Information Security Magazine

Panaseer claims 72% of security leaders are taking out personal indemnity insurance as board scrutiny increases

watchTowr has found a flaw in Citrix’s Session Recording Manager that can be exploited to enable unauthenticated RCE against Citrix Virtual Apps and Desktops

Jamf observed North Korean attackers embedding malware within Flutter applications to target macOS devices, potentially to test a new way of weaponizing malware

Halliburton has reported a $35m loss associated with an August ransomware breach

The World Economic Forum has shared recommendations on how to build on the success of existing partnerships to accelerate the disruption of cybercriminal activities

The new Remcos RAT variant identified in a new phishing campaign exploits CVE-2017-0199 via malicious Excel files

Researchers have uncovered a surge in phishing attacks using Visio .vsdx files to evade security scans

This year’s Blue OLEx cyber-attack drill was hosted in Italy and benefited from the new EU-CyCLONe for the first time

The UK Regional Organised Crime Unit (ROCU) Network has urged the elderly to be on the lookout for scam texts offering a winter fuel subsidy

Swedish-Russian national Roman Sterlingov has been jailed for 12 years and six months for operating notorious cryptocurrency mixer Bitcoin Fog

South Korea warned that pro-Russian groups have attacked government and private sector websites following the deployment of North Korean soldiers in Ukraine

International energy solution provider Newpark Resources has confirmed it was hit by a ransomware attack that disrupted critical systems

SentinelLabs observed the North Korean group BlueNoroff targeting crypto firms via a multi-stage malware campaign which utilizes a novel persistence mechanism

Androxgh0st botnet has expanded, integrating Mozi IoT payloads and targeting web server vulnerabilities

Interlock employs both “big-game hunting” and double extortion tactics against its victims

An ICO audit of AI recruitment tools found numerous data privacy issues that may lead to jobseekers being discriminated against and privacy compromised

TikTok Technology Canada, Inc, the subsidiary of Chinese group ByteDance, will have to cease its operations in Canada

The UK’s National Cyber Security Centre has released malvertising guidance for brands and their ad partners

CIISec report reveals the average wage for UK security professionals is now over £87,000

Trend Micro’s Robert McArdle says cybercriminals use of AI is far more limited than many realize, and pales in comparison to defenders' use of the technology