Infosecurity News
China Presents Defining Challenge to Global Cybersecurity, Says GCHQ
GCHQ chief warns China's cyber actions threaten global internet security, while Russia and Iran pose immediate risks
44% of Cybersecurity Professionals Struggle with Regulatory Compliance
Infosecurity Europe research highlights significant challenges faced by organisations in staying up to speed with increasing compliance requirements
Russian Actors Weaponize Legitimate Services in Multi-Malware Attack
Recorded Future details a novel campaign that abuses legitimate internet services to deploy multiple malware variants for credential theft
UK Insurance and NCSC Join Forces to Fight Ransomware Payments
UK insurers and the National Cybersecurity Centre release new guidance to discourage ransomware payments by businesses
Hackers Use DNS Tunneling to Scan and Track Victims
Palo Alto Networks warns threat actors are using DNS tunneling techniques to probe for network vulnerabilities
FCC Names and Shames First Robocall Threat Actor
In a first, the FCC has designated “Royal Tiger” as a malicious robocall threat group
Critical Vulnerabilities in Cinterion Modems Exposed
The flaws include CVE-2023-47610, a security weakness within the modem’s SUPL message handlers
Mallox Ransomware Deployed Via MS-SQL Honeypot Attack
Analyzing Mallox samples, Sekoia identified two distinct affiliates using different approaches
Ascension Ransomware Attack Diverts Ambulances, Delays Appointments
A ransomware attack on US private healthcare provider Ascension has disrupted patient care, with several hospitals currently on diversion
Black Basta Ransomware Victim Count Tops 500
Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations
Threat Actor Claims Major Europol Data Breach
A threat actor known as IntelBroker claims to be selling confidential Europol data after a May breach
UK's AI Safety Institute Unveils Platform to Accelerate Safe AI Development
The UK's open source AI safety evaluation platform, Inspect, is set to empower global collaboration for safer AI development
RSAC: Experts Highlight Novel Cyber Threats and Tactics
Well-funded cybercriminals are adopting more sophisticated techniques, creating a need for defenders to stay informed about the evolving threat landscape
RSAC: Why Cybersecurity Professionals Have a Duty to Secure AI
Experts at the RSA Conference urged cyber professionals to lead the way in securing AI systems today and pave the way for AI to solve huge societal challenges
RSAC: How CISOs Should Protect Themselves Against Indictments
Experts at the RSA Conference discussed what CISOs can do to protect themselves against legal pressure
New 'LLMjacking' Attack Exploits Stolen Cloud Credentials
Sysdig said the attackers gained access to these credentials from a vulnerable version of Laravel
Mobile Banking Malware Surges 32%
Afghanistan, Turkmenistan and Tajikistan victims experienced the highest share of banking Trojans
AI-Powered Russian Network Pushes Fake Political News
Researchers discover large-scale Russian influence operation using GenAI to influence voters
Fake Online Stores Scam Over 850,000 Shoppers
Researchers discover 75,000+ domains hosting fraudulent e-commerce sites, in a campaign dubbed BogusBazaar
RSAC: Three Strategies to Boost Open-Source Security
Experts at the RSA Conference discussed how governments, the open-source community and end users can work together to drastically improve the security of open-source software
