Infosecurity News

  1. Modular "AlienFox" Toolkit Used to Steal Cloud Service Credentials

    Harvesting API keys and secrets from AWS SES, Microsoft Office 365 and other services

  2. New Azure Flaw "Super FabriXss" Enables Remote Code Execution Attacks

    The cross-site scripting flaw affects SFX version 9.1.1436.9590 or earlier and has a CVSS of 8.2

  3. UK Regulator: HIV Data Protection Must Improve

    ICO issues call after reprimanding NHS Highland

  4. GCHQ Updates Security Guidance for Boards

    Agency wants business leaders to get serious about cyber

  5. Ukrainian Police Bust Multimillion-Dollar Phishing Gang

    More than 100 sites created to lure European victims

  6. North Korean Hackers Use Trojanized 3CX DesktopApp in Supply Chain Attacks

    Windows and Mac versions of the software were compromised to deliver infostealers

  7. Over 70% of Employees Keep Work Passwords on Personal Devices

    95% of security leaders are also concerned about phishing attacks via private messaging apps

  8. FDA Protects Medical Devices Against Cyber-Threats With New Measures

    New medical devices applications should "monitor, identify, and address" cybersecurity issues

  9. Volume of HTTPS Phishing Sites Surges 56% Annually

    Scammers are increasingly trying to legitimize their efforts

  10. NCA Celebrates Multimillion-Pound Fraud Takedowns

    Agency says it has seized hundreds of assets in month-long operation

  11. Thieves Steal $9m from Crypto Liquidity Pool

    SafeMoon claims exploited vulnerability was to blame

  12. Google Warns Against Commercial Spyware Exploiting Zero-Days

    Spyware vendors facilitated the spread of malware by government-backed threat actors

  13. Clop Ransomware Group Exploits GoAnywhere MFT Flaw

    The vulnerability has a CVSS score of 7.2 and was exploited against several companies in the US

  14. Attacks Targeting APIs Increased By 400% in Last Six Months

    The new Salt Security report found that 80% of attacks happened over authenticated APIs

  15. ChatGPT Vulnerability May Have Exposed Users’ Payment Information

    The breach was caused by a bug in an open-source library

  16. Tech Industry Bids to Tackle Cyber-Mercenary Epidemic

    New principles designed to disrupt and limit a rapidly growing market

  17. Just 1% of Cloud Permissions Are Actively Used

    Microsoft warns of "permissions gap" security threat

  18. Experts Warn of Self-Funding North Korean Group APT43

    Mandiant says unit is focused on espionage and crypto theft

  19. Clipboard-Injector Attacks Target Cryptocurrency Users

    The malware campaign relying on this technique was observed abusing Tor Browser installers

  20. Apple Releases Security Patches For Older iPhone and iPad Models

    The vulnerability refers to a type confusion bug in the WebKit browser engine

Why not watch?

  1. Dispelling the Myths of Defense-Grade Cybersecurity

  2. Identifying Concentration Risk and Securing the Supply Chain

  3. How to Manage Your Risks and Protect Your Financial Data

  4. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

What’s hot on Infosecurity Magazine?