Infosecurity News
Microsoft 365 Phishing Alert Can Be Hidden with CSS
Microsoft 365's anti-phishing tip can be hidden via CSS, as shown by Certitude's Moody and Ettlinger
CISA Releases Guide to Enhance Software Security Evaluations
The CISA guidance prioritizes product security alongside the manufacturer's enterprise security
#BHUSA: The Board Needs to Understand AI Deployment Risks
Boards need to understand where and why AI is being deployed within their organizations in order to mitigate risks
#BHUSA: DARPA's AI Cyber Challenge Heats Up as Healthcare Sector Watches
DARPA's AI Cyber Challenge is enlisting AI to fight software vulnerabilities, with the healthcare sector closely watching the semi-finals as a potential solution to rising cyber threats
UK Managers Improve Cyber Knowledge but Staff Lack Training
A new study from the Chartered Management Institute finds just half of firms offer regular security training
ICO Prepares £6m Fine for NHS Supplier Advanced
The UK’s ICO wants to fine NHS partner Advanced £6m for failures that led to a major ransomware breach
#BHUSA: 17.8m Phishing Emails Detected in First Half of 2024
Of the 17.8m phishing emails detected, 62% bypassed DMARC checks and 56% evaded all security layers
#BHUSA: Ransom Payments Surge, Organizations Pay Average of $2.5m
A new survey reveals that organizations are suffering an average of eight ransomware incidents per year and paying millions in ransom
CVEs Surge 30% in 2024, Only 0.91% Weaponized
Only 0.91% of vulnerabilities of the reported CVEs were weaponized, but represent the most severe risks
#BHUSA: 99% of Global 2000 Firms Have Recently Breached Vendors
SecurityScorecard claims almost all of the world’s biggest public companies are connected to a supply chain breach
Mobile Guardian Hack Leads to 13,000 Student Devices Wiped in Singapore
Singapore’s Ministry of Education ordered the removal of Mobile Guardian from students’ Chromebooks and iPads after a cybersecurity breach
French Museums Hit By Ransomware Attack
The Grand Palais is among French museums hit by ransomware attacks as the Paris 2024 Summer Olympic Games are underway
Police Recover Over $40m Headed to BEC Scammers
Interpol claims intervention saved one Singapore firm $42m stolen by scammers
#BHUSA: Nation-State Attacks Target Hardware Supply Chains
New report warns of escalating hardware supply chain attacks, with 19% of organizations impacted and nearly all IT leaders expecting nation-state involvement
Critical Vulnerability in Apache OFBiz Requires Immediate Patching
SonicWall discovered the Apache OFBiz flaw, identifying it as a critical issue enabling unauthenticated remote code execution
86% of Firms Identify Unknown Cyber-Risks as Top Concern
50% of professionals also cited a lack of expertise as a barrier to effective cyber-risk management
TikTok Withdraws Lite Rewards Program from EU Over Child Safety Fears
TikTok has committed to permanently withdraw the Lite Rewards program from the EU, after legal proceedings were launched relating to its risks to users, particularly children
White House and EC-Council Launch $15m Cybersecurity Scholarship Program
The White House and EC-Council scholarship program aims to train over 50,000 students in critical cybersecurity skills
US Sues TikTok For Children’s Law Violations
The US government is taking TikTok to court for alleged violations of the COPPA regulation
APT Group StormBamboo Attacks ISP Customers Via DNS Poisoning
Volexity claims the StormBamboo group compromised an ISP to push malicious software updates to customers
