Infosecurity News
Researchers Warn of Security Gaps in AI Browsers
A new report from SquareX Labs highlights security weaknesses in AI browsers like Comet, revealing new cyber-risks
ClayRat Spyware Campaign Targets Android Users in Russia
A new ClayRat spyware campaign has been observed targeting Russian users via fake apps on Telegram and exfiltrating data
All SonicWall Cloud Backup Users Have Firewall Configuration Files Stolen
SonicWall said that a threat actor has accessed files containing encrypted credentials and configuration data for all customers who have used its cloud backup service
ICO’s £7.5m Clearview AI Fine a Step Closer After Legal Victory
The ICO has won an Upper Tribunal appeal against Clearview AI over its ability to fine the company
NCSC: Observability and Threat Hunting Must Improve
The UK’s National Cyber Security Centre has released new guidance to help firms improve observability and threat hunting
High Number of Windows 10 Users Remain as End-of-Life Looms
A new report from TeamViewer found that 40% of global endpoints still run Windows 10, just days before security updates and support ends for the operating system
Nezha Tool Used in New Cyber Campaign Targeting Web Applications
A cyber campaign using Nezha has been identified, targeting vulnerable web apps with PHP web shells and Ghost RAT
Digital Fraud Costs Companies Worldwide 7.7% of Annual Revenue
According to TransUnion, digital fraud has cost companies $534bn in losses globally with US business hit hardest
Cyber-Attack Contributes to Huge Sales Drop at JLR
Jaguar Land Rover has reported a 25% drop in volume sales in the three months up to September 30, largely due to the impact of the ongoing cyber incident
Bybit Theft Drives Record-Breaking $2bn Haul for North Korea
North Korean hackers have stolen over $2bn in cryptocurrency already this year, says Elliptic
Met Police Arrest Two Teens in Connection with Kido Attack
Two 17-year-olds have been arrested following a cyber-attack on the Kido nursery group
Qilin Ransomware Gang Claims Asahi Cyber-Attack
The Qilin group claims to have stolen sensitive personal and proprietary data from the Brewer
Critical Flaw Exposes 60,000 Redis Servers to Remote Exploitation
A critical Redis flaw, dubbed “RediShell,” has exposed 60,000 unprotected servers to exploitation
Qilin Claims Ransomware Attack on Mecklenburg Schools
The Qilin ransomware gang has claimed attacks at Mecklenburg County Public Schools, stealing financial records and childrens’ medical files
Discord Reveals Data Breach Following Third-Party Compromise
Discord said a third-party customer services provider was compromised to access user data, with the attackers aiming to extort a financial ransom
NCSC: Patch Critical Oracle EBS Bug Now
A critical Oracle E-Business Suite vulnerability is being actively exploited by the Clop ransomware group
Microsoft: Critical GoAnywhere Bug Exploited in Medusa Ransomware Campaign
A critical GoAnywhere vulnerability is being exploited by the Medusa ransomware group, says Microsoft
Europol Calls for Stronger Data Laws to Combat Cybercrime
Europol’s Cybercrime Conference has warned that cybercriminals are exploiting new technologies faster than law enforcement can adapt
Ransomware Group “Trinity of Chaos” Launches Data Leak Site
A new TOR data leak site published by the Trinity of Chaos ransomware group unveils 39 firms’ data and threatens Salesforce litigation
Scanning of Palo Alto Portals Surges 500%
Experts warn that threat actors may be gearing up for compromise after large uptick in scans of Palo Alto Network portals