Infosecurity News
#Infosec2024: Decoding SentinelOne's AI Threat Hunting Assistant
SentinelOne will present a threat-hunting demonstration during which a security analyst will compete against a non-technical person using its AI assistant
Check Point Urges VPN Configuration Review Amid Attack Spike
These attacks did not exploit a vulnerability but instead leveraged weaker authentication methods
XSS Vulnerabilities Found in WordPress Plugin Slider Revolution
Slider Revolution is a widely used premium Wordpress plugin with over 9 million active users
TeaBot Banking Trojan Activity on the Rise, Zscaler Observes
Researchers from Zscaler ThreatLabz observed an uptick in the TeaBot Andoird banking Trojan, also known as Anatsa
Courtroom Recording Software Vulnerable to Backdoor Attacks
Rapid7 warned that users of Justice AV Solutions (JAVS) Viewer v8.3.7 recording software are at high risk of stolen credentials and having malware installed
#Infosec2024: What to Expect at Infosecurity Europe 2024
Get ready for Infosecurity Europe 2024 with these top five picks from Infosecurity Magazine to help you plan your visit
#Infosec2024: Why Human Risk Management is Cybersecurity's Next Step for Awareness
With most cyber-attacks still involving a non-malicious human element, it is clear that awareness training alone is insufficient, this is where human risk management comes into play
#Infosec2024: Charity Bridges Digital Divide and Fuels New Cyber Talent
Every Child Online, a UK charity, tackles the digital divide and potential cybersecurity skills gap by offering free refurbished IT equipment to underprivileged children
Health Information Published Online After MediSecure Ransomware Attack
MediSecure confirmed that limited health data of customers was posted onto a dark web forum, with a 6.5TB dataset reportedly put up for sale
Microsoft: Gift Card Fraud Rising, Costing Businesses up to $100,000 a Day
Microsoft has warned of surging gift card fraud and sophisticated approaches from the group Storm-0539
Fake Pegasus Spyware Strains Populate Clear and Dark Web
Actors in the clear and dark web are distributing fake source codes of the Pegasus spyware for financial gain
Cybercriminals Exploit Cloud Storage For SMS Phishing Scams
According to Enea, these campaigns use cloud storage platforms to host malicious websites, sending links via SMS to bypass firewalls
Indian Election Faces Cyber-Attacks, Data Leaks on Dark Web
Resecurity reported a 300% spike in cyber-attacks post-#OpIsrael, intensifying since #OpIndia last year
NVD Leaves Exploited Vulnerabilities Unchecked
Over half of CISA’s known exploited vulnerabilities disclosed since February 2024 have not yet been analyzed by NIST’s National Vulnerability Database
National Records of Scotland Data Breached in NHS Cyber-Attack
National Records of Scotland said sensitive personal data was part of information published online following a ransomware attack on NHS Dumfries and Galloway
GitHub Fixes Maximum Severity Flaw in Enterprise Server
A newly patched GitHub Enterprise Server bug has a CVSS score of 10
PSNI Faces £750,000 Data Breach Fine After Spreadsheet Leak
The Police Service of Northern Ireland has been fined £750K following a serious data breach last year
Report Reveals 341% Rise in Advanced Phishing Attacks
This data comes from SlashNext’s mid-year State of Phishing 2024 report
UserPro Plugin Vulnerability Allows Account Takeover
The plugin is used by over 20,000 sites and enables users to create customizable community websites
Chinese Hackers Rely on Covert Proxy Networks to Evade Detection
Volt Typhoon and other Chinese cyber espionage actors are relying on operational relay box (ORB) networks, Mandiant has observed
