Infosecurity News
APP Fraud Dominates as Scams Hit All-Time High
UK’s Financial Ombudsman warns fraud and scams hit a record high in Q2 2024
Civil Rights Groups Call For Spyware Controls
Civil society and journalists’ organizations in Europe ask the EU to take steps to regulate spyware technologies
Rapid Growth of Password Reset Attacks Boosts Fraud and Account Takeovers
Researchers say password reset attacks have grown fourfold in the last year and one in four password reset attempts are fraudulent
Active Ransomware Groups Surge by 56% in 2024
Searchlight Cyber observed a 56% rise in active ransomware groups in H1 2024, demonstrating the growing fragmentation of the ransomware landscape
Palo Alto's GlobalProtect VPN Spoofed to Deliver New Malware Variant
A variant of the WikiLoader malware was observed being delivered via SEO poisoning and spoofing Palo Alto Networks’ GlobalProtect VPN software
Three Plead Guilty to Running MFA Bypass Site
Three British men are facing jail after pleading guilty to running an MFA bypass site dubbed “OTP Agency”
TfL Claims Cyber-Incident is Not Impacting Services
London’s transport body, TfL, is playing down the impact of a cybersecurity incident on its services
Irish Wildlife Park Warns Customers to Cancel Credit Cards Following Breach
Fota Wildlife Park in Co Cork has told visitors to its website to cancel credit and debit cards, following a cyber-attack
US Authorities Issue RansomHub Ransomware Alert
Agencies under the #Stopransomware banner publish details of RansomHub group’s tactics, indicators of compromise and essential mitigations
South Korea Police Investigates Telegram Over Deepfake Porn
The Asian country’s law enforcement suspects the instant messaging app of abetting deepfake sex crimes
Verkada Facing Penalty After Hackers Viewed Sensitive Video Footage
The US FTC has proposed a $2.95m fine for security camera firm Verkada for alleged security failings that allowed hackers to access customers' video footage
Cicada3301 Ransomware Group Emerges From the Ashes of ALPHV
Truesec claims new Cicada3301 ransomware-as-a-service group could have ties to ALPHV/BlackCat and Brutus
Scores of Organizations Hit By Novel Voldemort Malware
Proofpoint has uncovered a new cyber-espionage campaign deploying new malware dubbed “Voldemort”
Published Vulnerabilities Surge by 43%
Forescout highlighted a 43% increase in published vulnerabilities in H1 2024, with attackers targeting flaws in VPNs and network infrastructure for initial access
Russian Hackers Use Commercial Spyware Exploits to Target Victims
In a campaign targeting Mongolian government websites, Russian-backed APT29 leveraged exploits previously used by spyware vendors NSO Group and Intellexa
North Korean Hackers Launch New Wave of npm Package Attacks
North Korean groups exploited npm packages in coordinated attacks, targeting developers and cryptocurrency wallet browser extensions
BlackByte Adopts New Tactics, Targets ESXi Hypervisors
BlackByte, linked to the Conti group, exploited VMware ESXi CVE-2024-37085 to control virtual machines
Unpatched CCTV Cameras Exploited to Spread Mirai Variant
Threat actors are exploiting a vulnerability found in CCTV cameras used in critical infrastructure to spread a Mirai malware variant
Surge in New Scams as Pig Butchering Dominates
Chainalysis report reveals a likely increase in new internet scams this year as fraudsters adapt to increasing enforcement efforts
Iranian Hackers Secretly Aid Ransomware Attacks on US
CISA and the FBI warned that Iranian APT group, Fox Kitten, has helped ransomware groups to attack US organizations since 2017