Infosecurity News

  1. British Library: Ransomware Recovery Could Take Months

    Famed institution warns of ongoing disruption

  2. CSA Launches First Zero Trust Certification

    The CCZT program incorporates foundational principles from leading sources such as CISA and NIST

  3. Cyber-Criminals Exploit Gaza Crisis With Fake Charity

    Attackers sought crypto donations of $100-$5000 using Bitcoin, Litecoin and Ethereum addresses

  4. Russian Hacking Group Sandworm Linked to Unprecedented Attack on Danish Critical Infrastructure

    A report described the coordinated attack, in which 22 critical infrastructure firms were targeted

  5. Black Friday: Malwarebytes Warns of Credit Card Skimming Surge

    Skimming threat actors ramp up their activity just in time for the holiday season

  6. Half of Ransomware Groups Operating in 2023 Are New

    WithSecure report highlights widespread code reuse

  7. BlackCat Ransomware Group Reports Victim to SEC

    ALPHV/BlackCat tries unusual extortion technique

  8. European Police Take Down $9m Vishing Gang

    Fraudsters operated from Ukrainian call centers

  9. US Government Unveils First AI Roadmap For Cybersecurity

    The initiative aligns with President Biden’s recent Executive Order

  10. BlackCat Ransomware Gang Targets Businesses Via Google Ads

    Nitrogen serves as initial-access malware, using obfuscated Python libraries for stealth

  11. UK Privacy Regulator Issues Black Friday Smart Device Warning

    Consumers urged to think before they buy connected technology

  12. Microsoft Fixes Five Zero-Day Vulnerabilities

    Patch Tuesday includes fixes for three actively exploited bugs

  13. US Dismantles IPStorm Botnet Proxy Service

    Russian-Moldovan national faces maximum 30-year jail stretch

  14. Python Package Index Faces Security Crisis With Validated Leaks

    2922 projects contained at least one unique secret, including from AWS, Redis and Google

  15. 82% of Attacks Show Cyber-Criminals Targeting Telemetry Data

    Sophos report based on 232 IR cases across 25 sectors from January 1 2022 to June 30 2023

  16. Pro-Palestine APT Group Uses Novel Downloader in New Campaign

    TA402 launches new targeted phishing campaigns

  17. Royal Ransomware Gang Demands $275m in a Year

    CISA highlights links to newer Blacksuit variant

  18. NCSC: UK Facing “Enduring and Significant” Cyber-Threat

    Critical infrastructure providers under pressure from state-backed groups

  19. Information-Stealing Malware Escalates in Online Gaming

    A report by Sekoia.io shed light on a targeted campaign using Discord and fake download websites

  20. Python Malware Poses DDoS Threat Via Docker API Misconfiguration

    Cado Security Labs said the bot agent exhibited various methods for conducting DDoS attacks

Why Not Watch?

  1. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  2. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

  3. Mastering AI Security With ISACA’s New AAISM Certification

  4. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

What’s Hot on Infosecurity Magazine?