Infosecurity News
Web3 Attacks Result in $2.3Bn in Cryptocurrency Losses
The amount of crypto stolen in the Web3 ecosystem rose by 31.6% compared to 2023, with phishing the most costly attack vector
Apple Agrees $95M Settlement Over Siri Privacy Violations
Apple has agreed to a $95m settlement in a class action lawsuit alleging Siri privacy violations, with eligible users receiving up to $20 per Siri-enabled device
US Confirms Russian GenAI Disinformation Op Targeted Election
The US government has sanctioned Russian state-affiliated entity CGE, which used a vast GenAI infrastructure to spread disinformation during the US Presidential election
Global Campaign Targets PlugX Malware with Innovative Portal
Sekoia’s innovative PlugX malware disinfection campaign removed active threats across ten countries
New DoubleClickjacking Attack Bypasses Protections
DoubleClickjacking bypasses X-Frame-Options and SameSite cookies in double-click sequences, exposing UI authentication flaws
HIPAA Rules Update Proposed to Combat Healthcare Data Breaches
The US government has set out proposals to increase security obligations on healthcare providers to protect patient data amid surging cyber-attacks in the sector
Hackers Leak Rhode Island Citizens' Data on Dark Web
The State of Rhode Island has confirmed that cybercriminals have begun publishing data stolen from its social services portal, the RIBridges system
Dozens of Chrome Browser Extensions Hijacked by Data Thieves
Over 2.5 million end users are at risk as researchers discover 36 compromised Chrome extensions
US Treasury Computers Accessed by China in Supply Chain Attack
Chinese hackers appear to have compromised Treasury machines via a trusted third party
Majority of UK SMEs Lack Cybersecurity Policy
Insurance firm Markel Direct found that 69% of UK SMEs lack a cybersecurity policy, with a significant lack of basic cybersecurity measures in place across these firms
CISA's 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration
The US Cybersecurity and Infrastructure Security Agency’s 2024 Year in Review marks Jen Easterly’s final report before resignation
Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%
The vacuum left by RedLine’s takedown will likely lead to a bump in the activity of other a infostealers
US and Japan Blame North Korea for $308m Crypto Heist
A joint US-Japan alert attributed North Korean hackers with a May 2024 crypto heist worth $308m from Japan-based company DMM
Spyware Maker NSO Group Liable for WhatsApp User Hacks
A US judge has ruled in favor of WhatsApp in a long-running case against commercial spyware-maker NSO Group
Major Biometric Data Farming Operation Uncovered
Researchers at iProov have discovered a dark web group compiling identity documents and biometric data to bypass KYC checks
Ransomware Attack Exposes Data of 5.6 Million Ascension Patients
US healthcare giant Ascension revealed that 5.6 million individuals have had their personal, medical and financial information breached in a ransomware attack
Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP
The vulnerabilities, now patched, posed significant risks, including unauthorized file uploads, privilege escalation and SQL injection attacks
Cryptomining Malware Found in Popular Open Source Packages
Cryptomining malware hits popular npm packages rspack and vant, posing risks to open source tools
Interpol Identifies Over 140 Human Traffickers in New Initiative
A new digital operation has enabled Interpol to identify scores of human traffickers operating between South America and Europe
ICO Warns of Mobile Phone Festive Privacy Snafu
The Information Commissioner’s Office has warned that millions of Brits don’t know how to erase personal data from their old devices
