Infosecurity News
Over 90,000 D-Link NAS Devices Are Under Attack
Threat actors are targeting a high severity vulnerability in close to 100,000 legacy D-Link devices
Why Identity Management is Key in a Cyber Resilience Strategy
For the fourth edition of Identity Management Day, the Identity Defined Security Alliance shared staggering numbers on the boom of identity-related cyber incidents
US Federal Data Privacy Law Introduced by Legislators
Two US lawmakers have published a draft federal data privacy law, dubbed the American Privacy Rights Act, which aims to provide protections for the personal information of all US citizens
Byakugan Infostealer Capabilities Revealed
Fortinet said the malware functions identified include screen monitoring, screen capturing, cryptomining and more
New Malware “Latrodectus” Linked to IcedID
The malware, discovered by Proofpoint and Team Cymru, was mainly utilized by initial access brokers
Famous YouTube Channels Hacked to Distribute Infostealers
The AhnLab Security Intelligence Center discovered new infostealer distribution campaigns leveraging legitimate YouTube channels
UK Retailers Lost £11.3bn to Fraud in 2023
Research from Ayden and the CEBR found that 35% of UK retailers fell victim to fraudulent activity, cyber-attacks or data leaks over the past 12 months
Hospital IT Helpdesks Targeted By Voice Fraudsters, Warns HHS
Threat actors are socially engineering healthcare IT helpdesk staff to steal money, the government has warned
Veterinary Giant CVS Reveals Major Cyber-Attack
Veterinary services provider CVS Group today notified markets of a security breach last week
Chinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities
Mandiant research details how Chinese espionage groups are deploying new tools post-exploitation of recently patched Ivanti vulnerabilities
Wiz Discovers Flaws in GenAI Models Enabling Customer Data Theft
Wiz researchers found architecture flaws in generative AI models available on the AI hub Hugging Face
China Using AI-Generated Content to Sow Division in US, Microsoft Finds
A Microsoft report found that China-affiliated actors are publishing AI-generated content on social media to amplify controversial domestic issues in the US
LockBit Scrambles After Takedown, Repopulates Leak Site with Old Breaches
A Trend Micro report shows a clear drop in the number of actual infections associated with the LockBit ransomware following Operation Cronos
Jackson County IT Systems Hit By Ransomware Attack
A state of emergency was declared, caused by operational inconsistencies across digital infrastructure
New JSOutProx Malware Targets Financial Firms in APAC, MENA
First found in 2019, JSOutProx combines JavaScript and .NET functionalities to infiltrate systems
Leicester Council Confirms Confidential Documents Leaked in Ransomware Attack
Leicester City Council confirmed around 25 sensitive documents have been leaked online, including personal ID information, following claims by the Inc Ransom gang
Deepfake Expert Henry Ajder to Keynote Infosecurity Europe 2024 on AI Challenges
Infosecurity Europe 2024 will feature a keynote presentation by deepfake expert Henry Ajder, exploring the implications of generative AI on cybersecurity
Threat Actor Claims Classified Five Eyes Data Theft
Threat actor IntelBroker claims to have classified intelligence stolen from US government tech supplier Acuity
Firms Must Work Harder to Guard Children’s Privacy, Says UK ICO
Privacy regulator the ICO urges social media and video sharing firms to do more to protect children’s data
Cyber Safety Review Board Report Slams Microsoft Security Failures in Government Email Breach
A report has highlighted multiple security failings by Microsoft that allowed Chinese threat actors to access US government officials’ email accounts in the Summer of 2023
