Infosecurity News
Ofcom Lays Down the Law with Child Safety Rules for Tech Giants
Ofcom’s Protection of Children Codes and Guidance lists 40 new child safety measures for tech firms
Verizon's DBIR Reveals 34% Jump in Vulnerability Exploitation
After a 180% rise in last year’s report, the exploitation of vulnerabilities continues to grow, now accounting for 20% of all breaches
FBI Reveals “Staggering” $16.6bn Lost to Cybercrime in 2024
The FBI found that cybercrime losses climbed by 33% compared to 2023, driven by tactics like investment fraud and BEC
Vulnerability Exploitation and Credential Theft Now Top Initial Access Vectors
Mandiant’s M-Trends report found that credential theft rose significantly in 2024, driven by the growing use of infostealers
US Data Breach Victim Count Surges 26% Annually
The latest ITRC data finds breach volumes remained flat in Q1 but victim numbers increased 26% annually
M&S Grapples with Cyber Incident Affecting In-Store Services
Marks and Spencer has confirmed that it has been managing a cyber incident for the past few days which affected its contactless payments and click and collect services
Dutch Warn of “Whole of Society” Russian Cyber-Threat
Dutch intelligence report warns of growing Russian aggression with hybrid warfare
UK Romance Scams Spike 20% as Online Dating Grows
Barclays found that romance scam victims lost £8000 on average in 2024, a significant increase from the previous year
Microsoft Reports 92% Adoption Rate for Phishing-Resistant MFA Among Corporate Users
The tech giant has released its second Secure Future Initiative (SFI) progress report, showcasing its ongoing efforts to improve cybersecurity
SuperCard X Enables Contactless ATM Fraud in Real-Time
A new malware campaign utilizing NFC-relay techniques has been identified carrying out unauthorized transactions through POS systems and ATMs
Billbug Espionage Group Deploys New Tools in Southeast Asia
Billbug, a China-linked espionage group, has been observed targeting critical sectors in Southeast Asia with new tools
New Cryptojacking Malware Targets Docker with Novel Mining Technique
Darktrace and Cado said the new campaign highlights a shift towards alternative methods of mining cryptocurrencies
Scalllywag Ad Fraud Network Generates 1.4 Billion Bid Requests Daily
Security firm Human lifts the lid on prolific new ad fraud scheme dubbed “scallywag”
$40bn Southeast Asian Scam Sector Growing “Like a Cancer”
The UN has warned that Southeast Asian fraud groups are expanding their operations
Midnight Blizzard Targets European Diplomats with Wine Tasting Phishing Lure
Russian state actor Midnight Blizzard is using fake wine tasting events as a lure to spread malware for espionage purposes, according to Check Point
NTLM Hash Exploit Targets Poland and Romania Days After Patch
An NTLM hash disclosure spoofing vulnerability that leaks hashes with minimal user interaction has been observed being exploited in the wild
Senators Urge Cyber-Threat Sharing Law Extension Before Deadline
Bipartisan support grows in Congress to extend Cybersecurity Information Sharing Act for 10 years
Identity Attacks Now Comprise a Third of Intrusions
IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en masse
Microsoft Thwarts $4bn in Fraud Attempts
Microsoft has blocked fraud worth $4bn as threat actors ramp up AI use
CISA Throws Lifeline to CVE Program with Last-Minute Contract Extension
MITRE will be able to keep running the CVE program for at least the next 11 months
