Infosecurity News

  1. Lazarus Group Exploits Dell Driver Vulnerability to Bypass Windows Security

    ESET said the vulnerability was exploited at least twice via a specific user-mode module

  2. ICO Fines Four "Predatory" Privacy-Invading Firms

    Marketers made over 820,000 illegal calls

  3. LA Unified School District: Hackers Have Posted Stolen Data Online

    School district is investigating authenticity of the trove

  4. Healthcare Company Owners Get Jail Time for $7m Fraud Scheme

    Duo paid bribes and kickbacks to patient marketers

  5. Hackers Hide Malware in Windows Logo, Target Middle East Governments

    The group continued to use the LookBack backdoor, but also several new types of malware

  6. Hackers Backdoor Pirated Windows OS With Cryptominer and Xtreme RAT

    The behavior of the actors was reportedly identical to what was described by Minerva Labs in 2021

  7. Lazarus-Associated Hackers Weaponize Open-Source Tools Against Several Countries

    The advisory suggests Zinc has targeted media, defense and aerospace, and IT services

  8. Microsoft Confirms Two Exchange Zero-Day Vulnerabilities

    The vulnerabilities were first discovered by Vietnamese cybersecurity firm GTSC

  9. NCSC: UK Organizations Can Learn from Ukraine's Impressive Cyber Defenses

    NCSC CEO, Lindy Cameron, outlines the UK's observations of the cyber dimension of the Russia-Ukraine conflict

  10. Manufacturers Failing to Address Cybersecurity Vulnerabilities Liable Under New European Rules

    The liability rules allow for compensation for damage when manufacturers fail to address cybersecurity vulnerabilities

  11. Researchers Discover Chaos, a Golang Multipurpose Botnet

    The tool was written in Chinese and seemed China-based due to its C2 infrastructure

  12. Government, Union-Themed Lures Used to Deliver Cobalt Strike Payloads

    Cisco Talos discovered the malicious campaign in August 2022

  13. LeakBase: India Swachhata Platform Breached, 16 Million User PII Records Exposed

    Data samples contain email addresses, hashed passwords and user IDs, other PII

  14. Mobile, Cloud and Email Are Top Threat Vectors For 2023

    PwC study finds organizations have a long way to go on security

  15. Crypto-Thieves Cost Victims 53 Times What They Make

    Report reveals surging cloud bills for crypto-jacking victims

  16. IRS Warns of "Industrial Scale" Smishing Surge

    Tax agency says automated tools are to blame

  17. WatchGuard Report: Malware Decreases but Encrypted Malware Up in Q2 2022

    This could reflect threat actors shifting their tactics to rely on more elusive malware

  18. Hackers Use Telegram and Signal to Assist Protestors in Iran

    Key activities are data leaking and selling, including officials' phone numbers and emails

  19. Hacker Breaches Fast Company Apple News Account, Sends Racist Messages

    The breach seems related to the hack of Fast Company's website on Sunday afternoon

  20. ICO Reprimands UK Organizations for GDPR Failings

    Subject Access Requests experiencing significant delays

Why not watch?

  1. Identifying Concentration Risk and Securing the Supply Chain

  2. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

  3. Navigating Exposures in Energy ICS Environments

  4. How to Manage Your Risks and Protect Your Financial Data

What’s hot on Infosecurity Magazine?