Infosecurity News
Social Media Firms Fail to Protect Children’s Privacy, Says ICO
The UK’s ICO has identified children’s privacy concerns in 11 social media and video sharing platforms, warning of regulatory action if these issues are not addressed
EPA Told to Address Cyber Risks to Water Systems
The US Government Accountability Office has told the Environmental Protection Agency to urgently develop a strategy to tackle rising cyber-threats to the water industry
NCSC Unveils Advanced Cyber Defence 2.0 to Combat Evolving Threats
The UK's NCSC is launching ACD 2.0, an advanced suite of cybersecurity tools and services designed to protect businesses from evolving cyber threats
Gaming Industry Faces 94% Surge in DDoS Attacks
The rise in DDOS attacks against the gaming industry is accompanied by increasing bot activity
Scam Platform Shut Down by UK Authorities After 1.8 Million Fraudulent Calls
UK authorities shut down a scam platform responsible for over 1.3 million calls to 500,000 victims, resulting in millions of pounds in losses
RansomEXX Group Targets Indian Banking With New Tactics
CloudSek said the RansomEXX breach occurred via a misconfigured Jenkins server at Brontoo Technology
Cencora Confirms Patient Data Stolen in Cyber-Attack
Pharma company Cencora confirmed in an updated SEC filing that sensitive personal and health data was exfiltrated by attackers in a February 2024 incident
E-Commerce Fraud Campaign Uses 600+ Fake Sites
The “Eriakos” info-stealing campaign is using hundreds of fake web shops to defraud victims
BEC Attacks Surge 20% Annually Thanks to AI Tooling
A Vipre study reveals a 20% increase in business email compromise attacks
Urgent Blood Appeal Issued in US After Ransomware Attack
US non-profit OneBlood has issued an urgent appeal for donations after a ransomware attack has significantly reduced its capacity to distribute blood to hospitals
New SMS Stealer Malware Targets Over 600 Global Brands
Discovered by Zimperium’s zLabs team, the SMS Stealer malware was found in over 105,000 samples
Meta to Pay Texas $1.4bn for Unlawful Biometric Data Capture
Meta has agreed a $1.4bn settlement with the State of Texas for failing to inform Facebook users about its biometric data capturing practices
New PyPI Package Zlibxjson Steals Discord, Browser Data
According to Fortinet, PyPI package Zlibxjson steals Discord tokens and browser data, including passwords and extensive user information
DDoS Attack Triggers New Microsoft Global Outage
A global outage of Microsoft services was triggered by a DDoS attack, with an error Microsoft’s DDoS protection measures amplifying the impact
Cost of a Data Breach Surges 10% on Shadow Data Challenge
IBM reveals a 10% increase in the global cost of a data breach to $4.9m
Researchers Uncover Largest Ever Ransomware Payment of $75m
Zscaler warns of copycat attacks after revealing one ransomware victim paid $75m
Sophisticated Phishing Campaign Targets Microsoft OneDrive Users
The OneDrive campaign uses social engineering to trick users into executing a PowerShell script
Stolen GenAI Accounts Flood Dark Web With 400 Daily Listings
According to eSentire, around 400 GenAI account logins are sold daily on the dark web, including credentials for GPT, Quillbot, Notion and Replit
ICO Slams Electoral Commission for Basic Security Failings
The ICO found that the Electoral Commission did not have appropriate security measures in place, allowing hackers to access the personal details of 40 million UK voters
Just One in 10 Attacks Flagged By Security Tools
Picus Security claims just 12% of simulated attacks trigger an alert
