Infosecurity News

  1. Turkey-Aligned Hackers Targeted Iraq-Based Kurds with Zero-Day Exploit

    Marbled Dust has been exploiting a vulnerability in user accounts associated with the Kurdish military operating in Iraq for over a year, according to Microsoft

  2. DPRK-Backed TA406 Targets Ukraine With Malware Campaigns

    Cyber espionage campaign linked to North Korean actor TA406 targeted Ukrainian government entities

  3. CISA Shifts Alert Distribution Strategy to Email, Social Media

    CISA won't post standard cybersecurity updates on its website, shifting to email and social media

  4. European Vulnerability Database Launches Amid US CVE Chaos

    ENISA has officially launched the European Vulnerability Database as required by the NIS2 directive

  5. M&S Confirms Customer Data Stolen in Cyber-Attack

    M&S Chief Executive, Stuart Machin, said that the firm has written to customers to inform them that some personal information was accessed by threat actors

  6. UK Considers New Enterprise IoT Security Law

    The UK government wants to hear feedback on a possible new standard or legislation to improve enterprise IoT security

  7. Hacktivist Attacks on India Overstated Amid APT36 Espionage Threat

    Hacktivist claims on Indian infrastructure raised alarms, but investigations showed minimal damage

  8. Criminal Proxy Network Infects Thousands of IoT Devices

    The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet

  9. #Infosec2025: Experts to Shine Light on Vendor Supply Chain Resilience Against Third-Party Risks

    During Infosecurity Europe 2025 experts will explore how to strengthen organizational resilience against persistent third-party risks

  10. EU Launches Free Entry-Level Cyber Training Program

    She@Cyber training program is focused on improving the representation of women and other underrepresented groups in the cybersecurity industry

  11. FreeDrain Phishing Scam Drains Crypto Hobbyists' Wallets

    A global cryptocurrency phishing operation likely based in India or Sri Lanka has been stealing digital assets since at least 2022

  12. Japanese Account Hijackers Make $2bn+ of Illegal Trades

    Hackers have compromised Japanese trading accounts in an apparent attempt to manipulate the stock market

  13. German Police Shutter “eXch” Money Laundering Service

    Germany’s BKA has seized the infrastructure behind the crypto swapping service eXch

  14. Google Deploys On-Device AI to Thwart Scams on Chrome and Android

    The tech giant plans to leverage its Gemini Nano LLM on-device to enhance scam detection on Chrome

  15. UN Launches New Cyber-Attack Assessment Framework

    The UNIDR Intrusion Path is designed to provide a simplified view of cyber-threats and security across the network perimeter

  16. FBI Sounds Alarm on Rogue Cybercrime Services Targeting Obsolete Routers

    The FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services

  17. PowerSchool Admits Ransom Payment Amid Fresh Extortion Demands

    PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted

  18. US Federal Agencies Alert on “Unsophisticated” OT Cyber-Threats

    Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action

  19. Russian Group Launches LOSTKEYS Malware in Attacks

    New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks

  20. LockBit Ransomware Hacked, Insider Secrets Exposed

    The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions

What’s hot on Infosecurity Magazine?