Infosecurity News

  1. FBI and CISA Assure Public on Election Ransomware Security

    The FBI and CISA said ransomware on local networks may cause delays but won't impact voting system integrity

  2. New Tool Xeon Sender Enables Large-Scale SMS Spam Attacks

    Xeon Sender features SMS spam via APIs, Nexmo/Twilio credentials validation and phone number generation

  3. Microsoft Apps for macOS Exposed to Library Injection Attacks

    Cisco Talos researchers found a flaw in eight Microsoft apps for macOS that could enable library injection attacks, putting sensitive data at risk

  4. Ransomware Resilience Drives Down Cyber Insurance Claims

    Cyber insurance claims in the UK have fallen by over a third between 2022 and 2024 as businesses refuse ransom payments

  5. NCSC Opens Cyber Resilience Audit Scheme to Applicants

    The UK’s National Cyber Security Centre wants prospective auditors to check compliance with its Cyber Assessment Framework

  6. Unicoin Staff Locked Out of G-Suite in Mystery Attack

    Employees at crypto firm Unicoin couldn’t access Google services for four days during a recent breach

  7. US Bipartisan Committee Urges Investigation Into Chinese Wi-Fi Routers

    Two Congressmen fear that the Chinese government might use TP-Link Wi-Fi routers to deploy hacking and espionage campaigns in the US

  8. Microsoft Mandates MFA for All Azure Sign-Ins

    Microsoft is mandating MFA for all Azure sign-ins, with customers given 60-day advance notices to start implementation

  9. Florida-Based National Public Data Confirms Data Breach

    The US data broker did not address the threat actor’s claim that the breach concerns 2.9 billion records

  10. Geopolitical Tensions Drive Explosion in DDoS Attacks

    Radware found that Web DDoS attacks rose by 265% in H1 2024, driven by hacktivist groups amid rising geopolitical tensions

  11. Cyber-criminals Exploited Paris Olympics With Fake Domains

    166 Olympics-related domains displayed signs of DNS abuse like keyword stuffing and typosquatting

  12. Advanced ValleyRAT Campaign Hits Windows Users in China

    Discovered by FortiGuard Labs, the ValleyRAT campaign targets Chinese Windows systems

  13. Russia's FSB Behind Massive Phishing Espionage Campaign

    Citizen Lab attributed the campaign to Coldriver, a notorious FSB subordinate team, and Coldwastrel, a new, Russian-aligned group

  14. Another Record Year For Ransomware Beckons as Crypto Profits Hit $460m

    Ransom payments in the first half of 2024 hit $460m, according to Chainalysis

  15. Google Warns of Iranian Cyber-Attacks on Presidential Campaigns

    Google has highlighted sophisticated spearphishing attacks by Iranian state actor APT42 targeting individuals associated with the US Presidential campaign

  16. SolarWinds Urges Upgrade After Revealing Critical RCE Bug

    SolarWinds has discovered and fixed a critical remote code execution vulnerability in Web Help Desk

  17. New Phishing Attack Uses Sophisticated Infostealer Malware

    The phishing attack uses infostealer malware to target saved passwords, credit cards & Bitcoin info

  18. Manufacturing Firm Loses $60m in BEC Scam

    Manufacturing firm Orion revealed it has lost $60m in a business email compromise (BEC) scam, which targeted a non-executive employee

  19. Research Uncovers New Microsoft Outlook Vulnerability

    CVE-2024-38173 is a medium severity RCE flaw in Microsoft Outlook, similar to CVE-2024-30103

  20. High-Risk Cloud Exposures Surge Due to Rapid Service Growth

    Firms are introducing 300 services monthly, contributing to 32% of high or critical cloud exposures

Why Not Watch?

  1. How to Harness Advanced Intelligence Capabilities to Strengthen Cyber Defence

  2. Financial Services Under Pressure: Supply Chain Risk, Regulation and Operational Resilience

  3. Behind the Curtain of Microsoft 365 Cybersecurity: Lessons from Overlooked Resilience Gaps

  4. How Trusted Time Strengthens Network Security

What’s Hot on Infosecurity Magazine?