Infosecurity News
Hacktivists Claim Leak of CrowdStrike Threat Intelligence
CrowdStrike has acknowledged the claims by the USDoD hacktivist group, which has provided a link to download the alleged threat actor list on a cybercrime forum
Despite Bans, AI Code Tools Widespread in Organizations
Despite bans on AI code generation tools, widespread use and lack of governance are creating significant security risks for organizations
North Korean Hackers Target Critical Infrastructure for Military Gain
A joint advisory by the UK, US and South Korea have warned of a global espionage campaign by a North Korea threat actor, Andariel, targeting CNI organizations
Ransomware and BEC Make Up 60% of Cyber Incidents
Cisco Talos found that ransomware and BEC accounted for 60% of all cyber incidents in Q2 2024, with ransomware rising by 22% compared to Q1
Malware Attacks Surge 30% in First Half of 2024
SonicWall observed a surge in malware attacks in H1 2024, with strains becoming more adept at defense evasion
Most IT Leaders Say Severity of Cyber-Attacks has Increased
Appsbroker CTS found that nine in 10 IT leaders believe the severity of cyber-attacks has increased over the past year
CrowdStrike Shares How a Rapid Response Content Update Caused Global Outage
CrowdStrike has published a preliminary Post Incident Review into the global IT outage on July 19, revealing the issue came from a Rapid Response Content update
North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT Worker
KnowBe4 revealed it was duped into hiring a fake IT worker from North Korea resulting in attempted insider threat activity
Google Criticized for Abandoning Cookie Phase-Out
Google’s decision to abandon the phase out of third-party cookies on Chrome has been criticized, with the tech giant accused of neglecting user privacy
Chinese Espionage Group Upgrades Malware Arsenal to Target All Major OS
Symantec said Chinese espionage group Daggerfly has updated its malware toolkit as it looks to target Windows, Linux, macOS and Android operating systems
Russia Shifts Cyber Focus to Battlefield Intelligence in Ukraine
A new report published by RUSI highlighted how Russia’s intelligence services have adapted their cybersecurity strategy to the demands of a long war in Ukraine
Prolific DDoS Marketplace Shut Down by UK Law Enforcement
The UK’s National Crime Agency has infiltrated the DigitalStress marketplace, which offers DDoS capabilities
Play Ransomware Expands to Target VMWare ESXi Environments
Trend Micro also revealed a connection between the Play ransomware group and the threat actor Prolific Puma
Ransomware Groups Fragment Amid Rising Cybercrime Threats
Europol also said that multi-layered extortion tactics in ransomware are becoming more common
Cybercriminals Exploit CrowdStrike Outage Chaos
Cybercriminals have launched phishing campaigns purporting to support organizations impacted by the global IT outage, caused by a CrowdStrike Falcon issue
Two Russians Convicted for Role in LockBit Attacks
Two Russian nationals have pleaded guilty to charges relating to their participation in the LockBit ransomware gang
Sunburst: US Judge Dismisses Most SEC Charges Against SolarWinds
The SEC allegations against SolarWinds and its CISO over statements made after the 2020 ‘Sunburst’ hack were based on "hindsight and speculation,” said the judge
CrowdStrike Fault Causes Global IT Outages
An issue related to an update to CrowdStrike’s security platform Falcon Sensor has impacted Microsoft Windows Operating Systems, causing global IT outages
SAP AI Core Flaws Expose Sensitive Customer Data and Keys
All SAP AI Core vulnerabilities were reported to SAP by Wiz and have since been fixed
HotPage Malware Hijacks Browsers With Signed Microsoft Driver
HotPage manipulates browser traffic by hooking into network-based Windows API functions
