admin

Valve is bolstering the security of its Steamworks platform by introducing SMS verification for developers, aiming to prevent future incidents of hackers infiltrating developer accounts.  The move comes in response to previous breaches where malevolent actors compromised developers’ accounts and injected malware into various game builds. While these attacks, as confirmed by PC Gamer, impacted fewer

Vietnam-based cybercriminals are believed to be behind to attacks using DarkGate malware, which have targeted organizations in the UK, US and India since 2018. WithSecure researchers have tracked these attacks to an active cluster of cybercriminals using the Ducktail infostealer, which has been used in recent campaigns targeting Meta business accounts. The DarkGate and Ducktail

The use of AI chatbots and AI-enabled manipulation of information by malicious actors is a key threat ahead of the upcoming 2024 elections across the continent, according to the European Union Agency for Cybersecurity (ENISA). The 11th edition of ENISA’s Threat Landscape report, published on October 19, 2023, compiles cyber threats observed by the Agency

The Hoxhunt Challenge has unveiled alarming trends in employee susceptibility to phishing attacks, emphasizing the critical role of engagement in reducing human risk.  The study, published today and conducted in 38 organizations across nine industries and 125 countries, revealed that 22% of phishing attacks in the first weeks of October 2023 used QR codes to

Google has bolstered the security of Android devices with a significant update to Google Play Protect. According to the tech giant, this development is in response to the growing prevalence of cyber-threats targeting mobile devices. Google Play Protect is an existing security feature that scans approximately 125 billion apps daily for malware and unwanted software. 

Cybersecurity experts at Kaspersky have unveiled a covert and highly advanced espionage campaign, codenamed “TetrisPhantom.” The persistent operation has specifically targeted government institutions in the Asia-Pacific region (APAC), utilizing a unique method involving secure USB drives for data infiltration. Kaspersky’s findings are part of their latest quarterly APT threat landscape report. The clandestine campaign, which

Unpatched WS_FTP servers exposed to the internet have become prime targets for ransomware attacks, with threat actors exploiting a critical vulnerability.  Writing on Infosec Exchange last Thursday, Sophos X-Ops’ incident responders described an attempted ransomware attack by the self-proclaimed Reichsadler Cybercrime Group. The attack reportedly utilized a stolen LockBit 3.0 builder to create ransomware payloads. Despite Progress

A new vulnerability in the User Submitted Posts WordPress plugin (versions 20230902 and below) has been discovered by the Patchstack team. With over 20,000 active installations, this popular plugin is used for user-generated content submissions and is developed by Plugin Planet. The vulnerability, discussed by Patchstack security researcher Rafie Muhammad in an advisory published today,

Email security provider Cofense has discovered a new phishing campaign comprising over 800 emails and using LinkedIn Smart Links. The campaign was active between July and August 2023 and involved various subject themes, such as financial, document, security, and general notification lures, reaching users’ inboxes across multiple industries. The financial, manufacturing and energy sectors are

The UK’s financial regulator has fined Equifax Ltd. over £11m ($13.4m) for failing to protect UK consumer data stolen in the notorious 2017 data breach. The Financial Conduct Authority (FCA) announced the financial penalty on October 13, 2023. The FCA stated that Equifax’s UK business failed to take appropriate action to protect the personal data

CISO salary growth has slowed with 20% receiving no raise at all in 2023, according to a new study by IANS Research and Artico Search. The research found an average total compensation increase of 11% over the past 12 months. This represents a reduction of 14% from the previous year. The average base salary increase