Kevin Poireault

London

Reporter at Infosecurity Magazine

Tech reporter @InfosecurityMag • @coupecircuit_ | 🌍⚽🥊

Featured in: Favicon

infosecurity-magazine.com Favicon

rfi.fr

lesinrocks.com Favicon

usinenouvelle.com Favicon

usine-digitale.fr Favicon

jeuneafrique.com Favicon

newsbreak.com Favicon

theafricareport.com Favicon

sifted.eu

msn.com + 2 more

Articles

#Infosec2025: Ransomware Drill to Spotlight Water Utility Cyber Risks

5 days ago | infosecurity-magazine.com | Kevin Poireault

In the face of growing geopolitical instability, critical infrastructure organizations face an unprecedented level of cyber threats, putting their operations, data and very existence at risk. Water utilities are prime targets, as our daily lives and activities are heavily reliant on water supplies and wastewater processes. The consequences of a breach could be catastrophic, disrupting essential services and potentially impacting public health.
Acreed Emerges as Dominant Infostealer Threat Following Lumma Takedown

5 days ago | infosecurity-magazine.com | Kevin Poireault

An infostealer strain known as ‘Acreed’ could become the new market leader in credential theft malware, according to ReliaQuest. The cybersecurity company’s threat research team investigated Russian Market, one of the most popular platforms for selling and buying stolen credentials on the dark web. Its report, published on June 2, showed that Lumma Stealer, also known as LummaC2, accounted for nearly 92% of Russian Market credential log alerts in the last quarter of 2024.
US Banks Urge SEC to Repeal Cyber Disclosure Rule

1 week ago | infosecurity-magazine.com | Kevin Poireault

The US banking industry is lobbying to rescind one of the US Securities and Exchange Commission’s (SEC) latest rules on cyber incident reporting. The group includes the American Bankers Association (ABA), the Bank Policy Institute (BPI), the Securities Industry and Financial Markets Association (SIFMA), the Independent Community Bankers of America (ICBA) and the Institute of International Bankers (IIB).
CISA Urged to Enrich KEV Catalog with More Contextual Data

1 week ago | infosecurity-magazine.com | Kevin Poireault

In a new report, application security provider OX urged the US Cybersecurity and Infrastructure Security Agency (CISA) to add more context to its Known Exploited Vulnerabilities (KEV) catalog. After analyzing 10 common vulnerabilities (CVEs) in CISA’s KEV list across over 200 cloud environments, the OX researchers found that none posed any actual risks to cloud containerized environments.
ConnectWise Confirms Hack, “Very Small Number” of Customers Affected

1 week ago | infosecurity-magazine.com | Kevin Poireault

ConnectWise, the developer of remote access and support software ScreenConnect, has confirmed it was targeted by a cyber-attack from a nation-state threat actor. In a message sent to Infosecurity, a ConnectWise spokesperson said, “We recently learned of suspicious activity within our environment that we believe was tied to a sophisticated nation-state actor, which affected a very small number of ScreenConnect customers.”The firm did not provide any details on the intrusion.
Thousands of ASUS Routers Hijacked in Stealthy Backdoor Campaign

1 week ago | infosecurity-magazine.com | Kevin Poireault

Hackers have gained unauthorized, persistent access to about 9000 ASUS routers in an ongoing exploitation campaign, according to cyber intelligence firm GreyNoise. Unlike typical malware attacks, the attackers maintain long-term access without dropping malware or leaving traces. Instead, the operation uses the routers’ own legitimate features to create persistent backdoors that survive firmware updates and reboots.
Ivanti Vulnerability Exploit Could Expose UK NHS Data

1 week ago | infosecurity-magazine.com | Kevin Poireault

Two healthcare organizations in the UK are said to be among the victims of a malicious campaign involving the exploitation of a vulnerability linked to cybersecurity hardware provider Ivanti. According to Netherlands-based cybersecurity company EclecticIQ, threat actors have attempted to exploit a vulnerability in Ivanti Endpoint Manager Mobile (EPMM).
Czech Republic Accuses China of Government Hack

1 week ago | infosecurity-magazine.com | Kevin Poireault

The Czech Republic has accused the Chinese government of being behind a malicious cyber campaign which targeted the Czech Ministry of Foreign Affairs. In a public statement issued on May 28, Czech authorities said Beijing had sponsored cyberespionage actor APT31 to conduct the campaign and target one of the unclassified networks of the Ministry of Foreign Affairs.
Vietnam-Nexus Hackers Distribute Malware Via Fake AI Video Generators

1 week ago | infosecurity-magazine.com | Kevin Poireault

A hacking group allegedly from Vietnam has been leveraging social media ads promoting generative AI tools to distribute malware since at least mid-2024, according to Google Cloud-owned Mandiant. On May 27, Google Cloud released a new report detailing the findings of a Mandiant Threat Defense investigation initiated in November 2024.
US Government Launches Audit of NIST’s National Vulnerability Database

1 week ago | infosecurity-magazine.com | Kevin Poireault

The US government has begun an audit of its National Vulnerability Database (NVD) to ensure its team can catch up with the vulnerability backlog. In a May 20 memo, the US Department of Commerce’s Office (DoC) of Inspector General announced plans to conduct an audit of the National Institute of Standards and Technology (NIST) regarding its oversight of the NVD.