Infosecurity News

  1. Progress Restores ShareFile Storage Zones Access After Vulnerability Exploit Concerns

    Progress has restored access to its ShareFile Storage Zones Controller after a four-day suspension triggered by a credible external security threat

  2. Microsoft Patches 570 CVEs in Record Patch Tuesday

    Microsoft released fixes for a record 570 CVEs in its July Patch Tuesday update, as experts warn AI is dramatically accelerating vulnerability discovery and increasing patch volumes

  3. Government Updates UK’s National Risk Register with Cyber Warnings

    The UK government is warning of the potential impact of catastrophic cyber-attacks

  4. US: Pentagon Suspends CMMC Phase II Requirements for Defense Contractors

    The US Department of Defense announced the immediate suspension of the CMMC Phase II requirements until further review

  5. New MacOS Malware Exploits Legitimate Developer ID to Pose as Apple Crash Reporter

    Researchers at Jamf Threat Labs detail CrashStealer, which steals passwords, cryptocurrency wallets and more

  6. Lidl Notifies Customers of Third-Party Data Breach

    Supermarket giant Lidl has revealed details of a supplier breach impacting customer data

  7. Five Charged in “Russian Coms” Fraud Platform Case

    Five UK residents have been charged in relation to supplying Russian Coms fraud devices and apps

  8. Open Directory Exposes Three Evilginx Phishing Operators

    Misconfigured server exposed three phishing operators running Evilginx forks to bypass MFA

  9. Pakistani Police Systems Hit by Chinese and Indian Espionage

    Chinese and Indian spies converged on the same Balochistan police force, SentinelLabs found

  10. Novel OAuth Client ID Spoofing Technique Targets Cloud Environments

    New research reveals cyber-attackers can spoof OAuth Client IDs in Microsoft Entra ID, creating a stealthy path into cloud environments

  11. Progress Software Warns of "External Security Threat" to ShareFile

    Progress Software, the provider of the popular file-sharing and data storage solutions, has urged customers to shut down the server hosting their Storage Zone Controller

  12. Russian State Hackers Target Vulnerable Routers Worldwide, Joint Advisory Warns

    Cybersecurity agencies from 12 countries have warned that Russian state-backed hackers are actively targeting vulnerable routers using weak SNMP credentials

  13. Hacker Extradited from Ukraine Pleads Guilty to Ryuk Ransomware Charges

    An Armenian man has pleaded guilty to his role in the infamous Ryuk ransomware operation

  14. Australian Cyber Agency Warns of Global CMS Exploitation Campaign

    Australian Cyber Security Centre warns CMS users of mass scanning and exploitation campaign

  15. CISA Details Incident Response to Exposed AWS GovCloud Keys

    CISA reveals how it responded after sensitive AWS GovCloud credentials and internal data were exposed in a public GitHub repository

  16. Microsoft Warns New 'GigaWiper' Malware Combines Espionage and Destructive Capabilities

    A new multi-purpose backdoor allows cyber threat actors to conduct both quiet espionage activity and destructive wiping operations

  17. Anthropic and OpenAI Security Tools Could Fuel Cyber-Attacks, Researchers Warn

    Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could backfire

  18. New Ransomware Exploits Malicious Driver to Remove Cybersecurity Protections

    GodDamn ransomware uses remote desktop application to secretly move around networks and drop the malicious PoisonX kernel driver

  19. Microsoft Warns of Increase in Number of Security Updates

    Microsoft has said the volume of Windows security updates is set to grow as it uses AI to find new bugs

  20. NHS Warns Staff Over Unauthorized Access to Patient Data

    NHS tells staff they could face prison for “inappropriate” access to patients’ medical records

What’s Hot on Infosecurity Magazine?