Infosecurity News

  1. North Korean IT Workers Holding Data Hostage for Extortion, FBI Warns

    A new FBI advisory warned that North Korean IT worker schemes have escalated their activities in recent months to include data extortion

  2. Ransomware Gangs Linked by Shared Code and Ransom Notes

    SentinelOne researchers highlighted similarities in the approaches used by the HellCat and Morpheus ransomware groups, suggesting shared infrastructure

  3. Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances

    Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment

  4. Bookmakers Ramp Up Efforts to Combat Arbitrage Betting Fraud

    Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams

  5. CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills

    Splunk reveals that 82% of CISOs now report directly to the CEO, but many lack EQ

  6. Cisco Fixes Critical Vulnerability in Meeting Management

    The network equipment giant urged customers to patch immediately

  7. New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing

    Cybercriminals are selling access to the malicious GenAI chatbot via Telegram, providing rapid assistance for a range of nefarious activities, according to Abnormal Security

  8. Trump Pardons Silk Road Founder Ulbricht

    President Trump has pardoned the founder of original dark web marketplace Silk Road

  9. PlushDaemon APT Targeted South Korean VPN Software

    PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign

  10. Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures

    Threat researchers analyzed the updated Tycoon 2FA phishing kit, which bypasses MFA

  11. 73% of UK Education Sector Hit by Cyber-Attacks in Past Five Years

    New ESET research reveals that 73% of UK educational institutions experienced at least one cyber-attack or breach in the past five years

  12. Ransomware Attacks Surge to Record High in December 2024

    NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded

  13. Major Cybersecurity Vendors' Credentials Found on Dark Web

    Cyble has found thousands of security vendors' credentials on the dark web, likely pulled from infostealer logs

  14. Account Compromise and Phishing Top Healthcare Security Incidents

    Netwrix claims 84% of healthcare organizations detected a cyber-attack in the past year

  15. Cloudflare Mitigates Record-Breaking 5.6Tbps DDoS Attack

    Cloudflare warns of a surge in hyper-volumetric DDoS after revealing it stopped a massive 5.6Tbps attack

  16. New Mirai Malware Variant Targets AVTECH Cameras, Huawei Routers

    Murdoc_Botnet used Mirai malware to exploit IoT vulnerabilities, targeting devices globally

  17. UK’s New Digital IDs Raise Security and Privacy Fears

    Security experts have outlined security and privacy concerns around the UK government’s GOV.UK Wallet, which will allow citizens to store all their ID documents in a single place

  18. Phishing Risks Rise as Zendesk Subdomains Facilitate Attacks

    A CloudSEK report revealed Zendesk's platform can be exploited for phishing and investment scams

  19. GDPR Fines Total €1.2bn in 2024

    Data from DLA Piper showed a 33% year-on-year fall in GDPR fines issued in Europe in 2024, with total penalties reaching €1.2bn

  20. Oracle To Address 320 Vulnerabilities in January Patch Update

    Critical flaws include those in Oracle Supply Chain products

What’s hot on Infosecurity Magazine?