Infosecurity News

  1. Data Privacy Week: US Data Breaches Surge, 2023 Sees 78% Increase in Compromises

    Over 350 million individuals were impacted by data breaches in the US in 2023 and 11% of all publicly traded companies have been compromised

  2. Southern Water Confirms Data Breach Following Black Basta Claims

    Southern Water confirmed a data breach had occurred after the Black Basta ransomware group purportedly published personal information held by the firm

  3. Pwn2Own Contest Unearths Dozens of Zero-Day Vulnerabilities

    The Zero Day Initiative’s first Pwn2Own Automotive competition has handed out over $1m for 24 zero-days

  4. HPE Says SolarWinds Hackers Accessed its Emails

    Hewlett Packard Enterprise reveals that Russian state APT29 hackers stole data from corporate mailboxes

  5. ChatGPT Cybercrime Surge Revealed in 3000 Dark Web Posts

    Kaspersky said cybercriminals are exploring schemes to implement ChatGPT in malware development

  6. Browser Phishing Threats Grew 198% Last Year

    Finding comes from Menlo Security’s recently released 2023 State of Browser Security Report

  7. Why Bulletproof Hosting is Key to Cybercrime-as-a-Service

    As a critical infrastructure service for cybercriminals, bulletproof hosting should be tracked and blocked by defenders, Intel471 argued in a new blog post

  8. X Makes Passkeys Available for US-Based Users

    X (formerly Twitter) has announced that passkeys are available as a login option for US-based users on iOS following a spate of high-profile account hijacks

  9. Exploit Code Released For Critical Fortra GoAnywhere Bug

    Researchers have released exploit code for a critical bug in managed file transfer software Fortra GoAnywhere

  10. AI Set to Supercharge Ransomware Threat, Says NCSC

    The National Cyber Security Centre claims in a new report that AI will increase volume and impact of ransomware attacks

  11. Malicious npm Packages Used to Target GitHub Developer SSH Keys

    ReversingLabs noted a 1300% surge in harmful open-source packages between 2020 and 2023

  12. Hackers Target Atlassian Confluence With RCE Exploits

    Shadowserver reported over 39,000 exploitation attempts from 600 unique IP addresses, mainly Russian

  13. New Cybersecurity Governance Code Puts Cyber Risks on Boardroom Agenda

    The UK government has published a draft code that aims to establish cybersecurity as a key focus for business leaders, on par with financial and legal risks

  14. French Watchdog Slams Amazon with €32m Fine for Spying on Workers

    The French CNIL has fined Amazon France Logistique $35m for an "excessively intrusive" surveillance system set up to monitor the performance of its staff

  15. Australia Sanctions Russian Hacker Behind Medibank Breach

    The Australian government has sanctioned Russian national Aleksandr Ermakov for his role in the Medibank data breach

  16. SEC Confirms SIM Swap Attack Behind X Account Takeover

    The Securities and Exchange Commission says hackers hijacked its X account in a SIM swap attack after MFA was disabled

  17. Mega-Breach Database Exposes 26 Billion Records

    A haul of 26 billion records found online was compiled from historic breaches

  18. LoanDepot Data Breach Hits 16.6 Million Customers

    The US loan giant confirmed 16.6 million customers had “sensitive personal” information stolen in a cyber-attack

  19. Thai Court Blocks 9near.org to Avoid Exposure of 55M Citizens

    Thailand’s data breaches fell in 2022-2023, but Resecurity is warning of rising cyber-threats

  20. New macOS Malware Targets Cracked Apps

    Kaspersky said the malware targeted macOS Ventura 13.6 and newer versions

What’s Hot on Infosecurity Magazine?