Infosecurity News
EU Commission Liable for Breaching EU’s Own Data Protection Rules
A court has ruled the EU Commission infringed an individual’s right to the protection of their personal data by transferring their details to the US
Government Launches £1.9m Initiative to Boost UK’s Cyber Resilience
The UK government has pledged nearly £2m to 30 new Cyber Local projects designed to enhance cyber resilience
Critical Ivanti Zero-Day Exploited in the Wild
Ivanti customers are urged to patch two new bugs in the security vendor's products, one of which is being actively exploited
Green Bay Packers Pro Shop Data Breach Compromises Customers
The Green Bay Packers disclosed on Monday that their official online store was breached and customer information stolen
US Launches Cyber Trust Mark for IoT Devices
The voluntary Cyber Trust Mark labeling program will allow consumers to assess the cybersecurity of IoT devices when making purchasing decisions
Scammers Exploit Microsoft 365 to Target PayPal Users
A new PayPal phishing scam used genuine money requests, bypassing security checks to deceive recipients
Casio Admits Security Failings as Attackers Leak Employee and Customer Data
Electronics firm Casio revealed that ransomware attackers have leaked the personal data of employees, customers and business partners
New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices
A newly identified Mirai botnet exploits over 20 vulnerabilities, including zero-days, in industrial routers and smart home devices
Fake Government Officials Use Remote Access Tools for Card Fraud
Group-IB has observed scammers impersonating government officials to trick disaffected consumers into divulging card details
New Research Highlights Vulnerabilities in MLOps Platforms
New research by Security Intelligence has revealed security risks in MLOps platforms including Azure ML, BigML and Google Vertex AI
Moxa Urges Immediate Updates for Security Vulnerabilities
Moxa has reported two critical vulnerabilities in its routers and network security appliances that could allow system compromise and arbitrary code execution
Phishing Click Rates Triple in 2024
Netskope observed a 190% growth in enterprise users clicking phishing links as attackers become more creative in delivering effective lures
UK Government to Ban Creation of Explicit Deepfakes
The UK government is cracking down on the generation of sexually explicit deepfakes in a bid to protect women and girls
CISA Claims Treasury Breach Did Not Impact Other Agencies
The US Cybersecurity and Infrastructure Security Agency claims a recent China-linked breach was confined to the Treasury
Supply Chain Attack Targets Key Ethereum Development Tools
A new supply chain attack targets Ethereum tools, exploiting npm packages to steal sensitive data
New PhishWP Plugin Enables Sophisticated Payment Page Scams
The PhishWP plugin enables scammers to create fake payment pages, stealing sensitive data via Telegram
Chinese Hackers Double Cyber-Attacks on Taiwan
Taiwan’s security service said government networks faced 2.4 million attacks in 2024, most of which are attributed to Chinese state actors
New Infostealer Campaign Uses Discord Videogame Lure
Threat actors are tricking victims into downloading malware with the promise of testing a new videogame
Scammers Drain $500m from Crypto Wallets in a Year
Scam Sniffer claims that threat actors used wallet drainers to steal $494m from victims in 2024
US Sanctions Chinese Cybersecurity Firm for Global Botnet Attacks
The US government said that China based firm Integrity Technology Group provided infrastructure for Flax Typhoon to attack multiple US targets
