Infosecurity News

  1. Iranian Group TA453 Launches Phishing Attacks with BlackSmith

    TA453, also known as Charming Kitten, launched a targeted phishing attack using PowerShell malware BlackSmith

  2. Vermin Cyber-Attacks Target Ukraine, Exploiting Kursk Battle

    Ukraine detected cyber-attacks using malicious emails containing photos of alleged prisoners of war from the Kursk direction

  3. Iran Behind Trump Campaign Hack, US Government Confirms

    The ODNI, FBI and CISA confirmed Iran was behind a reported hack of a Trump campaign website as part of efforts to stoke discord and undermine the US elections

  4. Former Congressman Santos Admits Identity Theft and Fraud

    Former US Representative George Santos pleads guilty to multiple fraud and identity theft charges

  5. Jewish Home Lifecare Notifies 100,000 Victims of Ransomware Breach

    Healthcare organization Jewish Home Lifecare has revealed that a 2024 data breach hit over 100,000 customers

  6. FBI and CISA Assure Public on Election Ransomware Security

    The FBI and CISA said ransomware on local networks may cause delays but won't impact voting system integrity

  7. New Tool Xeon Sender Enables Large-Scale SMS Spam Attacks

    Xeon Sender features SMS spam via APIs, Nexmo/Twilio credentials validation and phone number generation

  8. Microsoft Apps for macOS Exposed to Library Injection Attacks

    Cisco Talos researchers found a flaw in eight Microsoft apps for macOS that could enable library injection attacks, putting sensitive data at risk

  9. Ransomware Resilience Drives Down Cyber Insurance Claims

    Cyber insurance claims in the UK have fallen by over a third between 2022 and 2024 as businesses refuse ransom payments

  10. NCSC Opens Cyber Resilience Audit Scheme to Applicants

    The UK’s National Cyber Security Centre wants prospective auditors to check compliance with its Cyber Assessment Framework

  11. Unicoin Staff Locked Out of G-Suite in Mystery Attack

    Employees at crypto firm Unicoin couldn’t access Google services for four days during a recent breach

  12. US Bipartisan Committee Urges Investigation Into Chinese Wi-Fi Routers

    Two Congressmen fear that the Chinese government might use TP-Link Wi-Fi routers to deploy hacking and espionage campaigns in the US

  13. Microsoft Mandates MFA for All Azure Sign-Ins

    Microsoft is mandating MFA for all Azure sign-ins, with customers given 60-day advance notices to start implementation

  14. Florida-Based National Public Data Confirms Data Breach

    The US data broker did not address the threat actor’s claim that the breach concerns 2.9 billion records

  15. Geopolitical Tensions Drive Explosion in DDoS Attacks

    Radware found that Web DDoS attacks rose by 265% in H1 2024, driven by hacktivist groups amid rising geopolitical tensions

  16. Cyber-criminals Exploited Paris Olympics With Fake Domains

    166 Olympics-related domains displayed signs of DNS abuse like keyword stuffing and typosquatting

  17. Advanced ValleyRAT Campaign Hits Windows Users in China

    Discovered by FortiGuard Labs, the ValleyRAT campaign targets Chinese Windows systems

  18. Russia's FSB Behind Massive Phishing Espionage Campaign

    Citizen Lab attributed the campaign to Coldriver, a notorious FSB subordinate team, and Coldwastrel, a new, Russian-aligned group

  19. Another Record Year For Ransomware Beckons as Crypto Profits Hit $460m

    Ransom payments in the first half of 2024 hit $460m, according to Chainalysis

  20. Google Warns of Iranian Cyber-Attacks on Presidential Campaigns

    Google has highlighted sophisticated spearphishing attacks by Iranian state actor APT42 targeting individuals associated with the US Presidential campaign

Why Not Watch?

  1. Modernizing GRC: From Checkbox to Strategic Advantage

  2. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  3. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  4. Mastering AI Security With ISACA’s New AAISM Certification

What’s Hot on Infosecurity Magazine?