Infosecurity News
Critical OpenSSH Flaw Enables Full System Compromise
A newly discovered RCE vulnerability, which can lead to full system compromise, has put over 14 million OpenSSH server instances are potentially at risk, according to Qualys
Australian Police Arrest Suspect in Fake Wi-Fi Scam Targeting Airport Passengers
Evil twin Wi-Fi access points mimicked legitimate networks to capture personal data from unsuspecting victims who mistakenly connected to them
Cyber-Insurance Premiums Decline as Firms Build Resilience
Insurance broker Howden says premiums are falling as security best practice takes hold
Over Six Million Hit by Ransomware Breach at Infosys McCamish Systems
Outsourcer Infosys McCamish Systems has revealed millions of victims were impacted by a ransomware attack last year
TeamViewer Cyber-Attack Attributed to Russian APT Midnight Blizzard
Remote software provider TeamViewer has revealed it has been hit by a cyber-attack that it attributes to Russian state actor Midnight Blizzard
Cyber Workforce Grows 15% at Large Organizations as Security is Prioritized
From an average of one cybersecurity expert for 1285 employees in 2023, large organizations now have one for every 1086 employees, according to Wavestone
Google Thwarts Over 10,000 Attempts by Chinese Influence Operator
Google warned of high levels of activity from Chinese influence operator Dragon Bridge, which is increasingly experimenting with generative AI tools to create content
CISOs Reveal Firms Prioritize Savings Over Long-Term Security
The data from Bugcrowd also reveals 40% of CISOs think most firms don't understand breach risks
Operation First Light Seizes $257m in Global Scam Bust
The operation, orchestrated by Interpol, resulted in the arrest of 3950 suspects
Majority of Critical Open Source Projects Contain Memory Unsafe Code
A CISA analysis in collaboration with international partners concluded most critical open source projects potentially contain memory safety vulnerabilities
US Charges Russian Individual for Pre-Invasion Ukraine Hack
The US government is offering up to $10m for information on Amin Timovich Stigal’s location or his malicious cyber activity
IT Leaders Split on Using GenAI For Cybersecurity
Corelight study claims many IT leaders see benefit of GenAI but similar share are concerned about data exposure
Chinese State Actors Use Ransomware to Conceal Real Intent
A new report warns that Chinese APT groups are using ransomware to conceal cyber-espionage activity
Progress Discloses Two New Vulnerabilities in MOVEit Products
Two authentication bypass vulnerabilities affect Progress Software’s MOVEit Transfer SFTP service in a default configuration and MOVEit Gateway
Novel Banking Malware Targets Customers in Southeast Asia
A novel malware strain, Snowblind, bypasses security measures in banking apps on Android, leading to financial losses and fraud, according to Promon
Cyber Attackers Turn to Cloud Services to Deploy Malware
A growing number of malware operators have turned to cloud-based command and control servers to deploy malicious campaigns, Fortinet researchers found
Identity Crime Reports Drop 16% Annually but Job Scams Surge
Identity-related crimes declined 16% annually in 2023 with the majority related to compromised credentials
Fake Law Firms Con Victims of Crypto Scams, Warns FBI
The FBI has urged cryptocurrency scam victims to be on the alert for fraudsters posing as lawyers
New Medusa Trojan Variant Emerges with Enhanced Stealth Features
Cleafy identified five different botnets operated by affiliates, each targeting different geographical areas
Dark Web Sees 230% Rise in Singapore Identity Theft
According to Resecurity, a significant portion of the stolen data was found on the XSS underground forum
