Infosecurity News

  1. TA455’s Iranian Dream Job Campaign Targets Aerospace with Malware

    The TA455 phishing campaign used fake job offers on LinkedIn to deploy malware

  2. Phishing Tool GoIssue Targets Developers on GitHub

    New phishing tool GoIssue targets GitHub, enabling mass phishing, and has been linked to the GitLoker extortion campaign

  3. CISOs Turn to Indemnity Insurance as Breach Pressure Mounts

    Panaseer claims 72% of security leaders are taking out personal indemnity insurance as board scrutiny increases

  4. New Citrix Zero-Day Vulnerability Allows Remote Code Execution

    watchTowr has found a flaw in Citrix’s Session Recording Manager that can be exploited to enable unauthenticated RCE against Citrix Virtual Apps and Desktops

  5. North Korea Hackers Leverage Flutter to Deliver macOS Malware

    Jamf observed North Korean attackers embedding malware within Flutter applications to target macOS devices, potentially to test a new way of weaponizing malware

  6. Energy Giant Halliburton Reveals $35m Ransomware Loss

    Halliburton has reported a $35m loss associated with an August ransomware breach

  7. WEF Introduces Framework to Strengthen Anti-Cybercrime Partnerships

    The World Economic Forum has shared recommendations on how to build on the success of existing partnerships to accelerate the disruption of cybercriminal activities

  8. New Remcos RAT Variant Targets Windows Users Via Phishing

    The new Remcos RAT variant identified in a new phishing campaign exploits CVE-2017-0199 via malicious Excel files

  9. Microsoft Visio Files Used in Sophisticated Phishing Attacks

    Researchers have uncovered a surge in phishing attacks using Visio .vsdx files to evade security scans

  10. EU Ramps Up Cyber Resilience with Major Crisis Simulation Exercise

    This year’s Blue OLEx cyber-attack drill was hosted in Italy and benefited from the new EU-CyCLONe for the first time

  11. Pensioners Warned Over Winter Fuel Payment Scam Texts

    The UK Regional Organised Crime Unit (ROCU) Network has urged the elderly to be on the lookout for scam texts offering a winter fuel subsidy

  12. Man Gets 12.5 Years for Running Bitcoin Fog Crypto Mixer

    Swedish-Russian national Roman Sterlingov has been jailed for 12 years and six months for operating notorious cryptocurrency mixer Bitcoin Fog

  13. Pro-Russian Hacktivists Target South Korea as North Korea Joins Ukraine War

    South Korea warned that pro-Russian groups have attacked government and private sector websites following the deployment of North Korean soldiers in Ukraine

  14. Major Oilfield Supplier Hit by Ransomware Attack

    International energy solution provider Newpark Resources has confirmed it was hit by a ransomware attack that disrupted critical systems

  15. North Korean Actor Deploys Novel Malware Campaign Against Crypto Firms

    SentinelLabs observed the North Korean group BlueNoroff targeting crypto firms via a multi-stage malware campaign which utilizes a novel persistence mechanism

  16. Androxgh0st Botnet Adopts Mozi Payloads, Expands IoT Reach

    Androxgh0st botnet has expanded, integrating Mozi IoT payloads and targeting web server vulnerabilities

  17. Interlock Ransomware Targets US Healthcare, IT and Government Sectors

    Interlock employs both “big-game hunting” and double extortion tactics against its victims

  18. UK Regulator Urges Stronger Data Protection in AI Recruitment Tools

    An ICO audit of AI recruitment tools found numerous data privacy issues that may lead to jobseekers being discriminated against and privacy compromised

  19. Canada Orders Shutdown of Local TikTok Branch Over Security Concerns

    TikTok Technology Canada, Inc, the subsidiary of Chinese group ByteDance, will have to cease its operations in Canada

  20. NCSC Publishes Tips to Tackle Malvertising Threat

    The UK’s National Cyber Security Centre has released malvertising guidance for brands and their ad partners

What’s hot on Infosecurity Magazine?