Infosecurity News

  1. TimbreStealer Malware Targets Mexican Victims with Tax-Related Lures

    The maker of the Mispadu Trojan started distributing a new infostealer with financial lures to Mexican users, Cisco Talos found

  2. Biden Bans Mass Sale of Data to Hostile Nations

    A new presidential executive order attempts to prevent the mass sales of personal data to countries like China and Russia

  3. FBI Issues Alert on Russian Threats Targeting Ubiquiti Routers

    The routers were hijacked to steal credentials, proxy traffic, and host phishing pages and custom tools

  4. 34 Million Roblox Credentials Exposed on Dark Web in Three Years

    Kaspersky reported a 231% surge in compromised accounts from 4.7 million in 2021 to 15.5 million in 2023

  5. How Security Leaders Can Break Down Barriers to Enable Digital Trust

    ISACA's Rob Clyde and Pam Nigro discuss how to advance digital trust in a security context

  6. UK ICO Vows to Safeguard Privacy in AI Era, Rules Out Bespoke Regulation

    UK Information Commissioner John Edwards explains how the ICO is working to provide clarity around the lawful use of AI

  7. Over Half of UK Firms Concerned About Insider Threats

    Cifas claims that most business decision makers are worried about fraudsters targeting employees

  8. Ads for Zero-Day Exploit Sales Surge 70% Annually

    Group-IB research warns of rising use of zero-day threats in targeted attacks

  9. Industrial Cyber Espionage France's Top Threat Ahead of 2024 Paris Olympics

    Ransomware and destabilization attacks rose in 2023, yet France’s National Cybersecurity Agency is most concerned about a diversification of cyber espionage campaigns

  10. Four Million WordPress Sites Vulnerable to LiteSpeed Plugin Flaw

    The flaw, discovered by Patchstack, stems from a lack of input sanitization and output escaping in the plugin’s code

  11. NIST Releases Final Version of Cybersecurity Framework 2.0

    NIST has made further tweaks to Version 2.0 of its Cybersecurity Framework following feedback from the cybersecurity community

  12. Half of IT Leaders Identify IoT as Security Weak Point

    The Viakoo study also said 50% firms faced IoT cyber incidents in past year, 44% of which were severe

  13. Most Commercial Code Contains High-Risk Open Source Bugs

    Synopsys report reveals 74% of codebases now contain risky open source components

  14. 69% of Organizations Infected by Ransomware in 2023

    Proofpoint found that 69% of organizations experienced a successful ransomware incident in the past year, with 60% hit on four or more occasions

  15. Business Logic Abuse Dominates as API Attacks Surge

    Imperva finds attacks targeting API business logic increased to 27% in 2023

  16. White House Urges Tech Industry to Eliminate Memory Safety Vulnerabilities

    A new White House report has urged software and hardware developers to adopt memory safe programming languages, and eliminate one of the most pervasive classes of bugs

  17. CISA Issues Alert on APT29’s Cloud Infiltration Tactics

    Known as Midnight Blizzard, the Dukes or Cozy Bear, the group has been identified as a Russian entity likely operating under the SVR

  18. Expert Warns of Growing Android Malware Activity

    Kaspersky said that in 2023, the number of mobile attacks soared to nearly 33.8 million

  19. LockBit Takedown: What You Need to Know about Operation Cronos

    What businesses should know about Operation Cronos and LockBit, one of the largest ransomware takedowns in history

  20. Avast Faces $16.5m Fine for Unlawfully Selling User Browsing Data

    The FTC order found that Avast sold browsing data to advertisers that could reveal highly sensitive insights about users, misleading them about privacy protections in the process

What’s hot on Infosecurity Magazine?