Infosecurity News

  1. Iranian Fuel Supplies Crippled By Cyber-Attack

    Iranian minister confirms cyber-attack was cause of widespread disruption at petrol stations

  2. MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed

    Unauthorized actors breached health data, including details related to dental procedures and claims

  3. QakBot’s Low-Volume Resurgence Targets Hospitality

    Researchers observed malicious files advancing through email, PDF, URL and MSI

  4. ALPHV Second Most Prominent Ransomware Strain Before Reported Downtime

    The group was second behind only LockBit in attacks targeting North America and Europe between January 2022 and October 2023

  5. Insurer’s UK Honeypots Attacked 17 Million Times Per Day

    RDP is singled out as insurer Coalition records 17 million cyber-attacks per day in the UK in 2023

  6. MongoDB Investigates Customer Account Data Breach

    Data platform provider MongoDB has discovered a data breach impacting customers

  7. Technology Manufacturers Urged to Eliminate Passwords

    New CISA document promotes secure-by-design shift to ditch default password use

  8. Four Charged in Connection With $80m Pig Butchering Scheme

    Four men have been charged with money laundering offenses linked to a major pig butchering operation

  9. UK Plans Tough New Security Rules For Datacenters

    The British government is proposing minimum mandatory requirements for datacenter security and resilience

  10. Over 45,000 Employees Hit By Nuclear Research Lab Breach

    Idaho National Laboratory says 45,000 employees had personal information compromised in data breach

  11. Cozy Bear Hackers Target JetBrains TeamCity Servers in Global Campaign

    The FBI and CISA detected that hackers linked to the Russian foreign intelligence service (SVR) have been targeting a JetBrains TeamCity vulnerability since September 2023

  12. Approval Phishing Scams Drain $1bn of Cryptocurrency from Victims

    Romance scammers have used the technique to great effect in recent years

  13. Vulnerabilities Now Top Initial Access Route For Ransomware

    More ransomware attacks now start with vulnerability exploitation than phishing, says Corvus Insurance

  14. GambleForce Group Targets Websites With SQL Injection

    Group-IB warns of new threat actor GambleForce, which uses SQL injection attacks to steal data from websites

  15. Microsoft Targets Prolific Outlook Fraudster Storm-1152

    Microsoft disrupts Vietnam based threat group Storm-1152, which has sold 750 million fake accounts

  16. MITRE Launches Critical Infrastructure Threat Model Framework

    MITRE’s EMB3D provides industrial manufacturers with a shared understanding to mitigate cyber threats

  17. Russia Set to Ramp Up Attacks on Ukraine’s Allies This Winter

    Russian cyber campaigns aim to disrupt Western allies’ ability and motivation to support Ukraine’s war effort

  18. UK at High Risk of Catastrophic Ransomware Attack, Government Ill-Prepared

    A UK parliament report found that large swathes of critical national infrastructure are vulnerable to ransomware

  19. Microsoft Fixes 34 CVEs and One Zero-Day in December Patch Tuesday

    Microsoft has released updates for dozens of vulnerabilities including one zero-day flaw

  20. UK Ministry of Defence Fined For Afghan Data Breach

    The ICO has fined the Ministry of Defence after an email data breach put lives in danger

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. Mastering AI Security With ISACA’s New AAISM Certification

  3. Audit & Compliance in the Era of AI and Emerging Technology

  4. Modernizing GRC: From Checkbox to Strategic Advantage

What’s Hot on Infosecurity Magazine?