Infosecurity News
White House to Tackle AI-Generated Sexual Abuse Images
White House issues new voluntary commitments to combat image-based sexual abuse in AI
Half of UK Firms Lack Basic Cybersecurity Skills
A new government report reveals that nearly half of UK businesses lack basic cybersecurity skills, while advanced skills like penetration testing and incident management are even more scarce
Advanced Phishing Attacks Put X Accounts at Risk
SIM swapping and “adversary-in-the-middle” can bypass security for accounts on X (formerly Twitter)
Apple to Drop Spyware Lawsuit Over Security Concerns
Apple filed a motion to drop its lawsuit against NSO Group, fears key elements of its cyber defensive measures could be revealed to other spyware vendors
Meta Goes Ahead With Controversial AI Training in UK
Meta has unpaused a project to train AI on Facebook and Instagram posts, despite privacy concerns
23andMe Agrees to $30m Data Breach Settlement
Under-fire DNA testing firm 23andMe will pay $30m to settle class action lawsuit
UK Hosts International Cyber Skills Conference
Nations participating in the event include the US, Canada, EU countries, India, Japan, Singapore, Ghana and Oman
Malicious Actors Spreading False US Voter Registration Breach Claims
An FBI and CISA alert highlighted false claims of breaches of voter registration databases, designed to undermine confidence in US elections
Record $65m Settlement for Hacked Patient Photos
Over 600 patients and employees of Lehigh Valley Health Network in Pennsylvania had their medical record photos hacked and posted on the internet
Microsoft Vows to Prevent Future CrowdStrike-Like Outages
Microsoft will introduce new security capabilities for solution providers outside of kernel mode, preventing events like the CrowdStrike global outage
Irish Data Protection Regulator to Investigate Google AI
Ireland’s Data Protection Commission launches inquiry into whether Google followed GDPR rules over AI model training
Schools Face Million-Dollar Bills as Ransomware Rises
Ransomware gangs are targeting schools and higher education, with victims facing soaring ransom and recovery costs
TfL Confirms Customer Data Breach, 17-Year-Old Suspect Arrested
TfL has revealed that some customer data was accessed in a recent cyber-attack, potentially including the bank details of 5000 people
Mastercard Acquires Global Threat Intelligence Firm Recorded Future for $2.65bn
Mastercard aims to strengthen its cybersecurity capabilities by acquiring Recorded Future, a leading provider of threat intelligence
Lazarus Group Targets Developers in Fresh VMConnect Campaign
Lazarus Group has been observed impersonating Capital One staff to lure developers into downloading malware on open source repositories
UK Recognizes Data Centers as Critical National Infrastructure
The UK government has classified data centers as critical infrastructure in a move to protect UK data from cyber-attacks and prevent major IT blackouts
Business Email Compromise Costs $55bn Over a Decade
New FBI data reveals BEC scams have cost businesses more than $55bn since 2013
Open Source Updates Have 75% Chance of Breaking Apps
Endor Labs claims security patches can break underlying open source software 75% of the time
Operational Technology Leaves Itself Open to Cyber-Attack
Excessive use of remote access tools is leaving operational technology devices vulnerable, with even basic security features missing
Gallup: Pollster Acts to Close Down Security Threat
As the US presidential election draws near, polling company Gallup acts to block XSS vulnerability
