Infosecurity News

  1. All Major European Financial Firms Suffer Supplier Breaches

    SecurityScorecard claims 100% of Europe’s top financial services companies have suffered a supply chain breach in the past year

  2. CISA and EPA Warn of Cyber Risks to Water System Interfaces

    CISA and EPA have published guidance for operators of water and wastewater systems to protect against cyber-attacks

  3. Deloitte Alerts Rhode Island to Significant Data Breach in RIBridges System

    Rhode Island's RIBridges system has suffered a major data breach, potentially exposing personal information, with Deloitte confirming the presence of malicious software

  4. Fake Captcha Campaign Highlights Risks of Malvertising Networks

    Large-scale campaign identified by Guardio Lans and Infoblox, exploiting malvertising and fake captchas to distribute Lumma infostealer for massive theft

  5. Amnesty Accuses Serbia of Tracking Journalists and Activists with Spyware

    The Serbian authorities have been using advanced mobile forensics products made by Israeli firm Cellebrite to extract data from mobile devices illegally

  6. Ofcom Issues Guidance for Tech Firms to Tackle Online Harms

    New Ofcom guidance is designed to help tech companies comply with their obligations around tackling illegal online harms under the Online Safety Act

  7. YouTube Creators Targeted in Global Phishing Campaign

    Over 200,000 YouTube creators have been targeted by malware-laden phishing emails with the aim of infecting their followers

  8. Russia Recruits Ukrainian Kids for Sabotage and Reconnaissance

    Ukrainian officials say Russian intelligence is using video games to trick children into helping the enemy

  9. US Uncovers North Korean IT Worker Fraud, Offers $5M Bounty

    The US Government is offering a $5 million reward for information leading to the disruption of financial mechanisms supporting North Korea following a six-year conspiracy

  10. 2024 Sees Sharp Increase in Microsoft Tool Exploits

    Sophos found observed a significant rise in Microsoft LOLbins abused by attackers in H1 2024 compared to 2023

  11. Akira and RansomHub Surge as Ransomware Claims Reach All-Time High

    Claims on ransomware groups’ data leak sites reached an all-time high in November, with 632 reported victims, according to Corvus Insurance

  12. Researchers Discover Malware Used by Nation-Sates to Attack Industrial Systems

    IOCONTROL, a custom-built IoT/OT malware, was used by Iran-affiliated groups to attack Israel- and US-based OT/IoT devices, according to Claroty

  13. ISC2 Survey Reveals Critical Gaps in Cybersecurity Leadership Skills

    ISC2 research has found that cybersecurity leaders have limited skills and training in areas like communication, strategic mindset and business acumen

  14. UK Shoppers Frustrated as Bots Snap Up Popular Christmas Gifts

    Almost three quarters of UK consumers believe bad bots are ruining Christmas by buying up popular gifts, forcing many to purchase expensive alternatives, according to Imperva research

  15. Security Flaws in WordPress Woffice Theme Prompts Urgent Update

    Two Woffice theme vulnerabilities have been identified that allow attackers to gain unauthorized access and control of unpatched websites

  16. Remcos RAT Malware Evolves with New Techniques

    Cyber-attacks involving Remcos RAT surged in Q3 2024, enabling attackers to control victim machines remotely, steal data and carry out espionage

  17. Lookout Discovers New Spyware Deployed by Russia and China

    Russian-made spyware BoneSpy and PlainGnome target former Soviet states, while public security bureaus in mainland China use Chinese surveillance tool EagleMsgSpy

  18. Insurance Worker Sentenced After Illegally Accessing Claimants’ Data

    An insurance employee has been handed a suspended sentence after illegally accessing personal information

  19. Three-Quarters of Security Leaders Admit Gaps in Hardware Knowledge

    HP Wolf reveals that 79% of IT security decision makers are lacking in crucial hardware and firmware expertise

  20. Secret Blizzard Targets Ukrainian Military with Custom Malware

    Microsoft detailed how Russian espionage group Secret Blizzard is leveraging infrastructure of other threat actors to target the Ukrainian military with custom malware

Why Not Watch?

  1. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  2. How To Enhance Security Operations with AI-Powered Defenses

  3. Audit & Compliance in the Era of AI and Emerging Technology

  4. Mastering AI Security With ISACA’s New AAISM Certification

What’s Hot on Infosecurity Magazine?