Infosecurity News

  1. Four Charged in Connection With $80m Pig Butchering Scheme

    Four men have been charged with money laundering offenses linked to a major pig butchering operation

  2. UK Plans Tough New Security Rules For Datacenters

    The British government is proposing minimum mandatory requirements for datacenter security and resilience

  3. Over 45,000 Employees Hit By Nuclear Research Lab Breach

    Idaho National Laboratory says 45,000 employees had personal information compromised in data breach

  4. Cozy Bear Hackers Target JetBrains TeamCity Servers in Global Campaign

    The FBI and CISA detected that hackers linked to the Russian foreign intelligence service (SVR) have been targeting a JetBrains TeamCity vulnerability since September 2023

  5. Approval Phishing Scams Drain $1bn of Cryptocurrency from Victims

    Romance scammers have used the technique to great effect in recent years

  6. Vulnerabilities Now Top Initial Access Route For Ransomware

    More ransomware attacks now start with vulnerability exploitation than phishing, says Corvus Insurance

  7. GambleForce Group Targets Websites With SQL Injection

    Group-IB warns of new threat actor GambleForce, which uses SQL injection attacks to steal data from websites

  8. Microsoft Targets Prolific Outlook Fraudster Storm-1152

    Microsoft disrupts Vietnam based threat group Storm-1152, which has sold 750 million fake accounts

  9. MITRE Launches Critical Infrastructure Threat Model Framework

    MITRE’s EMB3D provides industrial manufacturers with a shared understanding to mitigate cyber threats

  10. Russia Set to Ramp Up Attacks on Ukraine’s Allies This Winter

    Russian cyber campaigns aim to disrupt Western allies’ ability and motivation to support Ukraine’s war effort

  11. UK at High Risk of Catastrophic Ransomware Attack, Government Ill-Prepared

    A UK parliament report found that large swathes of critical national infrastructure are vulnerable to ransomware

  12. Microsoft Fixes 34 CVEs and One Zero-Day in December Patch Tuesday

    Microsoft has released updates for dozens of vulnerabilities including one zero-day flaw

  13. UK Ministry of Defence Fined For Afghan Data Breach

    The ICO has fined the Ministry of Defence after an email data breach put lives in danger

  14. Ukraine Claims it “Paralyzed” Russia’s Tax System

    Ukrainian Ministry of Defense says cyber-attack wiped Russian tax system servers

  15. Widespread Security Flaws Blamed for Northern Ireland Police Data Breach

    An independent review of the August 2023 PSNI data breach found major security failings in the police department’s IT systems

  16. Ukraine's Largest Phone Operator Hack Tied to War With Russia

    Kyivstar announced its mobile network had temporarily been shut down due to a major cyber-attack on its systems

  17. Threat Actor Targets Recruiters With Malware

    Recruiters are urged to educate staff about a surge in phishing attacks from threat group TA4557

  18. Backup Migration WordPress Plugin Flaw Impacts 90,000 Sites

    Users of popular WordPress plugin Backup Migration are urged to patch a new critical vulnerability

  19. Apache Warns of Critical Vulnerability in Struts 2

    Users are urged to patch critical vulnerability in Apache Struts 2 immediately

  20. Lazarus Group Targets Log4Shell Flaw Via Telegram Bots

    Cisco Talos said Operation Blacksmith leveraged the flaw in publicly facing VMWare Horizon servers

Why Not Watch?

  1. Mastering AI Security With ISACA’s New AAISM Certification

  2. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

  3. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  4. Audit & Compliance in the Era of AI and Emerging Technology

What’s Hot on Infosecurity Magazine?