One Deepfake Digital Identity Attack Strikes Every Five Minutes Information Security Magazine 1 week ago Entrust claims deepfakes are driving a surge in digital identity fraud
Cybercriminals Exploit Weekend Lull to Launch Ransomware Attacks Information Security Magazine 1 week ago Ransomware groups are targeting weekends and holidays to exploit understaffed security teams in order to get the best chance of a pay day
CISA Chief Jen Easterly Set to Step Down on January 20 Information Security Magazine 1 week 1 day ago Easterly and her Deputy Director Nitin Natarajan are expected to leave office before President-elect Trump names a new leadership
T-Mobile Breached in Major Chinese Cyber-Attack on Telecoms Information Security Magazine 1 week 1 day ago T-Mobile was hit by Salt Typhoon, a Chinese cyber-espionage group targeting US and global telecom firms
Helldown Ransomware Expands to Target VMware and Linux Systems Information Security Magazine 1 week 1 day ago Helldown ransomware has expanded its reach to target Linux and VMware systems, exploiting Zyxel firewall vulnerabilities and exfiltrating data
Palo Alto Networks Patches Critical Firewall Vulnerability Information Security Magazine 1 week 1 day ago Palo Alto advised users to patch urgently as the vulnerability is critical and actively exploited in the wild
Ransomware Gangs on Recruitment Drive for Pen Testers Information Security Magazine 1 week 1 day ago Ransomware groups are recruiting pen testers from the dark web to expand their operations, as revealed by Cato Network's Q3 2024 SASE Threat Report
Suspected Phobos Ransomware Admin Extradited to US Information Security Magazine 1 week 1 day ago A Russian national suspected of involvement in Phobos ransomware has appeared in court in the US
Companies Take Over Seven Months to Recover From Cyber Incidents Information Security Magazine 1 week 1 day ago Fastly claims global organizations are taking 25% longer than expected to recover from security incidents
Swiss Cyber Agency Warns of QR Code Malware in Mail Scam Information Security Magazine 1 week 2 days ago Switzerland’s National Cyber Security Centre has warned of a new QR code scam in fake MeteoSwiss letters spreading Android malware
‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise Information Security Magazine 1 week 2 days ago Proofpoint researchers have observed the growing use of the ClickFix social engineering tactic, which lures people into running malicious content on their computer
Fake Donald Trump Assassination Story Used in Phishing Scam Information Security Magazine 1 week 2 days ago A phishing email claims to be from the New York Times with a story about an assassination attempt against President-elect Donald Trump
Surge in DocuSign Phishing Attacks Target US State Contractors Information Security Magazine 1 week 2 days ago Phishing attacks using DocuSign impersonations targeting state agencies have surged 98% since Nov 8
North Korean IT Worker Network Tied to BeaverTail Phishing Campaign Information Security Magazine 1 week 2 days ago BeaverTail malware has been used to target tech job seekers through fake recruiters, Palo Alto Networks’ Unit 42 has found
FTC Records 50% Drop in Nuisance Calls Since 2021 Information Security Magazine 1 week 2 days ago The US Federal Trade Commission is celebrating a halving of unwanted telemarketing and scam calls since 2021
UK Shoppers Lost £11.5m Last Christmas, NCSC Warns Information Security Magazine 1 week 2 days ago The UK’s National Cyber Security Centre is urging shoppers to stay safe this Christmas after revealing they lost £11.5m to fraudsters in 2023
Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors Information Security Magazine 1 week 5 days ago The security provider has elevated its warning about a vulnerability affecting firewall management interfaces after observing active exploitation
Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist Information Security Magazine 1 week 5 days ago Ilya Lichtenstein hacked into the cryptocurrency exchange in 2016 and stole around 120,000 bitcoins
watchTowr Finds New Zero-Day Vulnerability in Fortinet Products Information Security Magazine 1 week 5 days ago The new vulnerability was named “FortiJump Higher” due to its similarity with the “FortiJump” vulnerability discovered in October
Ransomware Groups Use Cloud Services For Data Exfiltration Information Security Magazine 1 week 5 days ago SentinelOne described some of ransomware groups’ favorite techniques for targeting cloud services