Infosecurity News
Cyber-Attacks Hit Over a Third of English Schools
A survey by Ofqual found that 20% of English schools and colleges were unable to immediately recover after being hit by a cyber incident
PwC Urges Boards to Give CISOs a Seat at the Table
PwC claims fewer than 50% of businesses involve their CISOs in strategic planning on cyber
UK and US Warn of Growing Iranian Spear Phishing Threat
Security agencies from the UK and US are urging individuals with Middle East links to beware of Iranian spear phishing attacks
Governments Urge Improved Security and Resilience for Undersea Cables
The US, UK, EU and other global partners have called for a global approach to strengthening the security of global communications and data
Ireland's DPC Hits Meta with €91 Million Penalty for GDPR Violation
Ireland's Data Protection Commission fines Meta Platforms €91 million for mishandling user passwords and GDPR violations
US Sanctions Crypto Exchanges for Facilitating Russian Cybercrime
The US has sanctioned Cryptex, PM2BTC and a Russian national for processing hundreds of millions of dollars derived from cybercrime
Man Arrested Over UK Railway Station Wi-Fi Hack
The suspect is an employee of Global Reach Technology, which provides some Wi-Fi services to Network Rail
Russian Hackers Target Ukrainian Servicemen via Messaging Apps
Russian cyber-attacks on Ukrainian servicemen underscore the escalating use of digital warfare tactics in the ongoing conflict
Data Breach at MC2 Data Leaves 100 Million at Risk of Fraud
The data leak exposed personal data of 100m US citizens, resulting from a misconfigured database made accessible online
Over a Third of Employees Secretly Sharing Work Info with AI
A CybSafe survey found that 52% of workers have not yet received any training on safe AI use
Cybercriminals Hack UK Rail Network Wi-Fi
UK train stations, including London Euston and Manchester Piccadilly, faced a cyber-attack displaying Islamophobic messages
First Mobile Crypto Drainer Found on Google Play
Researchers discover mobile crypto drainer malware hidden in WalletConnect app garnering 10,000 downloads
NIST Scraps Passwords Complexity and Mandatory Changes in New Guidelines
The institute no longer requires regular password changes unless the authenticator has been compromised
Malicious Ads Hide Infostealer in League of Legends ‘Download’
Bitdefender is warning League of Legends fans not to fall for a phishing campaign designed to spread Lumma Stealer malware
82% of Phishing Sites Now Target Mobile Devices
82% of all phishing sites target mobile devices, with 76% using HTTPS to appear secure
US House Bill Addresses Growing Threat of Chinese Cyber Actors
House GOP unveiled a bill to combat Chinese cyber threats to US infrastructure, led by CISA and FBI
CrowdStrike Apologizes for IT Outage, Defends Microsoft Kernel Access
Adam Meyers, CrowdStrike VP for counter-adversary operations, appeared before a US congressional committee to answer questions about its July faulty software update
Thousands of US Congress Emails Exposed to Takeover
Some 3191 email addresses for congressional staff are available on the dark web
Critical Ivanti Authentication Bypass Bug Exploited in Wild
CISA adds critical Ivanti bug to its Known Exploited Vulnerabilities catalog
Threat Actors Shift to JavaScript-Based Phishing Attacks
Cybercriminals are increasingly prioritizing script-based phishing techniques over one based on traditional malicious documents