Infosecurity News

  1. HPE Says SolarWinds Hackers Accessed its Emails

    Hewlett Packard Enterprise reveals that Russian state APT29 hackers stole data from corporate mailboxes

  2. ChatGPT Cybercrime Surge Revealed in 3000 Dark Web Posts

    Kaspersky said cybercriminals are exploring schemes to implement ChatGPT in malware development

  3. Browser Phishing Threats Grew 198% Last Year

    Finding comes from Menlo Security’s recently released 2023 State of Browser Security Report

  4. Why Bulletproof Hosting is Key to Cybercrime-as-a-Service

    As a critical infrastructure service for cybercriminals, bulletproof hosting should be tracked and blocked by defenders, Intel471 argued in a new blog post

  5. X Makes Passkeys Available for US-Based Users

    X (formerly Twitter) has announced that passkeys are available as a login option for US-based users on iOS following a spate of high-profile account hijacks

  6. Exploit Code Released For Critical Fortra GoAnywhere Bug

    Researchers have released exploit code for a critical bug in managed file transfer software Fortra GoAnywhere

  7. AI Set to Supercharge Ransomware Threat, Says NCSC

    The National Cyber Security Centre claims in a new report that AI will increase volume and impact of ransomware attacks

  8. Malicious npm Packages Used to Target GitHub Developer SSH Keys

    ReversingLabs noted a 1300% surge in harmful open-source packages between 2020 and 2023

  9. Hackers Target Atlassian Confluence With RCE Exploits

    Shadowserver reported over 39,000 exploitation attempts from 600 unique IP addresses, mainly Russian

  10. New Cybersecurity Governance Code Puts Cyber Risks on Boardroom Agenda

    The UK government has published a draft code that aims to establish cybersecurity as a key focus for business leaders, on par with financial and legal risks

  11. French Watchdog Slams Amazon with €32m Fine for Spying on Workers

    The French CNIL has fined Amazon France Logistique $35m for an "excessively intrusive" surveillance system set up to monitor the performance of its staff

  12. Australia Sanctions Russian Hacker Behind Medibank Breach

    The Australian government has sanctioned Russian national Aleksandr Ermakov for his role in the Medibank data breach

  13. SEC Confirms SIM Swap Attack Behind X Account Takeover

    The Securities and Exchange Commission says hackers hijacked its X account in a SIM swap attack after MFA was disabled

  14. Mega-Breach Database Exposes 26 Billion Records

    A haul of 26 billion records found online was compiled from historic breaches

  15. LoanDepot Data Breach Hits 16.6 Million Customers

    The US loan giant confirmed 16.6 million customers had “sensitive personal” information stolen in a cyber-attack

  16. Thai Court Blocks 9near.org to Avoid Exposure of 55M Citizens

    Thailand’s data breaches fell in 2022-2023, but Resecurity is warning of rising cyber-threats

  17. New macOS Malware Targets Cracked Apps

    Kaspersky said the malware targeted macOS Ventura 13.6 and newer versions

  18. Data Privacy Week: Lack of Understanding, Underfunding Threaten Data Privacy and Compliance

    According to ISACA, two-thirds of professionals don’t fully understand the privacy regulations their organization needs to comply with

  19. CISA Emergency Directive Demands Action on Ivanti Zero-Days

    US security agency CISA orders all civilian federal agencies to take immediate steps to mitigate two Ivanti zero-day flaws

  20. Russian Spies Brute Force Senior Microsoft Staff Accounts

    Russian intelligence hackers compromise emails of senior Microsoft leadership with simple password spray attacks

Why not watch?

  1. Navigating Exposures in Energy ICS Environments

  2. Dispelling the Myths of Defense-Grade Cybersecurity

  3. How to Manage Your Risks and Protect Your Financial Data

  4. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

What’s hot on Infosecurity Magazine?