Infosecurity News

  1. Five Eyes Launch Guidance to Improve Edge Device Security

    The UK and its Five Eyes partners have launched new security guidance for edge device manufacturers and network defenders

  2. Cybercriminals Eye DeepSeek, Alibaba LLMs for Malware Development

    Check Point has observed cybercriminals toy with Alibaba’s Qwen LLM to develop infostealers

  3. Destructive Attacks on Financial Institutions Surge

    Contrast Security reveals a 12.5% annual increase in destructive cyber-attacks on banks

  4. DaggerFly-Linked Linux Malware Targets Network Appliances

    DaggerFly’s Lunar Peek campaign is using a new malware strain, identified by FortiGuard Labs, to compromise Linux networks

  5. Threefold Increase in Malware Targeting Credential Stores

    Picus Security reports infostealer surge after revealing credentials appear in 29% of malware

  6. Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA

    A sophisticated phishing campaign targeting Microsoft ADFS has been observed, affecting more than 150 organizations

  7. Surge in Infostealer Attacks Threatens EMEA Organizations' Data Security

    Check Point Research has found over 10 million stolen credentials associated with EMEA organizations exposed on cybercrime markets

  8. Texas to Establish Cyber Command Amid “Dramatic” Rise in Attacks

    Texas Governor Greg Abbott announced a Cyber Command, designed to combat surging attacks on the state by nation-states and cybercriminals

  9. Casio and Others Hit by Magento Web Skimmer Campaign

    Jscambler claims at least 17 sites have been infected with web skimmers, including Casio’s

  10. CISA Warns of Backdoor Vulnerability in Contec Patient Monitors

    CISA has identified a backdoor in Contec CMS8000 devices that could allow unauthorized access to patient data and disrupt monitoring functions

  11. High-profile X Accounts Targeted in Phishing Campaign

    Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes

  12. 768 CVEs Exploited in the Wild in 2024

    VulnCheck observed 768 public reports of CVEs exploited in the wild for the first time in 2024, a 20% rise compared to 2023

  13. European Police: Data Volumes and Deletion Hindering Investigations

    A new Europol report warns of major challenges accessing and analyzing data for cybercrime investigations

  14. UK Announces “World-First” AI Security Standard

    The UK government has launched a new AI security code of practice it believes will become an ETSI standard

  15. Threat Actors Target Public-Facing Apps for Initial Access

    Cisco Talos found that exploitation of public-facing applications made up 40% of incidents it observed in Q4 2024, marking a notable shift in initial access techniques

  16. Tata Technologies Hit by Ransomware Attack

    The Indian tech giant temporarily suspended some of its IT services, which have now been restored

  17. DeepSeek's Flagship AI Model Under Fire for Security Vulnerabilities

    Cyber reports exposed major security flaws in DeepSeek’s R1 LLM

  18. International Operation Dismantles Cracked and Nulled Cybercrime Hubs

    A global law enforcement operation has taken down infrastructure used by Cracked.io and Nulled.io, which provide cybercriminal tools and services

  19. Google Blocked 2.36 Million Policy-Violating Apps

    Google Play blocked 2.36 million policy-violating apps and banned 158,000 harmful developer accounts in 2024

  20. Attackers Increase Use of HTTP Clients for Account Takeovers

    HTTP client tools used to compromise Microsoft 365 environments with 78% of tenants targeted in 2024

Why Not Watch?

  1. Securing M365 Data and Identity Systems Against Modern Adversaries

  2. How to Harness Advanced Intelligence Capabilities to Strengthen Cyber Defence

  3. Behind the Curtain of Microsoft 365 Cybersecurity: Lessons from Overlooked Resilience Gaps

  4. How Trusted Time Strengthens Network Security

What’s Hot on Infosecurity Magazine?