Infosecurity News

  1. Evil Telegram Mods Removed From Google Play

    Researchers warn of spyware hidden in legitimate-looking apps

  2. China Unleashes AI-Powered Image Generation For Influence Operations

    The findings come from a new report released by Microsoft Threat Analysis Center on Thursday

  3. Cyber-criminals Exploit GPUs in Graphic Design Software

    Cisco Talos reported that the campaign has been active since at least November 2021

  4. Google TAG Exposes North Korean Campaign Targeting Researchers

    The team has discovered the exploitation of at least one zero-day flaw in the last few weeks

  5. Russian Man Handed Nine-Year Sentence for Hacking Scheme

    Vladislav Klyushin hacked into US filing agents to discover non-public information about hundreds of companies on the US stock exchange

  6. Regulator to Investigate Fertility App Security Concerns

    ICO reveals over half of women are worried about their data

  7. CISA Adds Critical RocketMQ Bug to Must-Patch List

    Apache flaw can enable remote command execution

  8. Apple Patches Two Zero-Days Exploited in Pegasus Attacks

    Users of iOS devices urged to enable lockdown mode

  9. API Vulnerabilities: 74% of Organizations Report Multiple Breaches

    The Traceable report is based on insights from 1629 cybersecurity experts across the US, UK and EU

  10. DGA Behavior Shifts Raise Cybersecurity Concerns

    Akamai found domain shifts of 50 days from expected dates, suggesting hacker-driven confusion

  11. Zero-Day Flaw Exposes Atlas VPN User IPs

    The exploit code, shared by a researcher on Reddit, demonstrates the issue

  12. UK and US Sanction 11 Russians Tied to Trickbot/Conti Ransomware

    These new sanctions follow a first wave in February 2023, where seven Russians involved with Trickbot and Conti were also sanctioned

  13. IBM Reports Patient Data Breach at Johnson & Johnson Subsidiary

    The attackers may have accessed sensitive patient information, such as health insurance and medication details

  14. Chinese Hacker Steals Microsoft Signing Key, Spies on US Government

    The threat actor used the stolen key to breach 25 organizations, including US government agencies

  15. Think Tank Urges Labour to Promote “Securonomics” Agenda

    Progressive Britain wants the party to borrow from US security strategy

  16. Hundreds of Scam Pages Uncovered in Major Investment Fraud Campaign

    Users are first targeted by Facebook adverts

  17. UK Government Backs Down on Anti-Encryption Stance

    Statement to Lords heralds delay to on-device message scanning

  18. MITRE and CISA Release OT Attack Emulation Tool

    The open source tool will enable cyber teams to consistently test and boost the defenses of ICS environments

  19. Russia-Backed APT28 Tried to Attack a Ukrainian Critical Power Facility

    The attack has been carried out using legitimate services and standard software functions, CERT-UA observed

  20. High-Severity Vulnerability Discovered in Popular CMS

    The unpatched bug in PHPFusion could result in the theft of sensitive data, Synopsys researchers warn

Why not watch?

  1. The Threat Intelligence Imperative: Transforming Risk into Cyber Resilience

  2. Safeguarding Critical Supply Chain Data Through Effective Risk Assessment

  3. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

  4. Cyber Resilience in the AI Era: New Challenges and Opportunities

What’s hot on Infosecurity Magazine?