Information Security Magazine

Experts argue Britons are now less secure after their government effectively forced Apple to abandon end-to-end encryption

Following the largest-ever crypto theft, Bybit is offering researchers up to 10% of recovered funds

Chinese threat actor Salt Typhoon used JumbledPath, a custom-built utility, to gain access to a remote Cisco device, said the network provider

Health Net Federal Services has agreed to pay over $11m over alleged false cybersecurity reporting

BlackBasta’s internal chatlogs are “highly useful from a threat intelligence perspective,” said Prodaft, the firm that revealed the leak

Microsoft has developed the first ever quantum chip, shortening the timeframe for when quantum computers will break exiting encryption

Fake job ads target freelance developers, spreading malware via GitHub

A survey by IANS and Artico found significant regional variation in cybersecurity salary levels across North America

Mobile phishing attacks surged in 2024, with 16% of all incidents occurring in the US, according to a new Zimperium report

Kela researchers 330 million compromised credentials to infostealer activity on over four million machines in 2024

Palo Alto Networks has observed exploit attempts chaining three vulnerabilities in its PAN-OS firewall appliances

CISA and the FBI have released a joint advisory detailing the activity of China’s Ghost ransomware

A flaw in the Jupiter X Core plugin has been identified, allowing upload of malicious SVG files and remote code execution on vulnerable servers

Finastra notifies customers of data breach that took place more than three months ago, impacting sensitive financial information

Australia-based Genea said it is investigating the cyber incident to determine whether any personal data was accessed by an unauthorized third party

The head of the Australian Security Intelligence Organisation gave his Annual Threat Assessment for the year ahead

Venture capital firm Insight Partners, which counts Recorded Future, SentinelOne and Wiz in its portfolio, confirmed an intrusion into its systems via a social engineering attack

Google has warned that Russian state-backed hackers are targeting Signal to eavesdrop on persons of interest in Ukraine

Hudson Rock has found evidence that infostealers have compromised hundreds of US military and defense contractor credentials

Significant OpenSSH flaws are exposing systems to man-in-the-middle and denial-of service attacks