Infosecurity News

  1. Russian Espionage Group Static Tundra Targets Legacy Cisco Flaw

    Russian state-backed hackers are exploiting a seven-year-old Cisco Smart Install vulnerability (CVE-2018-0171) in end-of-life devices, prompting warnings from the FBI and Cisco Talos

  2. Colt Admits Customer Data Likely Stolen in Cyber-Attack

    Colt customers can request a list of filenames posted on the dark web via a dedicated call center

  3. Oregon Man Charged in Rapper Bot DDoS-for-Hire Case

    A 22-year-old Oregon man has been charged with administering the Rapper Bot DDoS-for-hire Botnet

  4. Cybercriminal Linked to Notorious Scattered Spider Gang Gets 10-Year Sentence

    Noah Urban, linked with the Scattered Spider cybercriminal gang, will also pay $13m in restitution to victims

  5. Orange Data Breach Raises SIM-Swapping Attack Fears

    Orange Belgium revealed that a threat actor has compromised 850,000 customer accounts, with SIM card numbers among the data accessed

  6. “PromptFix” Attacks Could Supercharge Agentic AI Threats

    Guardio reveals a new AI take on ClickFix dubbed “PromptFix”

  7. NIST Unveils Guidelines to Help Spot Face Morphing Attempts

    NIST has released new guidelines examining the pros and cons of detection methods for face morphing software

  8. Pharmaceutical Company Inotiv Confirms Ransomware Attack

    Indiana-based pharmaceutical research company Inotiv has confirmed it suffered a ransomware attack, disrupting operations and compromising data

  9. TRM Launches Industry-Wide Platform to Fight Crypto Crimes

    With Beacon Network, TRM Labs has brought together law enforcement and some of the largest crypto exchanges to fight against crypto crimes

  10. Mule Operators in META Adopt Advanced Fraud Schemes

    A new report has mapped the tactical evolution of mule operators in the META region from VPNs to advanced fraud networks

  11. Hackers Weaponize QR Codes in New 'Quishing' Attacks

    Researchers discovered two new phishing techniques where attackers split malicious QR codes or embed them into legitimate ones

  12. Warlock Ransomware Hitting Victims Globally Through SharePoint ToolShell Exploit

    Trend Micro highlighted a sophisticated post-compromise attack chain to deploy the Warlock ransomware in unpatched SharePoint on-prem environments

  13. Executives Warned About Celebrity Podcast Scams

    The Better Business Bureau is urging business owners and influencers not to fall for a new type of podcast scam

  14. UK Retreats on Apple Encryption Backdoor Demand Following US Pressure

    US director of national intelligence, Tulsi Gabbard, stated that her government persuaded the UK to withdraw its controversial demand

  15. Microsoft Issues Out-of-Band Update to Fix Recovery Issues

    Microsoft has issued an emergency patch to fix Windows recovery problems for some users

  16. ISACA Launches AI-Centric Security Management Certification

    ISACA has launched the new AAISM certification to equip security leaders with AI risk management expertise

  17. Public Exploit Released for Critical SAP NetWeaver Flaw

    A critical flaw in SAP NetWeaver AS Java is being widely exploited, allowing unauthenticated remote code execution

  18. Allianz Life Data Breach Exposes Personal Data of 1.1 Million Customers

    A cyber-attack on Allianz Life, linked to the ShinyHunters group, has exposed the personal information of 1.1 million customers

  19. Canadian Financial Regulator Hacked, Exposing Personal Data from Member Organizations

    The Canadian Investment Regulatory Organization (CIRO) said it will work to identify the personal information breached and notify those affected

  20. Attacker “Patches” Vulnerability Post Exploitation to Lock Out Competition

    Red Canary observed the novel tactic in a cluster of activity targeting a legacy vulnerability to access cloud-based Linux systems

What’s Hot on Infosecurity Magazine?