Infosecurity News

  1. Chinese APT Group Targets Telecom Firms Linked to Belt and Road Initiative

    CrowdStrike unveiled a new Chinese-aligned hacking group allegedly spying on telecom providers

  2. Apple Issues Emergency Security Update for Actively Exploited Vulnerabilities

    Apple has urged customers to download the security updates, which address vulnerabilities relating to the JavaScriptCore and WebKit frameworks

  3. OWASP Warns of Growing Data Exposure Risk from AI in New Top 10 List for LLMs

    OWASP has updated its Top 10 list of risks for LLMs and GenAI, upgrading several areas and introducing new categories

  4. Hackers Hijack Jupyter Servers for Sport Stream Ripping

    Aqua Security has observed threat actors using compromised Jupyter servers in a bid to illegally stream sporting events

  5. One Deepfake Digital Identity Attack Strikes Every Five Minutes

    Entrust claims deepfakes are driving a surge in digital identity fraud

  6. Cybercriminals Exploit Weekend Lull to Launch Ransomware Attacks

    Ransomware groups are targeting weekends and holidays to exploit understaffed security teams in order to get the best chance of a pay day

  7. CISA Chief Jen Easterly Set to Step Down on January 20

    Easterly and her Deputy Director Nitin Natarajan are expected to leave office before President-elect Trump names a new leadership

  8. T-Mobile Breached in Major Chinese Cyber-Attack on Telecoms

    T-Mobile was hit by Salt Typhoon, a Chinese cyber-espionage group targeting US and global telecom firms

  9. Helldown Ransomware Expands to Target VMware and Linux Systems

    Helldown ransomware has expanded its reach to target Linux and VMware systems, exploiting Zyxel firewall vulnerabilities and exfiltrating data

  10. Palo Alto Networks Patches Critical Firewall Vulnerability

    Palo Alto advised users to patch urgently as the vulnerability is critical and actively exploited in the wild

  11. Ransomware Gangs on Recruitment Drive for Pen Testers

    Ransomware groups are recruiting pen testers from the dark web to expand their operations, as revealed by Cato Network's Q3 2024 SASE Threat Report

  12. Suspected Phobos Ransomware Admin Extradited to US

    A Russian national suspected of involvement in Phobos ransomware has appeared in court in the US

  13. Companies Take Over Seven Months to Recover From Cyber Incidents

    Fastly claims global organizations are taking 25% longer than expected to recover from security incidents

  14. Swiss Cyber Agency Warns of QR Code Malware in Mail Scam

    Switzerland’s National Cyber Security Centre has warned of a new QR code scam in fake MeteoSwiss letters spreading Android malware

  15. ‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise

    Proofpoint researchers have observed the growing use of the ClickFix social engineering tactic, which lures people into running malicious content on their computer

  16. Fake Donald Trump Assassination Story Used in Phishing Scam

    A phishing email claims to be from the New York Times with a story about an assassination attempt against President-elect Donald Trump

  17. Surge in DocuSign Phishing Attacks Target US State Contractors

    Phishing attacks using DocuSign impersonations targeting state agencies have surged 98% since Nov 8

  18. North Korean IT Worker Network Tied to BeaverTail Phishing Campaign

    BeaverTail malware has been used to target tech job seekers through fake recruiters, Palo Alto Networks’ Unit 42 has found

  19. FTC Records 50% Drop in Nuisance Calls Since 2021

    The US Federal Trade Commission is celebrating a halving of unwanted telemarketing and scam calls since 2021

  20. UK Shoppers Lost £11.5m Last Christmas, NCSC Warns

    The UK’s National Cyber Security Centre is urging shoppers to stay safe this Christmas after revealing they lost £11.5m to fraudsters in 2023

What’s hot on Infosecurity Magazine?