Infosecurity News

  1. China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses

    NVISO discovered new variants of the BRICKSTORM backdoor, initially designed for Linux, on Windows systems

  2. 92% of Mobile Apps Found to Use Insecure Cryptographic Methods

    Study reveals 92% of mobile apps use insecure cryptographic methods, exposing millions to data risks

  3. Scalper Bots Fueling DVSA Driving Test Black Market

    DataDome warns that DYI bots are snapping up driving test places en masse

  4. Chaos Reigns as MITRE Set to Cease CVE and CWE Operations

    Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database

  5. North Korean Hackers Exploit LinkedIn to Infect Crypto Developers with Infostealers

    Posing as potential employers, Slow Pisces hackers conceal malware in coding challenges sent to cryptocurrency developers on LinkedIn

  6. Compliance Now Biggest Cyber Challenge for UK Financial Services

    Regulatory compliance and data protection were the biggest cybersecurity challenges cited by UK financial organizations, according to a Bridewell survey

  7. Bot Traffic Overtakes Human Activity as Threat Actors Turn to AI

    Thales report reveals bots now account for 51% of all web traffic, surpassing human activity

  8. Organizations Found to Address Only 21% of GenAI-Related Vulnerabilities

    Pentesting firm Cobalt has found that organizations fix less than half of exploited vulnerabilities, with just 21% of generative AI flaws addressed

  9. LabHost Phishing Mastermind Sentenced to 8.5 Years

    A UK man has been sentenced to over eight years for masterminding £100m phishing platform LabHost

  10. Major WordPress Plugin Flaw Exploited in Under 4 Hours

    Flaw in SureTriggers plugin allows unauthenticated users to create admin accounts on WordPress sites

  11. Prodaft Offers "No Judgment" Deal to Buy Dark Web Accounts from Cybercrime Forum Users

    Through the SYS Initiative, Prodaft is offering a secure, anonymous channel for individuals to share information about ongoing cybercrime activities

  12. New Malware ResolverRAT Targets Healthcare and Pharma Sectors

    ResolverRAT targets healthcare organizations using advanced evasion techniques and social engineering

  13. US Blocks Foreign Governments from Acquiring Citizen Data

    The US government has implemented a program that applies export controls on data transactions to certain countries of concern, including China and Russia

  14. Digital Certificate Lifespans to Fall to 47 Days by 2029

    CA/Browser Forum members have voted in favor of shortening TLS/SSL certificate lifespans to 47 days

  15. AI Hallucinations Create “Slopsquatting” Supply Chain Threat

    Experts have warned that threat actors could hijack AI hallucinations in “slopsquatting” attacks

  16. NVD Revamps Operations as Vulnerability Reporting Surges

    The NVD program manager has announced undergoing process improvements to catch up with its growing vulnerability backlog

  17. Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today

    Experts at the Google Cloud Next event set out how security teams need to adapt their focuses in the wake of trends such as rising cyber-attacks and advances in AI

  18. Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems

    Rockwell Automation, Hitachi Energy and Inaba Denki Sangyo have products affected by critical vulnerabilities carrying severity ratings as high as 9.9

  19. Google Cloud: China Achieves “Cyber Superpower” Status

    Google Cloud’s Sandra Joyce said that Chinese state actors’ advanced techniques and ability to stay undetected pose huge challenges

  20. Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity

    Google Cloud announced a number of security products designed to reduce complexity for security leaders

What’s hot on Infosecurity Magazine?