Infosecurity News

  1. CISA Adds Critical RocketMQ Bug to Must-Patch List

    Apache flaw can enable remote command execution

  2. Apple Patches Two Zero-Days Exploited in Pegasus Attacks

    Users of iOS devices urged to enable lockdown mode

  3. API Vulnerabilities: 74% of Organizations Report Multiple Breaches

    The Traceable report is based on insights from 1629 cybersecurity experts across the US, UK and EU

  4. DGA Behavior Shifts Raise Cybersecurity Concerns

    Akamai found domain shifts of 50 days from expected dates, suggesting hacker-driven confusion

  5. Zero-Day Flaw Exposes Atlas VPN User IPs

    The exploit code, shared by a researcher on Reddit, demonstrates the issue

  6. UK and US Sanction 11 Russians Tied to Trickbot/Conti Ransomware

    These new sanctions follow a first wave in February 2023, where seven Russians involved with Trickbot and Conti were also sanctioned

  7. IBM Reports Patient Data Breach at Johnson & Johnson Subsidiary

    The attackers may have accessed sensitive patient information, such as health insurance and medication details

  8. Chinese Hacker Steals Microsoft Signing Key, Spies on US Government

    The threat actor used the stolen key to breach 25 organizations, including US government agencies

  9. Think Tank Urges Labour to Promote “Securonomics” Agenda

    Progressive Britain wants the party to borrow from US security strategy

  10. Hundreds of Scam Pages Uncovered in Major Investment Fraud Campaign

    Users are first targeted by Facebook adverts

  11. UK Government Backs Down on Anti-Encryption Stance

    Statement to Lords heralds delay to on-device message scanning

  12. MITRE and CISA Release OT Attack Emulation Tool

    The open source tool will enable cyber teams to consistently test and boost the defenses of ICS environments

  13. Russia-Backed APT28 Tried to Attack a Ukrainian Critical Power Facility

    The attack has been carried out using legitimate services and standard software functions, CERT-UA observed

  14. High-Severity Vulnerability Discovered in Popular CMS

    The unpatched bug in PHPFusion could result in the theft of sensitive data, Synopsys researchers warn

  15. UK Boards Are Growing Less Concerned About Cyber-Risk

    Their global peers feel the opposite, according to Proofpoint study

  16. Experts Uncover Underground Phishing “Empire” W3LL

    Secretive group targets specifically Microsoft 365 accounts

  17. Crypto Casino Stake.com Back Online After $40m Heist

    Hot wallets were compromised at firm

  18. Mend.io SAML Vulnerability Exposed

    SAML flaw in enabled rogue customers to access others’ SaaS data

  19. Airlines Battle Surge in Loyalty Program Fraud

    Group-IB said 2022 saw 30% more loyalty fraud, impacting 75+ airlines and involving 2000 malicious sources

  20. UK Electoral Commission Fails Cybersecurity Test Amid Data Breach

    Auditors cited outdated software and unsupported iPhones as key reasons for the failed test

Why not watch?

  1. Safeguarding Critical Supply Chain Data Through Effective Risk Assessment

  2. How to Implement Attack Surface Management in the AI and Cloud Age

  3. How to Update Your PAM Strategy to Protect Hybrid Cloud Infrastructures

  4. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

What’s hot on Infosecurity Magazine?