FTC Records 50% Drop in Nuisance Calls Since 2021
The US Federal Trade Commission is celebrating a halving of unwanted telemarketing and scam calls since 2021
Information Security Magazine
UK Shoppers Lost £11.5m Last Christmas, NCSC Warns
3 days ago
The UK’s National Cyber Security Centre is urging shoppers to stay safe this Christmas after revealing they lost £11.5m to fraudsters in 2023
Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors
5 days 18 hours ago
The security provider has elevated its warning about a vulnerability affecting firewall management interfaces after observing active exploitation
Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist
5 days 20 hours ago
Ilya Lichtenstein hacked into the cryptocurrency exchange in 2016 and stole around 120,000 bitcoins
watchTowr Finds New Zero-Day Vulnerability in Fortinet Products
5 days 21 hours ago
The new vulnerability was named “FortiJump Higher” due to its similarity with the “FortiJump” vulnerability discovered in October
Ransomware Groups Use Cloud Services For Data Exfiltration
5 days 23 hours ago
SentinelOne described some of ransomware groups’ favorite techniques for targeting cloud services
O2’s AI Granny Outsmarts Scam Callers with Knitting Tales
6 days 1 hour ago
Sitting Ducks DNS Attacks Put Global Domains at Risk
6 days 16 hours ago
Over 1 million domains are vulnerable to “Sitting Ducks” attack, which exploits DNS misconfigurations
Microsoft Power Pages Misconfiguration Leads to Data Exposure
6 days 17 hours ago
Misconfigurations in Microsoft Power Pages granting excessive access permissions expose sensitive data, risking PII to unauthorized users
Massive Telecom Hack Exposes US Officials to Chinese Espionage
6 days 20 hours ago
The FBI and CISA have confirmed that US officials’ private communications have been compromised
API Security in Peril as 83% of Firms Suffer Incidents
6 days 23 hours ago
Over 80% of UK organizations suffered an API security incident in the past year, with each costing over £400,000
Bank of England U-turns on Vulnerability Disclosure Rules
1 week ago
The UK’s financial regulators have discarded plans to force critical suppliers to disclose new vulnerabilities
Hive0145 Targets Europe with Advanced Strela Stealer Campaigns
1 week ago
Hive0145 is targeting Spain, Germany, Ukraine with Strela Stealer malware in invoice phishing tactic
AI Threat to Escalate in 2025, Google Cloud Warns
1 week ago
2025 could see our biggest AI fears materialize, according to a Google Cloud forecast report
Lazarus Group Uses Extended Attributes for Code Smuggling in macOS
1 week ago
Lazarus APT has been found smuggling malware onto macOS devices using custom extended attributes, evading detection
Amazon MOVEit Leaker Claims to Be Ethical Hacker
1 week ago
An individual who posted data allegedly stolen via MOVEit from Amazon and other big-name firms claims not to be malicious
Microsoft Fixes Four More Zero-Days in November Patch Tuesday
1 week 1 day ago
Microsoft has addressed four zero-day vulnerabilities this month, two of which have been exploited
TA455’s Iranian Dream Job Campaign Targets Aerospace with Malware
1 week 1 day ago
The TA455 phishing campaign used fake job offers on LinkedIn to deploy malware
Phishing Tool GoIssue Targets Developers on GitHub
1 week 1 day ago
New phishing tool GoIssue targets GitHub, enabling mass phishing, and has been linked to the GitLoker extortion campaign
CISOs Turn to Indemnity Insurance as Breach Pressure Mounts
1 week 1 day ago
Panaseer claims 72% of security leaders are taking out personal indemnity insurance as board scrutiny increases
Checked
3 hours 54 minutes ago