Infosecurity News

  1. New Chinese Hacking Campaign Targets Manufacturing Firms to Steal IP

    Chinese hackers are infiltrating the networks of suppliers of “sensitive” manufacturers, according to a Check Point report to be published in the coming weeks

  2. DDoS Attack Volume and Magnitude Continues to Soar

    Gcore reported a 56% year-over-year rise in DDoS attacks in H2 2024, highlighting a steep long-term growth tend for the attack technique

  3. Ransomware Gangs Increasingly Prioritize Speed and Volume in Attacks

    Ransomware groups are adopting agile techniques in a quantity-over-quality approach, according to a new report from Huntress

  4. 8Base Ransomware Site Seized, Phobos Suspects Arrested in Thailand

    Four Europeans were arrested in Phuket, believed to be members of the Phobos ransomware group

  5. Apple Mitigates “Extremely Sophisticated” Zero-Day Exploit

    Apple has patched a zero-day vulnerability being exploited in targeted attacks

  6. OpenAI Was Not Breached, Say Researchers

    Kela researchers explain that infostealers are to blame for compromised OpenAI logins

  7. BadIIS Malware Exploits IIS Servers for SEO Fraud

    Trend Micro uncovers BadIIS malware exploiting IIS servers for SEO fraud and malicious redirects

  8. Georgia Hospital Alerts 120,000 Individuals of Data Breach

    Memorial Hospital and Manor, located in Bainbridge, Georgia, has alerted 120,000 individuals that their data was breached following a ransomware attack last November

  9. US: Man Gets 20 Years for $37m Crypto Heist

    A US resident based in Indiana was charged with cyber intrusion and cryptocurrency theft conspiracies

  10. UK Military Fast-Tracks Cybersecurity Recruitment

    The UK MoD has announced it is fast-tracking the recruitment of specialist cybersecurity roles, with recruits offered a starting salary of above £40,000

  11. Experts Dismayed at UK’s Apple Decryption Demands

    Security and privacy experts have questioned a new demand from the UK Home Office on Apple’s encrypted iCloud service

  12. Europol Warns Financial Sector of “Imminent” Quantum Threat

    Europol has urged the financial sector to prioritize quantum-safe cryptography

  13. Most UK GDPR Enforcement Actions Targeted Public Sector in 2024

    27 UK public sector organizations faced ICO enforcement actions in 2024, with three fines issued, according to URM Consulting

  14. Malicious AI Models on Hugging Face Exploit Novel Attack Technique

    The technique, called nullifAI, allows the models to bypass Hugging Face’s protective measures against malicious AI models

  15. Third-Party Risk Management Failures Expose UK Finance Sector

    Orange Cyberdefense found that over half of UK financial firms suffered at least one third-party attack in 2024, linked to significant gaps in risk management strategies

  16. Cybercriminals Weaponize Graphics Files in Phishing Attacks

    Sophos has observed cybercriminals ramping up their use of graphics files as part of email phishing attacks to bypass conventional security protections

  17. Europol Cracks Down on Global Child Abuse Network “The Com”

    US and Europol dismantle neo-Nazi child abuse network in global crackdown against online exploitation

  18. WordPress ASE Plugin Vulnerability Threatens Site Security

    Patchstack urges admins to patch new WordPress ASE plugin vulnerability that lets users restore previous admin privileges

  19. New UK Cyber Monitoring Centre Introduces 'Richter Scale' for Cyber-Attacks

    This new independent non-profit was set up by the UK insurance industry to bring more transparency around cyber events

  20. Lazarus Group Targets Bitdefender Researcher with LinkedIn Recruiting Scam

    A Bitdefender researcher was targeted by North Korea’s Lazarus with the lure of a fake job offer

Why Not Watch?

  1. Exposing AI’s Blind Spots: Security vs Safety in the Age of Gen AI

  2. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

  3. Mastering AI Security With ISACA’s New AAISM Certification

  4. Audit & Compliance in the Era of AI and Emerging Technology

What’s Hot on Infosecurity Magazine?