Infosecurity News

  1. SpyLoan Scams Target Android Users With Deceptive Apps

    ESET said these apps request sensitive user information, exfiltrating it to attackers’ servers

  2. US Federal Agencies Miss Deadline for Incident Response Requirements

    20 government agencies have failed to reach the incident response maturity level required by law, the GAO found in a new report

  3. Russian APT28 Exploits Outlook Bug to Access Exchange

    Notorious Russian APT28 group is actively exploiting CVE-2023-23397 to hijack Exchange email accounts

  4. Porn Age Checks Threaten Security and Privacy, Report Warns

    Online Safety Act’s mandate for age verification to access pornography could be a security and privacy disaster, think tanks warn

  5. Sellafield Accused of Covering Up Major Cyber Breaches

    Europe’s largest nuclear site, Sellafield, is accused of consistent security failings

  6. Cybercriminals Escalate Microsoft Office Attacks By 53% in 2023

    The Kaspersky report also revealed an average detection of 411,000 malicious files per day

  7. Rust-Based Botnet P2Pinfect Targets MIPS Architecture

    Cado Security found the variant while investigating files uploaded to an SSH honeypot

  8. EU Council and Parliament Reach Agreement on Cyber Resilience Act

    The European institutions have finally resolved several contentious aspects of the Cyber Resilience Act

  9. Staples Hit With Disruption After Cyber-Attack

    Retail giant’s service lines still impacted

  10. Russian Developer Pleads Guilty to Trickbot Conspiracy

    40-year-old was extradited from South Korea

  11. US Confirms Iranian Attacks on Water Companies

    State-backed CyberAveng3rs group hits Unitronics installations

  12. NCSC Urges UK Water Companies to Secure Control Systems

    Guidance follows US incident involving Unitronics programmable logic controllers

  13. Apple Patches Actively Exploited iOS Zero-Days

    Vulnerabilities may be linked to commercial spyware operations

  14. UK Celebrates “World-First” Anti-Fraud Deal With Big Tech

    Government says tech firms have pledged to remove malicious content

  15. North Korean Hackers Amass $3bn in Cryptocurrency Heists

    Stolen cryptocurrency is converted into fiat currency using stolen identities and manipulated photos

  16. Manufacturing Top Targeted Industry in Record-Breaking Cyber Extortion Surge

    Orange Cyberdefense’s Security Navigator listed the manufacturing sector as number one for both detected cyber incidents and confirmed cyber-attacks

  17. FjordPhantom Android Malware Targets Banks With Virtualization

    Promon said one FjordPhantom attack resulted in a substantial loss of approximately $280,000

  18. RedLine Stealer Malware Deployed Via ScrubCrypt Evasion Tool

    The new ScrubCrypt obfuscation tool is designed to avoid antivirus protections

  19. Booking.com Customers Scammed in Novel Social Engineering Campaign

    The sophisticated campaign has led to customers having their money stolen by cybercriminals

  20. Thousands of Dollar Tree Staff Hit By Supplier Breach

    Incident at Zeroed-In Technologies happened in August

Why not watch?

  1. Identifying Concentration Risk and Securing the Supply Chain

  2. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

  3. Dispelling the Myths of Defense-Grade Cybersecurity

  4. Enhancing Software Supply Chain Management: A DORA-Focused Approach

What’s hot on Infosecurity Magazine?