Infosecurity News

  1. CISA and NSA Tackle IAM Security Challenges in New Report

    The document is authored by the Enduring Security Framework

  2. Critical Glibc Bug Puts Linux Distributions at Risk

    Qualys identified and exploited the vulnerability in Fedora 37/38, Ubuntu 22.04/23.04, Debian 12/13

  3. China Poised to Disrupt US Critical Infrastructure with Cyber-Attacks, Microsoft Warns

    Microsoft’s annual digital defense report found a rise in Chinese state-affiliated groups attempting to infiltrate sectors like medical infrastructure and telecommunication

  4. Record Numbers of Ransomware Victims Named on Leak Sites

    A new Secureworks report finds that 2023 is on course to be the biggest year on record for victim naming on ‘name and shame’ sites

  5. Scammers Impersonate Companies to Steal Cryptocurrency from Job Seekers

    CloudSEK warns 100,000 victims may have been impacted

  6. US Government Proposes SBOM Rules for Contractors

    Public comment open until December 4

  7. GoldDigger Android Trojan Drains Victim Bank Accounts

    Researchers warn of phishing links leading to spoofed Google Play pages

  8. LightSpy iPhone Spyware Linked to Chinese APT41 Group

    ThreatFabric found evidence that LighSpy is linked to Android spyware DragonEgg, attributed to the Chinese-sponsored group

  9. EvilProxy Phishing Attack Strikes Indeed, Targets Executives

    Menlo Labs brought this discovery to light in an advisory published on Tuesday

  10. Malware-Infected Devices Sold Through Major Retailers

    The BADBOX scheme deploys the Triada malware on various devices like smartphones and tablets

  11. Police Issue “Quishing” Email Warning

    Organizations urged to update staff awareness programs

  12. Arm and Qualcomm Chips Hit by Multiple Zero-Day Attacks

    Chip giants have released updates to fix the vulnerabilities

  13. Red Cross Issues Wartime Hacktivist Rules

    Non-profit warns of blurring between military and civilian attacks

  14. NSA Establishes AI Security Center

    NSA Director Gen. Nakasone made the announcement during a discussion in Washington last Thursday

  15. FortiGuard Uncovers Deceptive Install Scripts in npm Packages

    Fortinet said these packages can be categorized into nine sets based on their code and functions

  16. EU Cyber Resilience Act Could be Exploited for Surveillance, Experts Warn

    The open letter, signed by 50 leading cybersecurity figures, urges the EU to reconsider its proposals around vulnerability disclosure requirements

  17. Predator Spyware Linked to Madagascar's Government Ahead of Presidential Election

    Cybersecurity firm Sekoia has found new evidence that the Malagasy government has used Cytrox’s spyware ahead of the election

  18. Upstream Supply Chain Attacks Triple in a Year

    Sonatype detects over 245,000 malicious packages

  19. Half of Cybersecurity Professionals Report Increase in Cyber-Attacks

    New research by ISACA has found that the cybersecurity skills gap is contributing to businesses' cybersecurity preparedness

  20. CyberEPQ Course Triples Student Intake for the Coming Year

    Government funding will help more sixth-form students get into cyber

Why not watch?

  1. Enhancing Software Supply Chain Management: A DORA-Focused Approach

  2. Alert Fatigue: What Are You and Your Security Teams Missing?

  3. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

  4. Dispelling the Myths of Defense-Grade Cybersecurity

What’s hot on Infosecurity Magazine?