Infosecurity News

  1. Cyber-Attack on Evolve Bank Exposed Data of 7.6 Million Customers

    In a statement on Monday, Evolve confirmed the breach includes over 20,000 customers in Maine

  2. Eldorado Ransomware Strikes Windows and Linux Networks

    Group-IB also revealed the ransomware uses Chacha20 and RSA-OAEP for encryption

  3. Chinese State Actor APT40 Exploits N-Day Vulnerabilities “Within Hours”

    A joint government advisory warned that the Chinese state-sponsored actor APT40 is capable of immediately exploiting newly public vulnerabilities in widely used software

  4. Avast Provides DoNex Ransomware Decryptor to Victims

    Researchers at Avast found a flaw in the cryptographic schema of the DoNex ransomware and have been sending out decryptor keys to victims since March 2024

  5. Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection

    Study confirms most manufacturers with DMARC don’t have it configured to most secure policy

  6. Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak

    Tickets to Foo Fighters, Aerosmith, Pink and Usher gigs have been leaked by a threat actor trying to extort Ticketmaster

  7. New APT CloudSorcerer Malware Hits Russian Targets

    The malware issues commands via a hardcoded charcode table and Microsoft COM object interfaces

  8. Mekotio Trojan Targets Latin American Banking Credentials

    Trend Micro said the trojan has been observed masquerading as communications from tax agencies

  9. Cisco Warns regreSSHion Vulnerability Impacts Multiple Products

    Cisco has told customers that 42 of its products are impacted by the OpenSSH regreSSHion vulnerability, with a further 51 products being investigated

  10. Russia Blocks VPN Services in Information Crackdown

    The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens

  11. Crypto Thefts Double to $1.4 Billion, TRM Labs Finds

    Higher average token prices are the likely cause of the surge rather than a change in the crypto threat landscape

  12. 10 Billion Passwords Leaked on Hacking Forum

    A Cybernews investigation found that nearly 10 billion unique passwords have been posted on a popular hacking forum, putting users worldwide at risk of account compromises

  13. Vinted Fined €2.3m Over Data Protection Failure

    The Lithuanian data protection authority has imposed a fine of almost $2.5m on second-hand specialist Vinted for breaching GDPR

  14. EU Opens Applications for Cybersecurity and Digital Skills Funding

    The EU’s Digital Europe Programme (DEP) will provide over €210m in funding for cybersecurity and digital skills projects

  15. Europol Warns of Home Routing Challenges For Lawful Interception

    Law Enforcement Agencies can’t intercept communications without an agreement disabling PET in home routing

  16. Meta Faces Suspension of AI Data Training in Brazil

    The action comes in response to concerns over the company’s updated privacy policy

  17. Over $1bn in Cryptocurrency Lost to Web3 Cyber Incidents in 2024

    Certik observed the loss of $1.1bn worth of cryptocurrency across Web3 platforms in the first half of 2024, with phishing the most common vector

  18. Gamers' Data Exposed in RPG Platform Roll20 Breach

    Roll20 confirmed its administrative website account was accessed by a “bad actor,” leaving its users’ personal information exposed

  19. New Ransomware Group Phones Execs to Extort Payment

    Researchers claim the Volcano Demon ransomware group personally phone victims to pressure them into paying

  20. UK’s NCA Leads Major Cobalt Strike Takedown

    Global law enforcers have share intelligence leading to the takedown of hundreds of IP addresses hosting Cobalt Strike

Why Not Watch?

  1. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  2. Modernizing GRC: From Checkbox to Strategic Advantage

  3. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  4. Mastering AI Security With ISACA’s New AAISM Certification

What’s Hot on Infosecurity Magazine?