Infosecurity News

  1. Cyber-Attacks Surge 63% Annually in Education Sector

    Quorum Cyber report finds higher and further education institutions experienced 63% increase in attacks over a year

  2. Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents

    Forcepoint has found 10 new indirect prompt injection attacks targeting AI agents

  3. NCSC Backs Passkeys, Hailing a New Era of Sign-in

    The UK’s NCSC has fully backed passkeys as consumers’ first choice for login, citing progress with FIDO and successful use across the NHS

  4. MacOS Native Tools Enable Stealthy Enterprise Attacks

    macOS LOTL techniques bypass detection using native tools and metadata abuse

  5. NCSC Unveils SilentGlass, a Plug-In Device to Protect Monitors from Cyber-Attacks

    The UK’s cybersecurity agency said the devices will be available for purchase by organizations around the world

  6. UK Commits £90m for Cybersecurity and Pushes for ‘Resilience Pledge’

    UK unveils £90m cybersecurity funding at CYBERUK to boost SME resilience, promote Cyber Essentials and a new Cyber Resilience Pledge, sparking industry debate

  7. Surge in Silent Subject Phishing Attacks Targets VIP Users

    Null subject phishing campaigns bypass filters and target VIPs with QR code and RMM abuse

  8. Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang

    A former ransomware negotiator has pleaded guilty to abusing his position by working with noted cybercrime group BlackCat

  9. Researchers Uncover ProxySmart Software Powering 90+ SIM Farms

    Infrawatch says ProxySmart platform enables SIM farm activity at “industrial scale”

  10. UK Faces a Cyber ‘Perfect Storm’ Driven by Tech Advances and Nation State Threats, NCSC Warns

    The convergence of global tensions and rapid technological change is driving a new era of cyber risk, the NCSC warns

  11. Trojanized Android App Fuels New Wave of NFC Fraud

    NGate malware abuses HandyPay app to steal NFC card data and PINs in Brazil

  12. The Gentlemen Ransomware Expands With Rapid Affiliate Growth

    Gentlemen RaaS expands quickly with multi-platform attacks and SystemBC-linked infections

  13. Unchecked AI Agents Cause Cybersecurity Incidents at Two Thirds of Firms

    Data exposure, operational disruption and financial losses among issues faced by businesses struggling with the rapid rise of AI agents, warns Cloud Security Alliance report

  14. Vercel Confirms Cyber Incident After Sophisticated Attacker Exploits Third‑Party Tool

    Cloud app developer Vercel appears to have suffered a security breach

  15. North Korea Blamed for $290m KelpDAO Crypto Heist

    North Korea’s Lazarus Group is pegged for a $290m crypto theft at KelpDAO

  16. ZionSiphon Malware Targets Water Infrastructure Systems

    ZionSiphon malware targets OT water systems with sabotage and ICS scanning capabilities

  17. Formbook Malware Campaign Uses Multiple Obfuscation Techniques to Avoid Detection

    Formbook attacks use combination of DLL Side-Loading and Obfuscated JavaScript to stay hidden, researchers at WatchGuard have uncovered

  18. Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

    FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices

  19. NCSC Outlines Coordinated Plan to Boost NHS Cyber Resilience

    The National Cyber Security Centre has shared an update of its resilience-building efforts for the NHS

  20. Crypto Exchange Grinex Blames Western Spies for $13m Theft

    Russian crypto-exchange Grinex claims Western intelligence agencies were behind a $13m heist

Why Not Watch?

  1. How to Harness Advanced Intelligence Capabilities to Strengthen Cyber Defence

  2. How Trusted Time Strengthens Network Security

  3. Securing M365 Data and Identity Systems Against Modern Adversaries

  4. How to Recover From a Cyber-Attack: A Step-by-Step Playbook

What’s Hot on Infosecurity Magazine?