Browsing: Threats and Vulnerabilities

New Wave of Phishing Attacks Exploits Microsoft Visio Files for Two-Step Credential Theft

ISB Staff ReporterNovember 12, 20243 Mins Read

Researchers at cybersecurity firm Perception Point have identified a new type of two-step phishing attack that exploits Microsoft Visio files…

JFrog Uncovers Critical Vulnerabilities in Machine Learning Platforms

Josh Breaker RolfeNovember 7, 20242 Mins Read

Software supply chain company JFrog revealed on Monday that it had discovered 22 software vulnerabilities across 15 machine learning-related open-source…

Google’s Big Sleep AI Tool Finds Zero-Day Vulnerability

Kirsten DoyleNovember 6, 20245 Mins Read

In a major breakthrough, Google’s AI-powered research tool, Big Sleep, discovered a vulnerability in SQLite, one of the most widely…

Advanced Variant of FakeCall Malware Targets Mobile Users with Sophisticated Vishing Attacks

Kirsten DoyleNovember 4, 20243 Mins Read

Mobile security company Zimperium’s zLabs team has uncovered an advanced variant of the FakeCall malware that employs “Vishing” (voice phishing)…

Microsoft Warns of Major Credential Theft by Chinese Hackers Via Covert Network Attacks

Kirsten DoyleNovember 4, 20244 Mins Read

Since August last year, Microsoft has identified a surge in intrusion activity with attackers using sophisticated password spray techniques to…

Redline Stealer Dominates: VIPRE’s Q3 Report Highlights Sophisticated BEC Tactics and Evolving Malware Trends

Dilki RathnayakeNovember 1, 20243 Mins Read

VIPRE Security Group’s Q3 2024 Email Threat Trends Report reveals the increasing sophistication of email-based threats, particularly business email compromise…

Malicious npm Packages Found to Distribute BeaverTail Malware

ISB Staff ReporterOctober 29, 20243 Mins Read

Three malicious packages uploaded to the npm registry were discovered to harbor BeaverTail, a JavaScript downloader and information stealer associated…

Cyware and ECS Partner to Enhance Government Cybersecurity with Advanced Threat Intel Exchange

ISB Staff ReporterOctober 29, 20242 Mins Read

Cyware, a provider of threat intelligence management and cyber fusion solutions, has teamed up with ECS, a player in technology…

US Energy Sector Faces Growing Cybersecurity Threats

Kirsten DoyleOctober 25, 20243 Mins Read

A recent cybersecurity report by SecurityScorecard and KPMG reveals that the US energy sector remains at high risk of cyber…

The Lazarus APT Strikes Again: New Zero-Day Exploit Targets Investors through DeFi Games

Kirsten DoyleOctober 24, 20243 Mins Read

In a new and sophisticated campaign, the infamous North Korean-affiliated Lazarus APT group and its BlueNoroff subgroup have once again…

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics