Infosecurity News
Security Detection Tech Failing, Say Cyber Leaders in Regulated Industries
A new Everfox survey shows a growing consensus among regulated organizations in favor of a strategic shift away from detecting cyber threats to preventing them
Microsoft Fixes Another Two Actively Exploited Zero-Days
February Patch Tuesday sees Microsoft fix four zero-days, including two under active exploitation
US, UK and Australia Sanction Russian Bulletproof Hoster Zservers
The US and its allies have sanctioned Russian bulletproof hoster Zservers for abetting ransomware attacks
Alabama Hacker Admits Role in SEC X Account Breach
An Alabama man has admitted hacking into the US Security and Exchange Commission’s X account using SIM swap fraud to gain access
New Chinese Hacking Campaign Targets Manufacturing Firms to Steal IP
Chinese hackers are infiltrating the networks of suppliers of “sensitive” manufacturers, according to a Check Point report to be published in the coming weeks
DDoS Attack Volume and Magnitude Continues to Soar
Gcore reported a 56% year-over-year rise in DDoS attacks in H2 2024, highlighting a steep long-term growth tend for the attack technique
Ransomware Gangs Increasingly Prioritize Speed and Volume in Attacks
Ransomware groups are adopting agile techniques in a quantity-over-quality approach, according to a new report from Huntress
8Base Ransomware Site Seized, Phobos Suspects Arrested in Thailand
Four Europeans were arrested in Phuket, believed to be members of the Phobos ransomware group
Apple Mitigates “Extremely Sophisticated” Zero-Day Exploit
Apple has patched a zero-day vulnerability being exploited in targeted attacks
OpenAI Was Not Breached, Say Researchers
Kela researchers explain that infostealers are to blame for compromised OpenAI logins
BadIIS Malware Exploits IIS Servers for SEO Fraud
Trend Micro uncovers BadIIS malware exploiting IIS servers for SEO fraud and malicious redirects
Georgia Hospital Alerts 120,000 Individuals of Data Breach
Memorial Hospital and Manor, located in Bainbridge, Georgia, has alerted 120,000 individuals that their data was breached following a ransomware attack last November
US: Man Gets 20 Years for $37m Crypto Heist
A US resident based in Indiana was charged with cyber intrusion and cryptocurrency theft conspiracies
UK Military Fast-Tracks Cybersecurity Recruitment
The UK MoD has announced it is fast-tracking the recruitment of specialist cybersecurity roles, with recruits offered a starting salary of above £40,000
Experts Dismayed at UK’s Apple Decryption Demands
Security and privacy experts have questioned a new demand from the UK Home Office on Apple’s encrypted iCloud service
Europol Warns Financial Sector of “Imminent” Quantum Threat
Europol has urged the financial sector to prioritize quantum-safe cryptography
Most UK GDPR Enforcement Actions Targeted Public Sector in 2024
27 UK public sector organizations faced ICO enforcement actions in 2024, with three fines issued, according to URM Consulting
Malicious AI Models on Hugging Face Exploit Novel Attack Technique
The technique, called nullifAI, allows the models to bypass Hugging Face’s protective measures against malicious AI models
Third-Party Risk Management Failures Expose UK Finance Sector
Orange Cyberdefense found that over half of UK financial firms suffered at least one third-party attack in 2024, linked to significant gaps in risk management strategies
Cybercriminals Weaponize Graphics Files in Phishing Attacks
Sophos has observed cybercriminals ramping up their use of graphics files as part of email phishing attacks to bypass conventional security protections