Infosecurity News
#BHUSA: CISA Director Confident in US Election Security
CISA Director Jen Easterly expressed strong confidence in the integrity of US election, despite ongoing cybersecurity threats to democratic processes
#BHUSA: Ransomware Drill Targets Healthcare in Operation 911
A ransomware tabletop exercise was conducted against a fictious hospital, aiming to educate attendees of how to fight against such threats
SEC Investigation into Progress MOVEit Hack Ends Without Charges
After months of investigation, the SEC decided not to recommend any enforcement action against software provider Progress regarding the supply chain attack
Phishing Attack Exploits Google, WhatsApp to Steal Data
The LOTS attack uses trusted sites like Google Drawings and WhatsApp to trick users into sharing data
North Korea Kimsuky Launch Phishing Attacks on Universities
Kimsuky was observed phishing university staff to steal valuable research for North Korea
BlackSuit/Royal Ransomware Group Has Demanded $500m
CISA and FBI report claims the BlackSuit ransomware collective has extracted at least $500m from victims
Ethical Hackers Steal and Return $12m to Ronin Network
Hackers stole $12m in virtual currency from Ronin Network, which has previously suffered a massive $620m heist
#BHUSA: CrowdStrike Outage Serves as Dress Rehearsal for China-Led Cyber-Attacks
US cybersecurity officials warn that the recent CrowdStrike outage serves as a stark reminder of potential widespread disruptions from cyber-attacks
Ireland's DPC Takes Twitter to Court Over AI User Data Concerns
The Irish data protection watchdog accuses X Corp’s European subsidiary of breaching GDPR with Grok AI training
#BHUSA: New Ransomware Groups Emerge Despite Crackdowns
A surge in new ransomware groups is fueling the cybercrime epidemic as financial incentives outweigh risks for attackers, despite law enforcement efforts
Microsoft 365 Phishing Alert Can Be Hidden with CSS
Microsoft 365's anti-phishing tip can be hidden via CSS, as shown by Certitude's Moody and Ettlinger
CISA Releases Guide to Enhance Software Security Evaluations
The CISA guidance prioritizes product security alongside the manufacturer's enterprise security
#BHUSA: The Board Needs to Understand AI Deployment Risks
Boards need to understand where and why AI is being deployed within their organizations in order to mitigate risks
#BHUSA: DARPA's AI Cyber Challenge Heats Up as Healthcare Sector Watches
DARPA's AI Cyber Challenge is enlisting AI to fight software vulnerabilities, with the healthcare sector closely watching the semi-finals as a potential solution to rising cyber threats
UK Managers Improve Cyber Knowledge but Staff Lack Training
A new study from the Chartered Management Institute finds just half of firms offer regular security training
ICO Prepares £6m Fine for NHS Supplier Advanced
The UK’s ICO wants to fine NHS partner Advanced £6m for failures that led to a major ransomware breach
#BHUSA: 17.8m Phishing Emails Detected in First Half of 2024
Of the 17.8m phishing emails detected, 62% bypassed DMARC checks and 56% evaded all security layers
#BHUSA: Ransom Payments Surge, Organizations Pay Average of $2.5m
A new survey reveals that organizations are suffering an average of eight ransomware incidents per year and paying millions in ransom
CVEs Surge 30% in 2024, Only 0.91% Weaponized
Only 0.91% of vulnerabilities of the reported CVEs were weaponized, but represent the most severe risks
#BHUSA: 99% of Global 2000 Firms Have Recently Breached Vendors
SecurityScorecard claims almost all of the world’s biggest public companies are connected to a supply chain breach
