Infosecurity News

  1. API Vulnerabilities Discovered in LEGO Marketplace

    The vulnerabilities, which are now fixed, could have put sensitive customer data at risk

  2. Agenda Ransomware Switches to Rust to Attack Critical Infrastructure

    Victim companies have a combined revenue of around $550m

  3. Meta's Bug Bounty Program Shows $2m Awarded in 2022

    The total amount since the program's establishment in 2011 is reportedly $16m

  4. Social Blade Confirms Data Breach Exposing PII on the Dark Web

    The company confirmed the data does not include any credit card information

  5. Two-Thirds of Security Pros Have Burnt Out in Past Year

    Excessive workload is the most common contributing factor

  6. Former Twitter Employee Gets 42 Months for Saudi Scheme

    Insider was bribed by the Middle East kingdom

  7. OECD Signs "Landmark" Privacy Agreement

    Club of rich countries wants to improve cross-border data flows

  8. Senate Approves Bill Banning TikTok From US Government Devices

    The bill still needs to receive approval from the US House of Representatives

  9. NSA, CISA Warn Against Threats to 5G Network Slicing

    Improper network slice management may enable attackers to access data from different network slices

  10. Loan Scam Campaign 'MoneyMonger' Exploits Flutter to Hide Malware

    Zimperium said the code was part of an existing campaign previously discovered by K7 Security Labs

  11. Feds Hit DDoS-for-Hire Services with 48 Domain Seizures

    Six also charged in connection with booter services

  12. Over 85% of Attacks Hide in Encrypted Channels

    Zscaler reveals 20% increase in malicious use of encryption

  13. Platforms Flooded with 144,000 Phishing Packages

    NuGet, PyPi and npm inundated with malicious packages

  14. Signed Microsoft Drivers Used in Attacks Against Businesses

    In some cases, the threat actor's intent was to ultimately provide SIM-swapping services

  15. AgentTesla Remains Most Prolific Malware in November, Emotet and Qbot Grow

    These are some of the key findings from the latest Check Point Research Most Wanted report

  16. Apple Fixes Actively Exploited iPhone Zero-Day Vulnerability

    The vulnerability could allow remote code execution (RCE) on a victim's device

  17. New Google Tool Helps Devs Root Out Open Source Bugs

    Free OSV-Scanner searches transitive dependencies

  18. Loan Fee Fraud Surges by a Fifth as Christmas Approaches

    FCA warns of pressure tactics as cost of living bites

  19. Two Zero-Days Fixed in December Patch Tuesday

    Close to 50 CVEs addressed this month

  20. Twitter Addresses November Data Leak Claims

    No passwords were reportedly exposed, but Twitter prompted users to enable 2FA to protect accounts

Why Not Watch?

  1. Securing M365 Data and Identity Systems Against Modern Adversaries

  2. How to Harness Advanced Intelligence Capabilities to Strengthen Cyber Defence

  3. Why Resilience‑Focused Cloud Design Is Your Best Defense Against Modern Attacks

  4. Behind the Curtain of Microsoft 365 Cybersecurity: Lessons from Overlooked Resilience Gaps

What’s Hot on Infosecurity Magazine?