Infosecurity News
BreachForums Hacking Marketplace Taken Down Again
The FBI claims to have seized the domain and servers of hacking forum BreachForums
Infosecurity News
The FBI claims to have seized the domain and servers of hacking forum BreachForums
Infosecurity News
The National Cyber Security Centre launches an opt-in Personal Internet Protection service to safeguard individuals from cyber threats during the upcoming election
Infosecurity News
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US NVD since May 9
Infosecurity News
Infosecurity Europe research highlights significant challenges faced by organisations in staying up to speed with increasing compliance requirements
Infosecurity News
Recorded Future details a novel campaign that abuses legitimate internet services to deploy multiple malware variants for credential theft
Infosecurity News
A ransomware attack on US private healthcare provider Ascension has disrupted patient care, with several hospitals currently on diversion
Infosecurity News
A threat actor known as IntelBroker claims to be selling confidential Europol data after a May breach
Infosecurity News
Well-funded cybercriminals are adopting more sophisticated techniques, creating a need for defenders to stay informed about the evolving threat landscape
Infosecurity News
Experts at the RSA Conference urged cyber professionals to lead the way in securing AI systems today and pave the way for AI to solve huge societal challenges
Infosecurity News
Experts at the RSA Conference discussed what CISOs can do to protect themselves against legal pressure
Infosecurity News
Sysdig said the attackers gained access to these credentials from a vulnerable version of Laravel
Infosecurity News
Researchers discover large-scale Russian influence operation using GenAI to influence voters
Infosecurity News
Experts at the RSA Conference discussed how governments, the open-source community and end users can work together to drastically improve the security of open-source software
Infosecurity News
CISA launched a new software vulnerability enrichment program to fill the gap left by NIST’s National Vulnerability Database backlog
Infosecurity News
The award recognises Khan's outstanding contributions to the field and his role in shaping the cybersecurity industry
Infosecurity News
An ISACA survey found that just a third of organizations are adequately addressing security, privacy and ethical risks with AI
Infosecurity News
US government officials discussed plans on how to incentivize security by design principles in the software manufacturing process during RSA
Infosecurity News
Online payment systems, such as those for water bills and court citations, are still offline
Infosecurity News
CISOs share their experience of managing real-life cyber incidents provide their recommendations to survive cyber-attacks
Infosecurity News
Recorded Future’s Alexander Leslie highlights the increasingly blurred lines between hacktivism, financial cybercrime and nation-state activities during the RSA Conference 2024
Infosecurity News
An IBM report found that most organizations are exposing themselves to security risks when implementing generative AI tools
Infosecurity News
Join Claire Williams at Infosecurity Europe to learn how F1 leadership strategies can inspire cybersecurity leaders
Infosecurity News
Meta’s moderation failings could allow coordinated disinformation campaigns to thrive in the run-up to the EU election
Infosecurity News
Jake Humphrey and Professor Damian Hughes, the minds behind the High Performance Podcast, share their top non-negotiable behaviours for success in cybersecurity
Infosecurity News
The bill that could see TikTok banned in the US has been approved by the House of Representatives and the Senate
Infosecurity News
The proximity of organizations’ headquarters, like Asda’s and NHS England’s, prompted BlueVoyant to choose Leeds as the location for its first UK SOC
Infosecurity News
The breach affecting business analytics provider Sisense could lead to a wide-scale supply chain attack
Infosecurity News
A WiCyS report detailed the causes of disparities in the experiences of women working in cybersecurity compared to men, including respect and exclusion
Infosecurity News
For the fourth edition of Identity Management Day, the Identity Defined Security Alliance shared staggering numbers on the boom of identity-related cyber incidents
Infosecurity News
Infosecurity Europe 2024 will feature a keynote presentation by deepfake expert Henry Ajder, exploring the implications of generative AI on cybersecurity
SC Magazine
NIST says it has asked partner agencies for assistance as it works on a long-term solution to keeping the vital CVE database up to date.
Infosecurity News
After months of speculation, NIST has finally confirmed its intention to establish an industry consortium to develop the NVD in the future
Infosecurity News
The UK’s NCSC assesses that China-backed APT31 was “almost certainly” responsible for hacking the email accounts of UK parliamentarians
Infosecurity News
The flaws, identified by KTrust, enable attackers to bypass rate limits and brute force protection mechanisms
Infosecurity News
Vulnerability data has stopped being added to the most widely used software vulnerability database for over a month, putting organizations at risk – and nobody knows why
Infosecurity News
The new restriction to Google’s AI chatbot was first implemented in India, which holds elections in April, before being rolled across other nations
Infosecurity News
Three-quarters of cyber-incidents Sophos responded to involved small businesses in 2023, with attackers’ main goal being data theft
Infosecurity News
Darktrace reveals a novel phishing campaign where attackers leveraged legitimate Dropbox infrastructure to steal credentials before bypassing MFA
Infosecurity News
The maker of the Mispadu Trojan started distributing a new infostealer with financial lures to Mexican users, Cisco Talos found
Infosecurity News
The UK government provided a preview of its future Cybersecurity Governance Code of Practice, which aims to be the go-to cyber guideline for UK businesses
Infosecurity News
UK Information Commissioner John Edwards explains how the ICO is working to provide clarity around the lawful use of AI
Infosecurity News
Ransomware and destabilization attacks rose in 2023, yet France’s ANSSI is most concerned about a diversification of cyber espionage campaigns
Infosecurity News
Law enforcement agencies involved in Operation Cronos have announced they have been in contact with the LockBit kingpin aka LockbitSupp
Infosecurity News
The OWASP Foundation provides new guidelines to deploy secure-by-design LLM use cases
Infosecurity News
Over two-thirds of IT decision-makers increase cybersecurity budgets in 2024, prioritizing cloud security and incident response as cyber threats escalate
Infosecurity News
Since emerging in May 2023, the group claims to have victimized 77 companies and public institutions
Infosecurity News
What businesses should know about Operation Cronos and LockBit, one of the largest ransomware takedowns in history
Infosecurity News
After discovering a new vulnerability impacting its Connect Secure, Policy Secure, and ZTA gateways, Ivanti is under fire for poor security practices
Infosecurity News
Group-IB warns of new Trojan GoldPickaxe designed to bypass banking facial recognition with deepfakes
Infosecurity News
UK utilities firm Southern Water has informed 5-10% of its customer base that their personal data has been accessed following a ransomware attack in January
Infosecurity News
US companies using AI-generated voices during a call without prior consent could receive fines of up to $23,000 per call
Infosecurity News
Facebook and other social media companies struggle with trust, with only 6% globally comfortable sharing personal data, according to a 2024 Thales survey
Infosecurity News
Shadowserver Foundation spots 170 distinct IP addresses trying to exploit Ivanti zero-day CVE-2024-21893
Infosecurity News
The Tinder-like app has countered claims of being a hot spot for sextortion scammers
Infosecurity News
US government agencies took down the botnet of Chinese APT Volt Typhoon, used to target critical infrastructure for nation-state espionage
DarkReading
The initiative has named the first eight companies approved to cyber-secure the Dubai government.
Infosecurity News
New York attorney general launches legal case against Citi for failing to reimburse or protect fraud victims
Infosecurity News
Kaspersky said cybercriminals are exploring schemes to implement ChatGPT in malware development
Infosecurity News
OpenAI will implement a provenance standard into DALL-E 3 and link ChatGPT to an authoritative election website in the US
Infosecurity News
Veeam found that 75% of organizations suffered at least one ransomware attack last year, with 26% hit four or more times
Infosecurity News
Password manager provider LastPass has started implementing stricter password measures for its customers
Infosecurity News
The breach, which unfolded on September 28, compelled ESO to shut down systems temporarily
Infosecurity News
BlackCat ransomware resurfaces after FBI takedown attempt, defying law enforcement takedown
Infosecurity News
Researchers observed malicious files advancing through email, PDF, URL and MSI
Infosecurity News
The FBI and CISA detected that hackers linked to the Russian foreign intelligence service (SVR) have been targeting a JetBrains TeamCity vulnerability since September 2023
Infosecurity News
Russian cyber campaigns aim to disrupt Western allies’ ability and motivation to support Ukraine’s war effort
Infosecurity News
The landmark bill will regulate the use of generative AI models like ChatGPT and AI systems used by governments and law enforcement
Infosecurity News
Orange Cyberdefense’s Security Navigator listed the manufacturing sector as number one for both detected cyber incidents and confirmed cyber-attacks
Infosecurity News
The sophisticated campaign has led to customers having their money stolen by cybercriminals
Infosecurity News
AI-powered tools are among the top fraud techniques used by threat actors in 2023, according to Sumsub’s third annual Identity Fraud Report
Infosecurity News
IntelBroker claims to be selling sensitive military data
CyberSecurity Dive
Which security conferences are teams prioritizing in 2024? A new report reveals the 7 most popular events in the cybersecurity calendar.
DataBreaches
Chris Riotta reports: Hackers potentially linked to the Russian GRU Main Intelligence Directorate carried out a series of highly coordinated cyberattacks...
Infosecurity News
ESET said the attack affects Android users accessing the Urdu version of the Hunza News website
Infosecurity News
Jenny Radcliffe talks to Infosecurity about the changing nature of social engineering scams and the threats posed by AI
Infosecurity News
The OWASP Foundation has released a call to action ahead of the UK’s AI Safety Summit
Infosecurity News
ISC2’s CEO says the c-suite appears to be more concerned with economic risk than cyber risk
Infosecurity News
Experts highlighted the ways generative AI tools can help security teams, and how to mitigate the risks they pose
Infosecurity News
Two leading CISOs provide best practice tips for CISOs on undertaking a sustainable cyber risk management program
Infosecurity News
Generative AI poses a high risk of misinformation and disinformation, according to ISACA survey, with 77% of professionals saying it is the top concern
Infosecurity News
Most digital trust professionals believe AI will have a positive impact on their jobs, and 23% think the number of jobs could increase because of AI
Infosecurity News
War crimes court warns of persistent attacks
Infosecurity News
ISACA's new CEO highlights growth of its European membership as the Association works on an aggressive growth strategy
Infosecurity News
FIDO Alliance’s Online Authentication Barometer showed that AI-powered phishing is prompting users to switch passwords for MFA
Infosecurity News
Hacktivists claim DDoS attacks against Israeli websites as cybersecurity experts urge caution in believing these cyber-criminals’ claims
Infosecurity News
Many recruit victims on social media, says Europol
Infosecurity News
Spanish airline did not disclose scale of the attack
Infosecurity News
Google has launched capture the flag (CTF) competitions focused on Chrome’s V8 JavaScript engine and Google Cloud’s kernel-based virtual machine (KVM)
Infosecurity News
Cisco Talos found new evidence that Qakbot-affiliated actors were still distributing ransomware despite the August FBI takedown of the threat group
DataBreaches
James Coker reports: The number of victims named on ransomware leak sites reached “unprecedented levels” in the four months from March to June 2023,...
DataBreaches
As seen on the website of The First Judicial Circuit of Florida: The First Judicial Circuit has experienced an information technology security event that is...
Infosecurity News
A recent survey conducted by Integrity 360 shows that data theft has overtaken ransomware as a top concern for some IT decision makers
Infosecurity News
Lorraine Dryland discusses how to help executives make fast and informed decisions when presented with a ransomware demand
Infosecurity News
The decentralized finance network has suspended deposits and withdrawals after what could be one of the biggest cyber-attacks on cryptocurrency projects
DataBreaches
In May, the NYS Comptroller’s Office released an audit conducted to determine if the New York State Education Department (SED) consistently follows all...
Infosecurity News
Experts at the mWISE conference discussed who is behind the surge in zero-day exploits
Infosecurity News
The agreement, which represents an extension to the EU-US Data Privacy Framework, will enable the free flow of personal data between the UK and US
Infosecurity News
A new legal requirement for medical devices in the US will introduce the first-ever SBOM mandate for the consumer market
Infosecurity News
China is sponsoring not just ever more highly sophisticated espionage campaigns, but also venturing into cybercrime and disinformation
Infosecurity News
Database compromise dates back to March 2022
Loading more articles....