Infosecurity News

  1. Google Paid $10m in Bug Bounties to Security Researchers in 2023

    Google revealed it paid $10m in bug bounty payments to more than 600 researchers in 2023, with the highest single payment being £113,337

  2. Fortinet Patches Critical Bug in FortiClient EMS

    Fortinet has released security updates to fix several critical vulnerabilities in its products

  3. Meta Sues Former VP After Defection to AI Startup

    Meta is suing one of its former executives for stealing sensitive documents before leaving the company

  4. Investment Scams Grow, 13,000 Domains Detected in January 2024

    Netcraft said the domains were found across 7000 IPs in January, a 25% increase from December 2023

  5. Cloud Account Attacks Surged 16-Fold in 2023

    Red Canary said cloud account compromise detections rose 16-fold in 2023, becoming the fourth most prevalent technique used by threat actors

  6. New Research Exposes Security Risks in ChatGPT Plugins

    Salt Security discovered GPT flaws affecting plugin installation, PluginLab and OAuth

  7. Google to Restrict Election-Related Answers on AI Chatbot Gemini

    The new restriction to Google’s AI chatbot was first implemented in India, which holds elections in April, before being rolled across other nations

  8. Single RCE Bug Features Among 60 CVEs in March Patch Tuesday

    No zero-day vulnerabilities to fix in this month’s Microsoft Patch Tuesday

  9. Nearly 13 Million Secrets Spilled Via Public GitHub Repositories

    GitGuardian claims the number of secrets exposed via GitHub has quadrupled since 2021

  10. Study Reveals Top Vulnerabilities in Corporate Web Applications

    Kaspersky said access control weaknesses and failures in data protection accounted for 70% of all flaws

  11. US Intelligence Predicts Upcoming Cyber Threats for 2024

    The Office of the Director of National Intelligence (ODNI) has unveiled an unclassified version of its Annual Threat Assessment of the US Intelligence Community

  12. New Cloud Attack Targets Crypto CDN Meson Ahead of Launch

    Sysdig said the rise of the Meson Network in blockchain signals a new frontier for attackers

  13. Three-Quarters of Cyber Incident Victims Are Small Businesses

    Three-quarters of cyber-incidents Sophos responded to involved small businesses in 2023, with attackers’ main goal being data theft

  14. Lawmakers Slam UK Government’s “Ostrich Strategy” for Cybersecurity

    An influential parliamentary committee claims government short-termism is exposing the country to ransomware catastrophe

  15. Victims Lose $47m to Crypto Phishing Scams in February

    Some 57,000 victims lost $47m in phishing scams targeting their cryptocurrency last month

  16. Magnet Goblin Exploits Ivanti Vulnerabilities

    The threat actor uses custom Linux malware to pursue financial gain, according to Check Point Research

  17. BianLian Threat Actor Shifts Focus to Extortion-Only Tactics

    GuidePoint said the threat actor gained initial access via vulnerabilities in a TeamCity server

  18. NSA Launches Top 10 Cloud Security Mitigation Strategies

    The advisory is associated with ten companion cybersecurity information sheets detailing how to implement each strategy

  19. Third-Party Breach and Missing MFA Contributed to British Library Cyber-Attack

    A British Library report found the most likely source of the incident was the compromise of third-party account credentials and no MFA was in place to stop the attackers

  20. Telemedicine Business Owner Faces 20 Years For $136m Fraud

    Nurse practitioner pleads guilty to $136m Medicare fraud plot involving her telemedicine companies

Why not watch?

  1. Navigating Exposures in Energy ICS Environments

  2. Identifying Concentration Risk and Securing the Supply Chain

  3. Dispelling the Myths of Defense-Grade Cybersecurity

  4. How to Manage Your Risks and Protect Your Financial Data

What’s hot on Infosecurity Magazine?