Infosecurity News

  1. Clop Ransomware Group Exploits GoAnywhere MFT Flaw

    The vulnerability has a CVSS score of 7.2 and was exploited against several companies in the US

  2. Attacks Targeting APIs Increased By 400% in Last Six Months

    The new Salt Security report found that 80% of attacks happened over authenticated APIs

  3. ChatGPT Vulnerability May Have Exposed Users’ Payment Information

    The breach was caused by a bug in an open-source library

  4. Tech Industry Bids to Tackle Cyber-Mercenary Epidemic

    New principles designed to disrupt and limit a rapidly growing market

  5. Just 1% of Cloud Permissions Are Actively Used

    Microsoft warns of "permissions gap" security threat

  6. Experts Warn of Self-Funding North Korean Group APT43

    Mandiant says unit is focused on espionage and crypto theft

  7. Clipboard-Injector Attacks Target Cryptocurrency Users

    The malware campaign relying on this technique was observed abusing Tor Browser installers

  8. Apple Releases Security Patches For Older iPhone and iPad Models

    The vulnerability refers to a type confusion bug in the WebKit browser engine

  9. France Bans TikTok, Other 'Fun' Apps From Government Devices

    The move is expected to affect roughly 2.5 million government officials

  10. Four Years Behind Bars for Prolific BEC Scammer

    Solomon Ekunke Okpe and others made over $1m from online fraud

  11. Call for Submissions to UK's New Computer Misuse Act

    Bugcrowd is concerned about a lack of protection for ethical hackers

  12. US Moves to Ban "Anti-Democratic" Spyware

    White House says use of tools must be aligned with human rights

  13. Microsoft Fixes Security Flaw in Windows Screenshot Tools

    Information disclosure vulnerability aCropalypse could enable malicious actors to recover sections of screenshots

  14. Three Variants of IcedID Malware Discovered

    The new variants hint that considerable effort is going into the future of IcedID and its codebase

  15. New MacStealer Targets Catalina, Newer MacOS Versions

    The malware can extract information from documents, browser cookies and login information

  16. NCA Harvests Info on DDoS-For-Hire With Fake Booter Sites

    Agency attempts to disrupt the cybercrime underground

  17. New BEC Tactics Enable Fake Asset Purchases

    FBI warns of scammers using Net-30 and Net-60 terms

  18. Latitude Financial Admits Breach Impacted Millions

    Over 14 million records stolen from consumer lender

  19. CISA Unveils Ransomware Notification Initiative

    Provides businesses with early warnings to evict threat actors before they can encrypt data

  20. WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites

    The vulnerability could allow an unauthenticated attacker to gain admin privileges and take over a website

Why not watch?

  1. Enhancing Software Supply Chain Management: A DORA-Focused Approach

  2. Cyber Resilience in the AI Era: New Challenges and Opportunities

  3. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

  4. How to Update Your PAM Strategy to Protect Hybrid Cloud Infrastructures

What’s hot on Infosecurity Magazine?