Infosecurity News
China Suspected After Major MoD Payroll Breach
Reports claim state-backed hackers accessed sensitive personal and financial information on UK military personnel
RSAC: Antony Blinken Highlights Urgency in Securing Foundational Tech
US Secretary of State Antony Blinken said that the US and its allies must work together to ensure foundational technologies are used for the betterment of humanity
RSAC: Threat Actors Weaponize Hacktivism for Financial Gain
Recorded Future’s Alexander Leslie highlights the increasingly blurred lines between hacktivism, financial cybercrime and nation-state activities during the RSA Conference 2024
RSAC: Law Enforcement Takedowns Force Ransomware Affiliates to Diversify
A new Chainalysis report showed that recent law enforcement operations have pushed ransomware affiliates to increasingly use multiple strains in order to stay afloat
RSAC: 70% of Businesses Prioritize Innovation Over Security in Generative AI Projects
An IBM report found that most organizations are exposing themselves to security risks when implementing generative AI tools
North Korean Hackers Spoofing Journalist Emails to Spy on Policy Experts
The US warns that the North Korea-linked Kimsuky group is exploiting poorly configured DMARC protocols to spoof legitimate domains in espionage phishing campaigns
Indonesia is a Spyware Haven, Amnesty International Finds
Amnesty International found in Indonesia a murky ecosystem of surveillance suppliers, brokers and resellers that obscures the sale and transfer of surveillance technology
Android Flaw Affected Apps With 4 Billion Installs
Microsoft illustrated the severity of the issue via a case study involving Xiaomi’s File Manager
Hackers Target New NATO Member Sweden with Surge of DDoS Attacks
Sweden experienced a wave of DDoS attacks as the country was working towards joining NATO, Netscout found
Three-Quarters of CISOs Admit App Security Incidents
Dynatrace research claims global CISOs are concerned AI is driving advanced app security threats and poor developer practices
Security Breach Exposes Dropbox Sign Users
Attackers accessed emails, usernames, phone numbers, hashed passwords and authentication information
REvil Ransomware Affiliate Sentenced to Over 13 Years in Prison
A US court has sentenced a Ukrainian national to 13 years and seven months in prison for his role in over 2500 ransomware attacks using the REvil strain
US and UK Warn of Disruptive Russian OT Attacks
The US and its allies claim Russian hacktivists are disruptive operations in water, energy, food and agriculture sectors
LockBit, Black Basta, Play Dominate Ransomware in Q1 2024
The data from ReliaQuest also suggests LockBit faced a significant setback due to law enforcement action
UnitedHealth CEO Confirms Breach Tied to Stolen Credentials, No MFA
Andrew Witty made the claims in a written testimony submitted before a House subcommittee hearing
1 in 5 US Ransomware Attacks Triggers Lawsuit
Comparitech found that 18% of ransomware incidents in the US led to a lawsuit in 2023, with 59% of completed lawsuits since 2018 proving successful
Lawsuits and Company Devaluations Await For Breached Firms
New report from Netwrix reveals unplanned expenses impact half of breached firms, including a surge in lawsuits
DBIR: Vulnerability Exploits Triple as Initial Access Point for Data Breaches
The growth of software supply chain attacks pushed vulnerability exploits to the third most used initial access method, Verizon found
Infosecurity Europe Keynote: Building Strong Teams and Driving Change with F1’s Claire Williams
Join Claire Williams at Infosecurity Europe to learn how F1 leadership strategies can inspire cybersecurity leaders
NCSC’s New Mobile Risk Model Aimed at “High-Threat” Firms
The UK’s National Cyber Security Centre claims its AMS model will protect firms from state-backed mobile threats
