Infosecurity News

  1. MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed

    Unauthorized actors breached health data, including details related to dental procedures and claims

  2. QakBot’s Low-Volume Resurgence Targets Hospitality

    Researchers observed malicious files advancing through email, PDF, URL and MSI

  3. ALPHV Second Most Prominent Ransomware Strain Before Reported Downtime

    The group was second behind only LockBit in attacks targeting North America and Europe between January 2022 and October 2023

  4. Insurer’s UK Honeypots Attacked 17 Million Times Per Day

    RDP is singled out as insurer Coalition records 17 million cyber-attacks per day in the UK in 2023

  5. MongoDB Investigates Customer Account Data Breach

    Data platform provider MongoDB has discovered a data breach impacting customers

  6. Technology Manufacturers Urged to Eliminate Passwords

    New CISA document promotes secure-by-design shift to ditch default password use

  7. Four Charged in Connection With $80m Pig Butchering Scheme

    Four men have been charged with money laundering offenses linked to a major pig butchering operation

  8. UK Plans Tough New Security Rules For Datacenters

    The British government is proposing minimum mandatory requirements for datacenter security and resilience

  9. Over 45,000 Employees Hit By Nuclear Research Lab Breach

    Idaho National Laboratory says 45,000 employees had personal information compromised in data breach

  10. Cozy Bear Hackers Target JetBrains TeamCity Servers in Global Campaign

    The FBI and CISA detected that hackers linked to the Russian foreign intelligence service (SVR) have been targeting a JetBrains TeamCity vulnerability since September 2023

  11. Approval Phishing Scams Drain $1bn of Cryptocurrency from Victims

    Romance scammers have used the technique to great effect in recent years

  12. Vulnerabilities Now Top Initial Access Route For Ransomware

    More ransomware attacks now start with vulnerability exploitation than phishing, says Corvus Insurance

  13. GambleForce Group Targets Websites With SQL Injection

    Group-IB warns of new threat actor GambleForce, which uses SQL injection attacks to steal data from websites

  14. Microsoft Targets Prolific Outlook Fraudster Storm-1152

    Microsoft disrupts Vietnam based threat group Storm-1152, which has sold 750 million fake accounts

  15. MITRE Launches Critical Infrastructure Threat Model Framework

    MITRE’s EMB3D provides industrial manufacturers with a shared understanding to mitigate cyber threats

  16. Russia Set to Ramp Up Attacks on Ukraine’s Allies This Winter

    Russian cyber campaigns aim to disrupt Western allies’ ability and motivation to support Ukraine’s war effort

  17. UK at High Risk of Catastrophic Ransomware Attack, Government Ill-Prepared

    A UK parliament report found that large swathes of critical national infrastructure are vulnerable to ransomware

  18. Microsoft Fixes 34 CVEs and One Zero-Day in December Patch Tuesday

    Microsoft has released updates for dozens of vulnerabilities including one zero-day flaw

  19. UK Ministry of Defence Fined For Afghan Data Breach

    The ICO has fined the Ministry of Defence after an email data breach put lives in danger

  20. Ukraine Claims it “Paralyzed” Russia’s Tax System

    Ukrainian Ministry of Defense says cyber-attack wiped Russian tax system servers

What’s Hot on Infosecurity Magazine?