Infosecurity News
Avast Faces $16.5m Fine for Unlawfully Selling User Browsing Data
The FTC order found that Avast sold browsing data to advertisers that could reveal highly sensitive insights about users, misleading them about privacy protections in the process
NCSC to Offer Cyber Governance Guidance to Boards
The UK’s National Cyber Security Centre is preparing a new cyber governance training pack for boards
U-Haul Informs Customers of Major Data Breach
Moving giant U-Haul has revealed that 67,000 customers were caught in a data breach last year
Operation Cronos: Who Are the LockBit Admins?
Law enforcement agencies involved in Operation Cronos have announced they have been in contact with the LockBit kingpin aka LockbitSupp
ICO Bans Serco Leisure's Use of Facial Recognition for Employee Attendance
The UK’s ICO has ruled Serco Leisure’s use facial recognition technology and fingerprint scanning to monitor employee attendance is in breach of data protection law
78% of Organizations Suffer Repeat Ransomware Attacks After Paying
Cybereason found that 78% of organizations who paid a ransom demand were hit by a second ransomware attack, often by the same threat actor
SMBs at Risk From SendGrid-Focused Phishing Tactics
Kaspersky explained the fraudulent emails prompted recipients to enable two-factor authentication
Change Healthcare Cyber-Attack Leads to Prescription Delays
The incident has impacted numerous Change Healthcare applications, including pharmacy, medical records
Russian-Aligned Network Doppelgänger Targets German Elections
SentinelLabs and ClearSky said the group leverage a substantial network of social media accounts
OWASP Releases Security Checklist for Generative AI Deployment
The OWASP Foundation provides new guidelines to deploy secure-by-design LLM use cases
Cyber Pros Embrace AI, Over 80% Believe It Will Enhance Jobs
ISC2 found that 82% of cybersecurity professionals believe AI will improve the efficiency of their jobs
Chinese Duo Found Guilty of $3m Apple Fraud Plot
Two Maryland residents have been convicted of a multimillion-dollar fraud scheme against Apple
Ransomware Warning as CVSS 10.0 ScreenConnect Bug is Exploited
Researchers warn of a “ransomware free-for-all” after ScreenConnect vulnerability is exploited
Businesses Increase Cybersecurity as Budgets Surge in 2024
Over two-thirds of IT decision-makers increase cybersecurity budgets in 2024, prioritizing cloud security and incident response as cyber threats escalate
Over 40% of Firms Struggle With Cybersecurity Talent Shortage
Kaspersky’s recent report said the shortage is particularly acute in Europe, Russia and Latin America
Biden Executive Order to Bolster US Maritime Cybersecurity
The White House Executive Order will give new powers to the US Coast Guard to manage cyber threats in ports and issue cybersecurity standards
Exclusive: eSentire Confirms Rhysida Ransomware Victims
Since emerging in May 2023, the group claims to have victimized 77 companies and public institutions
IBM: Identity Compromises Surge as Top Initial Access Method for Cybercriminals
Compromising valid identities became the top initial access vector in 2023 while phishing dropped to second place, IBM found in a new report
Russian Hackers Launch Email Campaigns to Demoralize Ukrainians
ESET researchers reveal a Russian threat actor has targeted Ukrainian citizens with PYSOPs messages warning of impacts such as food and medicine shortages from the war
NCSC Sounds Alarm Over Private Branch Exchange Attacks
The UK’s National Cyber Security Centre has produced new guidance for smaller firms on PBX attacks
