Infosecurity News

  1. Hacklink Marketplace Fuels Surge in Covert SEO Poisoning Attacks

    New SEO poisoning attacks identified, using Hacklink to hijack search rankings and inject malicious links into sites

  2. UK ICO Fines 23andMe £2.3m for Data Protection Failings

    23andMe has been fined over £2m by the UK ICO for failing to adequately protect genetic data

  3. Taiwan Hit by Sophisticated Phishing Campaign

    Phishing campaign targeting Taiwan has been identified, using tax-themed emails and malware like Winos and HoldingHands

  4. Chained Flaws in Enterprise CMS Provider Sitecore Could Allow Remote Code Execution

    WatchTowr has found three vulnerabilities in the Sitecore Experience Platform, used by HSBC and L’Oréal

  5. Microsoft Promises to Keep European Cloud Data in Europe

    Microsoft’s Sovereign Cloud solutions are designed to ensure European cloud data is stored and processed in Europe

  6. Brits Lose £106m to Romance Fraud in a Year

    New City of London Police data reveals British men and women lost over £100m to romance fraudsters in 2024

  7. Threat Actors Target Victims with HijackLoader and DeerStealer

    Cyber-attacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix

  8. Archetyp Market Shut Down in Europe-wide Law Enforcement Operation

    Operation DEEP Sentinel has shut down Archetyp Market, the longest-running dark web drug marketplace

  9. Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus

    Nessus users should update patches as soon as possible

  10. Anubis Ransomware Adds File-Wiping Capability

    Trend Micro identified a novel “wipe mode” included in Anubis ransomware to prevent file recovery, increasing pressure on victims to give in to demands

  11. Over a Third of Grafana Instances Exposed to XSS Flaw

    Some 36% of Grafana instances are vulnerable to account takeover bug, putting DevOps teams at risk

  12. WestJet Investigates Cyber-Attack Impacting Customers

    Canadian airline WestJet is investigating a cyber-attack that struck on June 13

  13. Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names

    Jen Easterly and Ciaran Martin called for a universal, vendor-neutral cyber threat actor naming system

  14. European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms

    This is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware

  15. Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm

    A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of the SimpleHelp RMM tool

  16. Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft

    Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email

  17. Palo Alto Networks Patches Series of Vulnerabilities

    The cybersecurity provider also implemented recent fixes in Chromium that affected its Prisma Access Browser

  18. NIST Publishes New Zero Trust Implementation Guidance

    The new NIST guidance sets out 19 example implementations of zero trust using commercial, off-the-shelf technologies

  19. Europol Says Criminal Demand for Data is “Skyrocketing”

    Europol warns of “vicious circle” of data breaches and cybercrime

  20. Phishing Alert as Erie Insurance Reveals Cyber “Event”

    Erie Insurance reveals suspected network breach and ongoing outage

Why not watch?

  1. Mastering Emerging Regulations: DORA, NIS2 and AI Act Compliance

  2. Reimagining the SOC: From Reactive to Resilient

  3. Mainframe Security: Identifying Threats, Vulnerabilities and Risk Mitigation Strategies

  4. Cybersecurity Employment: Making Sense of Conflicting Messaging

What’s hot on Infosecurity Magazine?