Infosecurity-magazine.com49m
watchTowr Finds New Zero-Day Vulnerability in Fortinet Products
The new vulnerability was named “FortiJump Higher” due to its similarity with the “FortiJump” vulnerability discovered in ...
Infosecurity-magazine.com3h
Ransomware Groups Use Cloud Services For Data Exfiltration
“In September 2024, modePUSH reported that the BianLian and Rhysida ransomware groups are now using Azure Storage Explorer to ...
Infosecurity-magazine.com4h
O2’s AI Granny Outsmarts Scam Callers with Knitting Tales
Telecommunications firm O2 has created a “human-like AI granny” to answer scam calls with the aim of keeping fraudsters on ...
Infosecurity-magazine.com23h
Massive Telecom Hack Exposes US Officials to Chinese Espionage
China-affiliated hackers have compromised US officials’ data through a large-scale hack on telecommunications providers, ...
Infosecurity-magazine.com20h
Sitting Ducks DNS Attacks Put Global Domains at Risk
Infoblox explained that the impact of Sitting Ducks attacks affects various groups: Organizations with hijacked domains ...
Infosecurity-magazine.com20h
Microsoft Power Pages Misconfiguration Leads to Data Exposure
Misconfigurations in Microsoft Power Pages granting excessive access permissions expose sensitive data, risking PII to ...
Infosecurity-magazine.com1d
NIS2 Directive: Everything EU Member States and Organizations Need to Know to Prepare and Comply
Understand how NIS2 requirements will affect those mandated industries, and what security providers can do to help them ...
Infosecurity-magazine.com1d
Bank of England U-turns on Vulnerability Disclosure Rules
The UK’s financial regulators have discarded plans to force critical suppliers to disclose new vulnerabilities ...
Infosecurity-magazine.com1d
API Security in Peril as 83% of Firms Suffer Incidents
Over 80% of UK organizations suffered an API security incident in the past year, with each costing over £400,000 ...
Infosecurity-magazine.com2d
Microsoft Fixes Four More Zero-Days in November Patch Tuesday
It’s been another busy Patch Tuesday for system administrators, with Microsoft releasing updates for nearly 100 ...
Infosecurity-magazine.com2d
TA455’s Iranian Dream Job Campaign Targets Aerospace with Malware
A complex phishing campaign attributed to the Iranian-linked threat actor TA455, has been observed using sophisticated ...
Infosecurity-magazine.com1d
Lazarus Group Uses Extended Attributes for Code Smuggling in macOS
Lazarus APT has been found smuggling malware onto macOS devices using custom extended attributes, evading detection ...