Infosecurity News

  1. Hidden Text Salting Disrupts Brand Name Detection Systems

    A new phishing tactic has been identified by Cisco Talos, using hidden text salting to evade email security measures

  2. New Phishing Campaign Targets Mobile Devices with Malicious PDFs

    A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials

  3. SaaS Breaches Skyrocket 300% as Traditional Defenses Fall Short

    Obsidian found that threat actors are focusing on SaaS applications to steal sensitive data, with most organizations' security measures not set up to deal with these attacks

  4. CISOs Boost Crisis Simulation Budgets Amid High-Profile Cyber-Attacks

    74% of CISOs plan to increase their cyber crisis simulation budgets in 2025

  5. Subaru Bug Enabled Remote Vehicle Tracking and Hijacking

    A now-patched vulnerability could have enabled threat actors to remotely control Subaru cars

  6. Change Healthcare Breach Almost Doubles in Size to 190 Million Victims

    Change Healthcare has claimed 190 million customers were affected by a mega-breach last year

  7. AWS Announces £5m Grant for Cyber Education in the UK

    Amazon Web Services has launched its Cyber Education Grant Program in the UK

  8. Russian Scammers Target Crypto Influencers with Infostealers

    Crazy Evil, a group of crypto scammers, exploit NFTs and cryptocurrencies with malware targeting influencers and tech professionals

  9. North Korean IT Workers Holding Data Hostage for Extortion, FBI Warns

    A new FBI advisory warned that North Korean IT worker schemes have escalated their activities in recent months to include data extortion

  10. Ransomware Gangs Linked by Shared Code and Ransom Notes

    SentinelOne researchers highlighted similarities in the approaches used by the HellCat and Morpheus ransomware groups, suggesting shared infrastructure

  11. Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances

    Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment

  12. Bookmakers Ramp Up Efforts to Combat Arbitrage Betting Fraud

    Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams

  13. CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills

    Splunk reveals that 82% of CISOs now report directly to the CEO, but many lack EQ

  14. Cisco Fixes Critical Vulnerability in Meeting Management

    The network equipment giant urged customers to patch immediately

  15. New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing

    Cybercriminals are selling access to the malicious GenAI chatbot via Telegram, providing rapid assistance for a range of nefarious activities, according to Abnormal Security

  16. Trump Pardons Silk Road Founder Ulbricht

    President Trump has pardoned the founder of original dark web marketplace Silk Road

  17. PlushDaemon APT Targeted South Korean VPN Software

    PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign

  18. Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures

    Threat researchers analyzed the updated Tycoon 2FA phishing kit, which bypasses MFA

  19. 73% of UK Education Sector Hit by Cyber-Attacks in Past Five Years

    New ESET research reveals that 73% of UK educational institutions experienced at least one cyber-attack or breach in the past five years

  20. Ransomware Attacks Surge to Record High in December 2024

    NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded

Why not watch?

  1. Alert Fatigue: What Are You and Your Security Teams Missing?

  2. Dispelling the Myths of Defense-Grade Cybersecurity

  3. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

  4. Enhancing Software Supply Chain Management: A DORA-Focused Approach

What’s hot on Infosecurity Magazine?