Infosecurity News
Chemical Facilities Warned of Possible Data Exfiltration Following CISA Breach
CISA has informed chemical facilities that its Chemical Security Assessment Tool (CSAT) was infiltrated by a malicious actor, and potentially exfiltrated sensitive data
US Bans Kaspersky Over Alleged Kremlin Links
Kaspersky “poses an undue or unacceptable risk to national security,” according to the US Commerce Department’s Bureau of Industry and Security
Synnovis Attackers Publish NHS Patient Data Online
Ransomware group Qilin has reportedly published nearly 400GB of data stolen following the attack on NHS provider Synnovis in early June
LockBit Most Prominent Ransomware Actor in May 2024
The LockBit ransomware group returned the fold to launch 176 attacks in May 2024 following a law enforcement takedown, NCC Group found
French Diplomatic Entities Targeted by Russian-Aligned Nobelium
The French cybersecurity agency has warned that Russian-aligned threat actor has been targeting public organizations for years
Crypto Firm Kraken Calls the Cops After Researchers Attempt “Extortion”
A cryptocurrency exchange claims to have been extorted after ‘researchers’ exploited a vulnerability to steal millions
Threat Actor Claims AMD and Apple Breaches
Notorious threat actor IntelBroker is claiming to have stolen data from Apple and AMD
Quishing Campaign Targets Chinese Citizens via Fake Official Documents
Cyber threat intelligence provider Cyble observed a new malicious QR code phishing campaign targeting Chinese citizens
Cybersecurity Burnout Costing Firms $700m+ Annually
Hack The Box research claims employee burnout could be costing hundreds of millions in lost productivity
G7 to Develop Cybersecurity Framework for Energy Sector
The G7 nations agree to develop a cybersecurity framework for key technologies used to operate electricity, oil and natural gas systems
CIISec Urges Employers to Target Young Talent in Gaming Centers
The Chartered Institute of Information Security has issued a new guide to help firms recruit more talent
92% of Organizations Hit by Credential Compromise from Social Engineering Attacks
A Barracuda report found that 92% of organizations experienced an average of six credential compromises caused by email-based social engineering attacks in 2023
Fake Meeting Software Spreads macOS Infostealer
Recorded Future has found that Vortax, a purported virtual meeting software, is actually malicious software spreading three information stealers
VMware Discloses Critical Vulnerabilities, Urges Immediate Remediation
VMware has disclosed critical vulnerabilities impacting its VMware vSphere and VMware Cloud Foundation products, with patches available for customers
Quarter of Firms Suffer an API-Related Breach
Salt Security study finds 23% of organizations suffered a breach via production APIs in 2023
Report Reveals Record Exploitation Rate For Load Balancers
Action1 reveals cybercriminals are increasingly targeting NGINX and Citrix load balancers
Los Angeles Public Health Department Discloses Large Data Breach
Los Angeles County Department of Public Health revealed a data breach impacting more than 200,000 individuals, with personal, medical and financial data potentially stolen
Academics Develop Testing Benchmark for LLMs in Cyber Threat Intelligence
Researchers from the Rochester Institute of Technology introduced a benchmark designed to assess large language models’ performance in cyber threat intelligence applications
Meta Pauses European GenAI Development Over Privacy Concerns
Meta has delayed plans to train its LLMs using public content shared by adults on Facebook and Instagram following a request by Ireland’s data protection regulator
China Attempted Covert Military Drone Tie-Up With UK University – Report
New report reveals China’s attempts to access leading AI research for military purposes