Sites

The BianLian ransomware group has shifted exclusively to exfiltration-based extortion and is deploying multiple new TTPs for initial access and persistence

#cisa #infosec #Ransomware #cybersecurity

15h ago

From infosecurity-magazine.com

Gatwick Airport's Cybersecurity Chief on Supply Chain Risks

1 1

Gatwick Airport’s Head of Cyber Security, Megan Poortman, discusses supply chain challenges and dealing with the CrowdStrike IT outage in July 2024

#infosec #crowdstrike #cybersecurity

16h ago

From infosecurity-magazine.com

A Fifth of UK Enterprises “Not Sure” If NIS2 Applies

1 1

Over a fifth of large UK businesses aren’t sure of their compliance responsibilities under the new NIS2 directive

19h ago

From infosecurity-magazine.com

Five Charged in Scattered Spider Case

1 1

Five men have been indicted in connection with crimes committed by the Scattered Spider group

20h ago

From infosecurity-magazine.com

FTC Records 50% Drop in Nuisance Calls Since 2021

1 2

The US Federal Trade Commission is celebrating a halving of unwanted telemarketing and scam calls since 2021

on Mon, 11AM

From infosecurity-magazine.com

API Security in Peril as 83% of Firms Suffer Incidents

1 1

Over 80% of UK organizations suffered an API security incident in the past year, with each costing over £400,000

on Nov 14

From infosecurity-magazine.com

AI Threat to Escalate in 2025, Google Cloud Warns

1 1

2025 could see our biggest AI fears materialize, according to a Google Cloud forecast report

on Nov 13

From infosecurity-magazine.com

Five Privilege Escalation Flaws Found in Ubuntu needrestart

0 1

Five LPE flaws in Ubuntu’s needrestart utility enable attackers to gain root access in versions prior to 3.8

on Wed, 7PM

From infosecurity-magazine.com

60% of Emails with QR Codes Classified as Spam or Malicious

0 1

60% of QR code emails are spam according findings from Cisco Talos, who also identified attackers using QR code art to bypass security filters

on Wed, 5PM

From infosecurity-magazine.com

Chinese APT Group Targets Telecom Firms Linked to BRI

0 1

CrowdStrike unveiled a new Chinese-aligned hacking group allegedly spying on telecom providers

on Wed, 2PM

From infosecurity-magazine.com

Apple Issues Emergency Security Update for Actively Exploited Flaws

0 3

Apple has urged customers to download the security updates, which address vulnerabilities relating to the JavaScriptCore and WebKit frameworks

on Wed, 12PM

From infosecurity-magazine.com

OWASP Warns of Growing Data Exposure Risk from AI in New Top 10 List

0 2

OWASP has updated its Top 10 list of risks for LLMs and GenAI, upgrading several areas and introducing new categories

on Wed, 12PM

From infosecurity-magazine.com

Hackers Hijack Jupyter Servers for Sport Stream Ripping

0 3

Aqua Security has observed threat actors using compromised Jupyter servers in a bid to illegally stream sporting events

on Wed, 11AM

From infosecurity-magazine.com

One Deepfake Digital Identity Attack Hits Every Five Minutes

0 2

Entrust claims deepfakes are driving a surge in digital identity fraud

on Wed, 10AM

From infosecurity-magazine.com

Cybercriminals Exploit Weekend Lull to Launch Ransomware Attacks

0 2

Ransomware groups are targeting weekends and holidays to exploit understaffed security teams in order to get the best chance of a pay day

on Wed, 10AM

From infosecurity-magazine.com

CISOs Turn to Indemnity Insurance as Breach Pressure Mounts

0 1

Panaseer claims 72% of security leaders are taking out personal indemnity insurance as board scrutiny increases

on Wed, 9AM

From infosecurity-magazine.com

Helldown Ransomware Expands to Target VMware and Linux Systems

0 1

Helldown ransomware has expanded its reach to target Linux and VMware systems, exploiting Zyxel firewall vulnerabilities and exfiltrating data

on Tue, 6PM

From infosecurity-magazine.com

Palo Alto Networks Patches Critical Firewall Vulnerability

0 1

Palo Alto advised users to patch urgently as the vulnerability is critical and actively exploited in the wild

on Tue, 5PM

From infosecurity-magazine.com

Ransomware Gangs on Recruitment Drive for Pen Testers

0 2

Ransomware groups are recruiting pen testers from the dark web to expand their operations, as revealed by Cato Network's Q3 2024 SASE Threat Report

on Tue, 3PM

From infosecurity-magazine.com

Suspected Phobos Ransomware Admin Extradited to US

0 1

A Russian national suspected of involvement in Phobos ransomware has appeared in court in the US

on Tue, 11AM

From infosecurity-magazine.com

Companies Take Over Seven Months to Recover From Cyber Incidents

0 2

Fastly claims global organizations are taking 25% longer than expected to recover from security incidents

on Tue, 11AM

From infosecurity-magazine.com

Swiss Cyber Agency Warns of QR Code Malware in Mail Scam

0 1

Switzerland’s National Cyber Security Centre has warned of a new QR code scam in fake MeteoSwiss letters spreading Android malware

on Mon, 6PM

From infosecurity-magazine.com

‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise

0 2

Proofpoint researchers have observed the growing use of the ClickFix social engineering tactic, which lures people into running malicious content on their computer

on Mon, 6PM

From infosecurity-magazine.com

Fake Donald Trump Assassination Story Used in Phishing Scam

0 2

A phishing email claims to be from the New York Times with a story about an assassination attempt against President-elect Donald Trump

on Mon, 4PM

From infosecurity-magazine.com

Surge in DocuSign Phishing Attacks Target US State Contractors

0 3

Phishing attacks using DocuSign impersonations targeting state agencies have surged 98% since Nov 8

on Mon, 2PM

From infosecurity-magazine.com

North Korean IT Worker Network Tied to BeaverTail Phishing Campaign

0 2

BeaverTail malware has been used to target tech job seekers through fake recruiters, Palo Alto Networks’ Unit 42 has found

on Mon, 1PM

From infosecurity-magazine.com

NCSC Warns UK Shoppers Lost £11.5m Last Christmas

0 1

The UK’s National Cyber Security Centre is urging shoppers to stay safe this Christmas after revealing they lost £11.5m to fraudsters in 2023

on Mon, 10AM

From infosecurity-magazine.com

Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Act

0 3

The security provider has elevated its warning about a vulnerability affecting firewall management interfaces after observing active exploitation

on Fri, 5PM

From infosecurity-magazine.com

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist

0 2

Ilya Lichtenstein hacked into the cryptocurrency exchange in 2016 and stole around 120,000 bitcoins

on Fri, 3PM

From infosecurity-magazine.com

Ransomware Groups Use Cloud Services For Data Exfiltration

0 4

SentinelOne described some of ransomware groups’ favorite techniques for targeting cloud services

on Fri, 2PM

From infosecurity-magazine.com

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

0 2

The new vulnerability was named “FortiJump Higher” due to its similarity with the “FortiJump” vulnerability discovered in October

on Fri, 1PM

From infosecurity-magazine.com

O2’s AI Granny Outsmarts Scam Callers with Knitting Tales

0 2

O2 has deployed an AI-powered

on Fri, 10AM

From infosecurity-magazine.com

Sitting Ducks DNS Attacks Put Global Domains at Risk

0 1

Over 1 million domains are vulnerable to “Sitting Ducks” attack, which exploits DNS misconfigurations

on Nov 14

From infosecurity-magazine.com

Microsoft Power Pages Misconfiguration Leads to Data Exposure

0 0

Misconfigurations in Microsoft Power Pages granting excessive access permissions expose sensitive data, risking PII to unauthorized users

on Nov 14

From infosecurity-magazine.com

Bank of England U-turns on Vulnerability Disclosure Rules

0 1

The UK’s financial regulators have discarded plans to force critical suppliers to disclose new vulnerabilities

on Nov 14

From infosecurity-magazine.com

Microsoft Fixes Four More Zero-Days in November Patch Tuesday

0 0

Microsoft has addressed four zero-day vulnerabilities this month, two of which have been exploited

on Nov 13

From infosecurity-magazine.com

Hive0145 Targets Europe with Advanced Strela Stealer Campaigns

0 0

Hive0145 is targeting Spain, Germany, Ukraine with Strela Stealer malware in invoice phishing tactic

on Nov 13

From infosecurity-magazine.com

Lazarus Group Uses Extended Attributes for Code Smuggling in macOS

0 1

Lazarus APT has been found smuggling malware onto macOS devices using custom extended attributes, evading detection

on Nov 13

From infosecurity-magazine.com

Amazon MOVEit Leaker Claims to Be Ethical Hacker

0 0

An individual who posted data allegedly stolen via MOVEit from Amazon and other big-name firms claims not to be malicious

on Nov 13

From infosecurity-magazine.com

TA455’s Iranian Dream Job Campaign Targets Aerospace with Malware

0 0

The TA455 phishing campaign used fake job offers on LinkedIn to deploy malware

on Nov 12

From infosecurity-magazine.com

Energy Giant Halliburton Reveals $35m Ransomware Loss

0 0

Halliburton has reported a $35m loss associated with an August ransomware breach

on Nov 12

From infosecurity-magazine.com

New Remcos RAT Variant Targets Windows Users Via Phishing

0 0

The new Remcos RAT variant identified in a new phishing campaign exploits CVE-2017-0199 via malicious Excel files

on Nov 11

From infosecurity-magazine.com

WEF Launches New Framework to Combat Cybercrime

0 0

The World Economic Forum has shared recommendations on how to build on the success of existing partnerships to accelerate the disruption of cybercriminal activities

on Nov 11

From infosecurity-magazine.com

Microsoft Visio Files Used in Sophisticated Phishing Attacks

0 0

Researchers have uncovered a surge in phishing attacks using Visio .vsdx files to evade security scans

on Nov 11

From infosecurity-magazine.com

EU Ramps Up Cyber Resilience with Major Crisis Simulation Exercise

0 1

This year’s Blue OLEx cyber-attack drill was hosted in Italy and benefited from the new EU-CyCLONe for the first time

on Nov 11

From infosecurity-magazine.com

Pensioners Warned Over Winter Fuel Payment Scam Texts

0 0

The UK Regional Organised Crime Unit (ROCU) Network has urged the elderly to be on the lookout for scam texts offering a winter fuel subsidy

on Nov 11