ransomware Notification Initiative

    Provides businesses with early warnings to evict threat actors before they can encrypt data

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. Mastering AI Security With ISACA’s New AAISM Certification

  3. Audit & Compliance in the Era of AI and Emerging Technology

  4. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

What’s Hot on Infosecurity Magazine?