Infosecurity News

  1. Tech Giants Reveal Record-Breaking “Rapid Reset” DDoS Bug

    Zero-day has been exploited to launch largest attacks ever seen

  2. IZ1H9 Botnet Targets IoT Devices With New Exploits

    FortiGuard Labs said the new campaign incorporates 13 distinct payloads

  3. Flagstar Bank MOVEit Breach Affects 800K Customer Records

    The incident occurred between May 27 and 31 2023, before MOVEit Transfer vulnerability was publicly disclosed

  4. #CyberMonth: Google Makes Passkeys Default Sign-In Option

    The tech giant said the move is designed to help efforts to make passwords obsolete

  5. Half of CISOs Now Report to CEO as Influence Grows

    Trend is more pronounced in Europe than America

  6. New Threat Actor “Grayling” Blamed For Espionage Campaign

    Symantec highlights distinctive DLL sideloading technique

  7. Magecart Hackers Hide in 404 Error Pages

    Akamai spots new digital skimming campaign

  8. MGM Resorts Reveals Over $100M in Costs After Ransomware Attack

    In an SEC 8-K filing published last Thursday, the company cited operational disruptions

  9. Google Bug Bounty Program Expands to Chrome V8, Google Cloud

    Google has launched capture the flag (CTF) competitions focused on Chrome’s V8 JavaScript engine and Google Cloud’s kernel-based virtual machine (KVM)

  10. DNA Tester 23andMe Hit By Credential Stuffing Campaign

    Threat actor offers to sell DNA profiles of ‘millions’

  11. Blackbaud Settles Ransomware Breach Case For $49.5m

    Thousands of non-profit customers were affected

  12. Social Dominates as Victims Take $2.7bn Fraud Hit

    Social media is number one channel for fraud, says FTC

  13. AWS to Mandate Multi-Factor Authentication from 2024

    Move is designed to mitigate risk of account takeover

  14. Qakbot Gang Still Active Despite FBI Takedown

    Cisco Talos found new evidence that Qakbot-affiliated actors were still distributing ransomware despite the August FBI takedown of the threat group

  15. CISA and NSA Publish Top 10 Misconfigurations

    Data was compiled from real-world read and blue team engagements

  16. Apple Issues Emergency Patches for More Zero-Day Bugs

    One is being exploited in the wild

  17. CISA and NSA Tackle IAM Security Challenges in New Report

    The document is authored by the Enduring Security Framework

  18. Critical Glibc Bug Puts Linux Distributions at Risk

    Qualys identified and exploited the vulnerability in Fedora 37/38, Ubuntu 22.04/23.04, Debian 12/13

  19. China Poised to Disrupt US Critical Infrastructure with Cyber-Attacks, Microsoft Warns

    Microsoft’s annual digital defense report found a rise in Chinese state-affiliated groups attempting to infiltrate sectors like medical infrastructure and telecommunication

  20. Record Numbers of Ransomware Victims Named on Leak Sites

    A new Secureworks report finds that 2023 is on course to be the biggest year on record for victim naming on ‘name and shame’ sites

Why not watch?

  1. Safeguarding Critical Supply Chain Data Through Effective Risk Assessment

  2. How to Tackle Rising Cloud Identity Attacks

  3. Cybersecurity Employment: Making Sense of Conflicting Messaging

  4. AI Agents and the Evolving Landscape of Digital Identity

What’s hot on Infosecurity Magazine?