Infosecurity News
Phishing Attack Impacts Over 92,000 Transak Users
A phishing attack targeting Transak employees led to a data breach, compromising the information of 92,554 users
Meta to Fight Celeb-Bait Scams with Facial Recognition
Meta is testing facial recognition technology to tackle celeb-bait ad scams and enable the recovery of compromised accounts
Think Tanks Urge Action to Curb Misuse of Spyware and Hack-for-Hire
RUSI and Chatham House recommended global standards to combat commercial cyber tool abuse
AI-Powered Attacks Flood Retail Websites
AI tools are being used to launch over half a million cyber-attacks daily on retailers, according to a new report
Severe Flaws Discovered in Major E2EE Cloud Storage Services
The cryptographic vulnerabilities were found in Sync, pCloud, Icedrive and Seafile by ETH Zurich
Stolen Access Tokens Lead to New Internet Archive Breach
A threat actor claimed to get hold of an exposed GitLab configuration file containing Zendesk API access tokens
50,000 Files Exposed in Nidec Ransomware Attack
The August ransomware attack stole 50,000+ documents from Nidec, leaked after ransom refusal
Netskope Reports Possible Bumblebee Loader Resurgence
The malware loader taken down by Europol in May 2024 could be back with a vengeance
Australia's Privacy Watchdog Publishes Guidance on Commercial AI Products
Businesses in Australia must update their privacy policies with clear and transparent information about their use of AI, said the regulator
Half of Organizations Have Unmanaged Long-Lived Cloud Credentials
Long-lived credentials in the cloud put organizations at high risk of breaches, a report from Datadog has found
Internet Archive and Wayback Machine Resurrect After DDoS Wave
Internet Archive founder confirmed the allegedly exposed data was “safe”
macOS Vulnerability Could Expose User Data, Microsoft Warns
Microsoft urges macOS users to apply a fix for the vulnerability, which it believes may be under active exploitation by the Adload malware family
Instagram Rolls Out New Sextortion Protection Measures
Instagram has announced new security features to protect users from sextortion scams, including hiding follower lists, preventing screenshots, and launching an awareness campaign
Microsoft Named Most Imitated Brand in Phishing Attacks
The Redmond-based firm was the most impersonated brand in the third quarter of 2024, while Alibaba entered the Top 10 for the first time
US Arrest Man for SEC X Account Hack
US authorities have charged a man for involvement in the SEC X account hack in January 2024, which falsely announced the approval of Bitcoin Exchange Traded Funds
Cicada3301 Ransomware Targets Critical Sectors in US and UK
Cicada3301 ransomware has targeted critical sectors in US/UK, leaking data from 30 firms in three months
US Charges Anonymous Sudan Members in DDoS Cybercrime Case
US authorities have charged two Sudanese linked to DDoS cybercrime group, Anonymous Sudan, which caused $10m in damages
Iranian Hackers Target Critical Infrastructure with Brute Force Attacks
The ongoing campaign targets multiple critical infrastructure sectors, including healthcare, government, information technology, engineering, and energy
North Korea Escalates Fake IT Worker Schemes to Extort Employers
Secureworks said it had observed a case where a fake North Korean IT contractor exfiltrated proprietary data before issuing a ransom demand to their former employer
RansomHub Overtakes LockBit as Most Prolific Ransomware Group
Symantec data reveals RansomHub claimed more attacks than any other group in Q3 2024