Infosecurity News

  1. Russia's FSB Behind Massive Phishing Espionage Campaign

    Citizen Lab attributed the campaign to Coldriver, a notorious FSB subordinate team, and Coldwastrel, a new, Russian-aligned group

  2. Another Record Year For Ransomware Beckons as Crypto Profits Hit $460m

    Ransom payments in the first half of 2024 hit $460m, according to Chainalysis

  3. Google Warns of Iranian Cyber-Attacks on Presidential Campaigns

    Google has highlighted sophisticated spearphishing attacks by Iranian state actor APT42 targeting individuals associated with the US Presidential campaign

  4. SolarWinds Urges Upgrade After Revealing Critical RCE Bug

    SolarWinds has discovered and fixed a critical remote code execution vulnerability in Web Help Desk

  5. New Phishing Attack Uses Sophisticated Infostealer Malware

    The phishing attack uses infostealer malware to target saved passwords, credit cards & Bitcoin info

  6. Manufacturing Firm Loses $60m in BEC Scam

    Manufacturing firm Orion revealed it has lost $60m in a business email compromise (BEC) scam, which targeted a non-executive employee

  7. Research Uncovers New Microsoft Outlook Vulnerability

    CVE-2024-38173 is a medium severity RCE flaw in Microsoft Outlook, similar to CVE-2024-30103

  8. High-Risk Cloud Exposures Surge Due to Rapid Service Growth

    Firms are introducing 300 services monthly, contributing to 32% of high or critical cloud exposures

  9. Critical Vulnerability Found in Microsoft’s AI Healthcare Chatbot

    Tenable detailed two privilege escalation vulnerabilities in the Azure Health Bot Service, one of which has been rated critical

  10. Cyber-Attack Spreads Phishing Scam Across Greater Manchester Areas

    A cyber-attack has hit several boroughs across Greater Manchester, England, leaving thousands of residents vulnerable to a phishing scam

  11. NCSC Calls on UK Firms to Join Mass Cyber-Deception Initiative

    The UK’s National Cyber Security Centre wants to test the effectiveness of cyber-deception tactics

  12. Microsoft Fixes Nine Zero-Days on Patch Tuesday

    Microsoft’s August Patch Tuesday saw the tech giant address nine zero-day vulnerabilities

  13. Gold Mining Firm in Australia Reports Ransomware Breach

    In a Monday filing with the ASX, Evolution Mining stated that the incident was contained

  14. NIST Formalizes World's First Post-Quantum Cryptography Standards

    NIST has formalized three post-quantum cryptographic algorithms, with organizations urged to start the transition to quantum-secure encryption immediately

  15. East Valley Institute of Technology Data Breach Exposes Over 200,000 Records

    The EVIT breach exposed the data of 208,717 individuals, including students, faculty and parents

  16. Phishing Campaign Compromises 100+ Ukrainian Government Computers

    CERT-UA has warned that a mass phishing campaign impersonating Ukraine’s Security Services has infected more than 100 government devices

  17. Prolific Belarusian Cybercriminal Arrested in Spain

    Belarusian national Maksim Silnikau, who was operating under the ‘J.P. Morgan’ moniker, is believed to be one of the world’s most prolific Russian-speaking cybercriminals

  18. South Korea Warns Pyongyang Has Stolen Spy Plane Details

    South Korea’s People Power Party calls for new legislation after data on spy planes and tanks is hacked by North Korea

  19. FBI Leads Effort to Dismantle Radar/Dispossessor Ransomware

    The FBI and other law enforcers claim to have disrupted the Radar/Dispossessor ransomware group

  20. Vulnerability in Windows Driver Leads to System Crashes

    The CVE-2024-6768 flaw in the Windows CLFS.sys driver can lead to BSOD

Why not watch?

  1. Reinforcing Firewall Security: The Need to Adapt to Persistent Cyber Threats

  2. Navigating Exposures in Energy ICS Environments

  3. Dispelling the Myths of Defense-Grade Cybersecurity

  4. Identifying Concentration Risk and Securing the Supply Chain

What’s hot on Infosecurity Magazine?