Infosecurity News
drIBAN Fraud Operations Target Corporate Banking Customers
The web injects allow cyber-criminals to manipulate legitimate web pages' content in real time
JumpCloud Confirms Data Breach By Nation-State Actor
The attack vector was identified as data injection into the firm's commands framework
Suspected Scareware Fraudster Arrested After Decade on the Run
Ukrainian said to have caused victim losses of $70m
WooCommerce Bug Exploited in Targeted WordPress Attacks
Wordfence claims over 157,000 sites have been hit so far
IT Security Pro Jailed for Attempted Extortion
Hertfordshire man pleaded guilty in May
BreachForums Admin Pleads Guilty to Hacking Charges
The guilty plea also covered a separate count of possession of child pornography
Ukraine's CERT-UA Exposes Gamaredon's Rapid Data Theft Methods
The group utilize malware like GAMMASTEEL to rapidly exfiltrate files within 30-50 minutes
Sorillus RAT and Phishing Attacks Exploit Google Firebase Hosting
eSentire found the threat after detecting suspicious code in a manufacturing customer's network
EU Urged to Prepare for Quantum Cyber-Attacks
A discussion paper from the European Policy Centre sets out recommendations for an EU quantum cybersecurity agenda
Russian Charged with Tech Smuggling and Money Laundering
Man accused of aiding the Kremlin with dual-use tech
Health Tech Vendor to Pay $31m After Kickback Allegations
NextGen Healthcare was accused of violating False Claims Act
Acting White House Cyber Director Withdraws Nomination
Reports suggest personal debt behind Kemba Walden’s decision
AI Tool WormGPT Enables Convincing Fake Emails For BEC Attacks
Security expert Daniel Kelley worked with the SlashNext team on the research
New Threat Actor Launches Cyber-attacks on Ukraine and Poland
Cisco Talos said the malicious campaigns started in April 2022 and are currently ongoing
LokiBot Malware Targets Windows Users in Office Document Attacks
Fortinet suggests attackers are leveraging vulnerabilities like CVE-2021-40444 and CVE-2022-30190
Chinese APT Favorite Backdoor Found in Pakistani Government App
Trend Micro found a backdoor previously exploited by various Chinese threat actors in a popular application used by Pakistan’s government agencies
NCSC Shares Alternatives to Using a SOC
Security agency’s advice could help save time and money
Ransomware Costs Financial Services $32bn in Five Years
The figure accounts for losses due to downtime alone
UK Financial Regulator Urges Banks to Tackle AI-Based Fraud
Prime Minister wants UK to be a global center of AI regulation
New CVSS Version Unveiled Amid Rising Cyber Threats
FIRST has released details of version 4.0 of the standard, which aims to address criticisms of CVSS 3.1