Infosecurity News

  1. Anubis Ransomware Adds File-Wiping Capability

    Trend Micro identified a novel “wipe mode” included in Anubis ransomware to prevent file recovery, increasing pressure on victims to give in to demands

  2. Over a Third of Grafana Instances Exposed to XSS Flaw

    Some 36% of Grafana instances are vulnerable to account takeover bug, putting DevOps teams at risk

  3. WestJet Investigates Cyber-Attack Impacting Customers

    Canadian airline WestJet is investigating a cyber-attack that struck on June 13

  4. Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names

    Jen Easterly and Ciaran Martin called for a universal, vendor-neutral cyber threat actor naming system

  5. European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms

    This is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware

  6. Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm

    A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of the SimpleHelp RMM tool

  7. Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft

    Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email

  8. Palo Alto Networks Patches Series of Vulnerabilities

    The cybersecurity provider also implemented recent fixes in Chromium that affected its Prisma Access Browser

  9. NIST Publishes New Zero Trust Implementation Guidance

    The new NIST guidance sets out 19 example implementations of zero trust using commercial, off-the-shelf technologies

  10. Europol Says Criminal Demand for Data is “Skyrocketing”

    Europol warns of “vicious circle” of data breaches and cybercrime

  11. Phishing Alert as Erie Insurance Reveals Cyber “Event”

    Erie Insurance reveals suspected network breach and ongoing outage

  12. Congress Introduces Bill to Strengthen Healthcare Cybersecurity

    The legislation aims to expand the federal government’s role in helping healthcare providers protect and respond to cyber-attacks

  13. 20,000 Asian IPs and Domains Dismantled in Infostealer Crackdown

    Interpol-coordinated Operation Secure led to 32 arrests, including the suspected ringleader of a cybercriminal organization

  14. Hands-On Skills Now Key to Landing Your First Cyber Role

    An ISC2 study found that 90% of security hiring managers would consider entry-level candidates with only previous IT work experience

  15. Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud

    The products affected by the issues are part of the Salesforce OmniStudio suite, including FlexCards and Data Mappers

  16. Half of Mobile Users Now Face Daily Scams

    Malwarebytes claims 44% of mobile users are exposed to scams every day

  17. Two Microsoft Zero-Days for Admins to Fix in June Patch Tuesday

    Microsoft has patched two zero days this month, one of which is being exploited in the wild

  18. Android Enterprise Rolls Out Security and Productivity Updates

    Android Enterprise has introduced features for mobile security, device management and user productivity in its latest update

  19. Mastery Schools Notifies 37,031 of Major Data Breach

    A ransomware attack on Mastery Schools, Philadelphia, has compromised personal information of 37,031 individuals, exposing sensitive data

  20. DDoS Attacks on Financial Sector Surge in Scale and Sophistication

    The financial sector was the industry most targeted by distributed denial-of-service (DDoS) attacks in 2024, with a peak in October

Why Not Watch?

  1. Mastering AI Security With ISACA’s New AAISM Certification

  2. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  3. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  4. OT Security Ecosystem for Targeted Risk Reduction and Reporting

What’s Hot on Infosecurity Magazine?