Infosecurity News

  1. Sorillus RAT and Phishing Attacks Exploit Google Firebase Hosting

    eSentire found the threat after detecting suspicious code in a manufacturing customer's network

  2. EU Urged to Prepare for Quantum Cyber-Attacks

    A discussion paper from the European Policy Centre sets out recommendations for an EU quantum cybersecurity agenda

  3. Russian Charged with Tech Smuggling and Money Laundering

    Man accused of aiding the Kremlin with dual-use tech

  4. Health Tech Vendor to Pay $31m After Kickback Allegations

    NextGen Healthcare was accused of violating False Claims Act

  5. Acting White House Cyber Director Withdraws Nomination

    Reports suggest personal debt behind Kemba Walden’s decision

  6. AI Tool WormGPT Enables Convincing Fake Emails For BEC Attacks

    Security expert Daniel Kelley worked with the SlashNext team on the research

  7. New Threat Actor Launches Cyber-attacks on Ukraine and Poland

    Cisco Talos said the malicious campaigns started in April 2022 and are currently ongoing

  8. LokiBot Malware Targets Windows Users in Office Document Attacks

    Fortinet suggests attackers are leveraging vulnerabilities like CVE-2021-40444 and CVE-2022-30190

  9. Chinese APT Favorite Backdoor Found in Pakistani Government App

    Trend Micro found a backdoor previously exploited by various Chinese threat actors in a popular application used by Pakistan’s government agencies

  10. NCSC Shares Alternatives to Using a SOC

    Security agency’s advice could help save time and money

  11. Ransomware Costs Financial Services $32bn in Five Years

    The figure accounts for losses due to downtime alone

  12. UK Financial Regulator Urges Banks to Tackle AI-Based Fraud

    Prime Minister wants UK to be a global center of AI regulation

  13. New CVSS Version Unveiled Amid Rising Cyber Threats

    FIRST has released details of version 4.0 of the standard, which aims to address criticisms of CVSS 3.1

  14. Mandiant Unveils Russian GRU's Cyber Playbook Against Ukraine

    Mandiant has observed that the same playbook has been used by various Russian threat actors since the breakout of war in Ukraine, making them likely to be part of a GRU-led deliberate strategy

  15. White House Publishes Plan to Implement US National Cybersecurity Strategy

    The plan details over 65 federal initiatives, each of which is assigned to a responsible agency

  16. US on Track For Record Number of Data Breaches

    Latest quarterly figures show compromises at an all-time high

  17. Fewer Than 100 Scammers Responsible For Global Email Extortion

    Barracuda research lifts the lid on widespread threat activity

  18. Chinese Threat Group Compromises US Government

    Threat actors forged authentication tokens to access email

  19. Diplomats in Ukraine Targeted by “Staggering” BMW Phishing Campaign

    Unit 42 researchers believe a Russian threat group repurposed a legitimate flyer for a BMW car sent to embassies in Kyiv, Ukraine

  20. Ethical Hackers Reveal How They Use Generative AI

    Bugcrowd’s report finds that many ethical hackers are utilizing generative AI in their work, but 72% argue it will never replace human creativity

Why not watch?

  1. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

  2. How to Update Your PAM Strategy to Protect Hybrid Cloud Infrastructures

  3. Cyber Resilience in the AI Era: New Challenges and Opportunities

  4. Enhancing Software Supply Chain Management: A DORA-Focused Approach

What’s hot on Infosecurity Magazine?