Infosecurity News

  1. PlushDaemon APT Targeted South Korean VPN Software

    PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign

  2. Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures

    Threat researchers analyzed the updated Tycoon 2FA phishing kit, which bypasses MFA

  3. 73% of UK Education Sector Hit by Cyber-Attacks in Past Five Years

    New ESET research reveals that 73% of UK educational institutions experienced at least one cyber-attack or breach in the past five years

  4. Ransomware Attacks Surge to Record High in December 2024

    NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded

  5. Major Cybersecurity Vendors' Credentials Found on Dark Web

    Cyble has found thousands of security vendors' credentials on the dark web, likely pulled from infostealer logs

  6. Account Compromise and Phishing Top Healthcare Security Incidents

    Netwrix claims 84% of healthcare organizations detected a cyber-attack in the past year

  7. Cloudflare Mitigates Record-Breaking 5.6Tbps DDoS Attack

    Cloudflare warns of a surge in hyper-volumetric DDoS after revealing it stopped a massive 5.6Tbps attack

  8. New Mirai Malware Variant Targets AVTECH Cameras, Huawei Routers

    Murdoc_Botnet used Mirai malware to exploit IoT vulnerabilities, targeting devices globally

  9. UK’s New Digital IDs Raise Security and Privacy Fears

    Security experts have outlined security and privacy concerns around the UK government’s GOV.UK Wallet, which will allow citizens to store all their ID documents in a single place

  10. Phishing Risks Rise as Zendesk Subdomains Facilitate Attacks

    A CloudSEK report revealed Zendesk's platform can be exploited for phishing and investment scams

  11. GDPR Fines Total €1.2bn in 2024

    Data from DLA Piper showed a 33% year-on-year fall in GDPR fines issued in Europe in 2024, with total penalties reaching €1.2bn

  12. Oracle To Address 320 Vulnerabilities in January Patch Update

    Critical flaws include those in Oracle Supply Chain products

  13. Russian Ransomware Groups Deploy Email Bombing and Teams Vishing

    Sophos has warned of IT impersonation vishing attacks designed to remotely deploy ransomware

  14. Most European Privacy Teams Are Understaffed and Underfunded

    ISACA research claims privacy budgets are set to decline further in 2025

  15. HPE Launches Investigation After Hacker Claims Data Breach

    HPE is investigating claims of data breach by hacker IntelBroker, who offered stolen files for sale

  16. Indian APT Group DONOT Misuses App for Intelligence Gathering

    Android apps, linked to APT group DONOT, disguised as a chat platform for intelligence gathering

  17. Ukraine's State Registers Restored Following Cyber-Attack

    The December 2024 cyber-attack on the country’s state registers, was attributed to Russian military intelligence services

  18. US Sanctions Chinese Hackers for Treasury, Telecom Breaches

    The US has issued sanctions against an individual and a company involved in recent high-profile compromises of government officials by Chinese state-affiliated hackers

  19. Former CIA Analyst Pleads Guilty to Sharing Top Secret Files

    CIA analysts Asif William Rahman has pleaded guilty to sharing classified documents about an Israeli attack

  20. Data on Half a Million Hotel Guests Exposed After Otelier Breach

    At least half a million accounts have been compromised after a breach at hotel management software firm Otelier

Why Not Watch?

  1. How Mid-Market Businesses Can Leverage Microsoft Security for Proactive Defenses

  2. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  3. Modernizing GRC: From Checkbox to Strategic Advantage

  4. Risk-Based IT Compliance: The Case for Business-Driven Cyber Risk Quantification

What’s Hot on Infosecurity Magazine?