#Infosec2025: Majority of Compromises Caused by Stolen Credentials, No MFA
Rapid7 found that 56% of all compromises in Q1 2025 resulted from the theft of valid account credentials with no MFA in place
Information Security Magazine
#Infosec2025: Channel Bridges Security Skills Gap
3 weeks 2 days ago
Resellers and channel partners can add value, fill gaps in security teams and offer expertise in niche markets
#Infosec2025: Good Cybersecurity Enabled Ukraine’s Surprise Attack on Russia, Says NCSC
3 weeks 2 days ago
Effective cybersecurity played a key role Ukraine drone attack on Russian strategic bombers, a leading government security expert has claimed
Trump Budget Plan to Cut Nearly 1000 Jobs at Cyber Agency CISA
3 weeks 2 days ago
CISA is facing $495m budget cut, losing 1000 employees and reducing staff to 2324
#Infosec2025: Demand More of Your Vendors to Ease Quantum Transition, Say Experts
3 weeks 2 days ago
CISOs should demand more of their vendors and use regulation as an ally to persuade board members to accelerate the transition to post-quantum safety
Fake Docusign Pages Deliver Multi-Stage NetSupport RAT Malware
3 weeks 2 days ago
Malware campaign used fake DocuSign pages to deploy NetSupport RAT through clipboard manipulation
#Infosec2025: VEC Attacks Alarmingly Effective at Driving Engagement
3 weeks 2 days ago
Abnormal AI found that engagement rates with VEC attacks globally is “worrisomely high”, overtaking BEC in the EMEA region
#Infosec2025: Half of Firms Suffer Two Supply Chain Incidents in Past Year
3 weeks 2 days ago
Risk Ledger found that 90% of UK professionals view supply chain cyber incidents as a top concern for 2025
New Linux Vulnerabilities Expose Password Hashes via Core Dumps
3 weeks 3 days ago
Two local information disclosure flaws in Linux crash-reporting tools have been identified exposing system data to attackers
Sophisticated Malware Campaign Targets Windows and Linux Systems
3 weeks 3 days ago
A new malware campaign targeting Windows and Linux systems has been identified, deploying tools for evasion and credential theft
Cryptojacking Campaign Targets DevOps Servers Including Nomad
3 weeks 3 days ago
Wiz finds new threat group running cryptojacking campaign via exploited and misconfigured DevOps assets
#Infosec2025: Ransomware Drill to Spotlight Water Utility Cyber Risks in ‘Operation 999’
3 weeks 3 days ago
Semperis will host an immersive ransomware simulation focused on water utilities during Infosecurity Europe 2025
Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown
3 weeks 3 days ago
A report on the dark web marketplace Russian Market showed Acreed has emerged as the leading infostealer
Dutch Police Lead Shut Down of Counter AV Service AVCheck
3 weeks 3 days ago
Dutch, US and Finnish investigators have taken cybercrime service AVCheck offline
Mandatory Ransomware Payment Disclosure Begins in Australia
3 weeks 6 days ago
Australian firms with an annual turnover of AUS $3m are now required to report any payments to ransomware groups to authorities
US Banks Urge SEC to Repeal Cyber Disclosure Rule
3 weeks 6 days ago
Five major banking associations in the US claim the new SEC cyber incident disclosure rule puts a strain on their resources
FBI Flags Philippines Tech Company Behind Crypto Scam Infrastructure
3 weeks 6 days ago
The FBI provided details of Funnull’s malicious activities, selling infrastructure to criminal groups to facilitate cryptocurrency fraud in the US
UK MoD Launches New Cyber Warfare Command
3 weeks 6 days ago
The UK MoD has unveiled a new Cyber and Electromagnetic Command, which will focus on offensive cyber operations and “electromagnetic warfare” capabilities
CISA Urged to Enrich KEV Catalog with More Contextual Data
3 weeks 6 days ago
Security teams should use vulnerability context alongside KEV lists to prioritize patching, OX argued
ConnectWise Confirms Hack, “Very Small Number” of Customers Affected
4 weeks ago
The firm’s remote monitoring management tool, ScreenConnect, has reportedly been patched
Checked
11 hours 29 minutes ago