Infosecurity News

  1. drIBAN Fraud Operations Target Corporate Banking Customers

    The web injects allow cyber-criminals to manipulate legitimate web pages' content in real time

  2. JumpCloud Confirms Data Breach By Nation-State Actor

    The attack vector was identified as data injection into the firm's commands framework

  3. Suspected Scareware Fraudster Arrested After Decade on the Run

    Ukrainian said to have caused victim losses of $70m

  4. WooCommerce Bug Exploited in Targeted WordPress Attacks

    Wordfence claims over 157,000 sites have been hit so far

  5. IT Security Pro Jailed for Attempted Extortion

    Hertfordshire man pleaded guilty in May

  6. BreachForums Admin Pleads Guilty to Hacking Charges

    The guilty plea also covered a separate count of possession of child pornography

  7. Ukraine's CERT-UA Exposes Gamaredon's Rapid Data Theft Methods

    The group utilize malware like GAMMASTEEL to rapidly exfiltrate files within 30-50 minutes

  8. Sorillus RAT and Phishing Attacks Exploit Google Firebase Hosting

    eSentire found the threat after detecting suspicious code in a manufacturing customer's network

  9. EU Urged to Prepare for Quantum Cyber-Attacks

    A discussion paper from the European Policy Centre sets out recommendations for an EU quantum cybersecurity agenda

  10. Russian Charged with Tech Smuggling and Money Laundering

    Man accused of aiding the Kremlin with dual-use tech

  11. Health Tech Vendor to Pay $31m After Kickback Allegations

    NextGen Healthcare was accused of violating False Claims Act

  12. Acting White House Cyber Director Withdraws Nomination

    Reports suggest personal debt behind Kemba Walden’s decision

  13. AI Tool WormGPT Enables Convincing Fake Emails For BEC Attacks

    Security expert Daniel Kelley worked with the SlashNext team on the research

  14. New Threat Actor Launches Cyber-attacks on Ukraine and Poland

    Cisco Talos said the malicious campaigns started in April 2022 and are currently ongoing

  15. LokiBot Malware Targets Windows Users in Office Document Attacks

    Fortinet suggests attackers are leveraging vulnerabilities like CVE-2021-40444 and CVE-2022-30190

  16. Chinese APT Favorite Backdoor Found in Pakistani Government App

    Trend Micro found a backdoor previously exploited by various Chinese threat actors in a popular application used by Pakistan’s government agencies

  17. NCSC Shares Alternatives to Using a SOC

    Security agency’s advice could help save time and money

  18. Ransomware Costs Financial Services $32bn in Five Years

    The figure accounts for losses due to downtime alone

  19. UK Financial Regulator Urges Banks to Tackle AI-Based Fraud

    Prime Minister wants UK to be a global center of AI regulation

  20. New CVSS Version Unveiled Amid Rising Cyber Threats

    FIRST has released details of version 4.0 of the standard, which aims to address criticisms of CVSS 3.1

Why not watch?

  1. Safeguarding Critical Supply Chain Data Through Effective Risk Assessment

  2. Mastering Emerging Regulations: DORA, NIS2 and AI Act Compliance

  3. Mainframe Security: Identifying Threats, Vulnerabilities and Risk Mitigation Strategies

  4. From Code to Chaos: How AI Is Weaponizing the Cyber Battlefield

What’s hot on Infosecurity Magazine?