Infosecurity News
BEC Attacks Expand Beyond Email and Toward Mobile Devices
Scammers typically obtain mobile numbers from data breaches, social media and data brokers
Cobalt Mirage Affiliate Uses GitHub to Relay Drokbk Malware Instructions
Secureworks said the malicious code is written in .NET and comprises a dropper and a payload
Software Supply Chain Attacks Leveraging Open-Sources Repos Growing
ReversingLabs found an increasing number of malicious packages in three popular repositories
#BHEU: UK Government Calls for Industry Input on its Cybersecurity Strategy
A DCMS official sets out the UK government's cybersecurity strategy during Black Hat Europe 2022
Government to Fund Security Studies for Hundreds of Students
Latest move shows urgent need to nurture skills pipeline
Security Concerns Scupper Deals for Two-Thirds of Firms
Global report ties poor security to bottom-line impact
Government Sets Out New Rules to Enhance App Security
Voluntary code of conduct is designed for developers and app store operators
US Sues TikTok Over Child Safety and Data Security Claims
The Indiana court said TikTok promoted age-restricted content regardless of a user's age
Iranian APT Agrius Targets Diamond Industry Worldwide With Fantasy Wiper
The group conducted supply chain attacks against the diamond industry across three continents
Apple Introduces New Data Protections to Increase Cloud Security
The new features will be globally available in 2023, but one of them already is for some US users
#BHEU: Time for Cyber Pros to Shape the Industry’s Future
Jen Ellis urges the cyber industry to take a leading role in shaping its future, during Black Hat Europe 2022
Pet Dog Unmasks Drug Trafficker on Encrypted Chat
Police studied photos sent via EncroChat to reveal users
Investment Fraud Gang May Have Made $500m
CryptosLabs has been operating since 2018, says Group-IB
Cyber-criminals Scammed Each Other Out of Millions in 2022
Sophos report reveals thriving "sub-economy" on underground sites
Microsoft Warns Cryptocurrency Firms Against Complex Cyber-Attacks
Attacks included fraud, vulnerability exploitation, fake applications and info stealer deployments
NZ Privacy Commissioner Investigates Mercury IT Ransomware Attack
The watchdog also confirmed it plans on opening a compliance investigation into the incident
Security Risks Found in Millions of XIoT Devices
Phosphorus published a report encapsulating five years of security research and device testing.
FFT and Ransomware Represent Over Half of Cyber Insurance Claims in 2022
While average ransomware claims are much higher, the report warned that vectors like BEC could deliver "death by a thousand cuts"
UK Government Department Using Unsupported Applications, Reveals Watchdog
Almost a third (30%) of applications used by Defra are unsupported, a report from the National Audit Office has revealed
ICO Fines Rogue Nuisance Callers £500,000
Some companies forced victims to share card details
