Infosecurity News

  1. SaaS Breaches Skyrocket 300% as Traditional Defenses Fall Short

    Obsidian found that threat actors are focusing on SaaS applications to steal sensitive data, with most organizations' security measures not set up to deal with these attacks

  2. New Phishing Campaign Targets Mobile Devices with Malicious PDFs

    A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials

  3. CISOs Boost Crisis Simulation Budgets Amid High-Profile Cyber-Attacks

    74% of CISOs plan to increase their cyber crisis simulation budgets in 2025

  4. Subaru Bug Enabled Remote Vehicle Tracking and Hijacking

    A now-patched vulnerability could have enabled threat actors to remotely control Subaru cars

  5. Change Healthcare Breach Almost Doubles in Size to 190 Million Victims

    Change Healthcare has claimed 190 million customers were affected by a mega-breach last year

  6. AWS Announces £5m Grant for Cyber Education in the UK

    Amazon Web Services has launched its Cyber Education Grant Program in the UK

  7. Russian Scammers Target Crypto Influencers with Infostealers

    Crazy Evil, a group of crypto scammers, exploit NFTs and cryptocurrencies with malware targeting influencers and tech professionals

  8. North Korean IT Workers Holding Data Hostage for Extortion, FBI Warns

    A new FBI advisory warned that North Korean IT worker schemes have escalated their activities in recent months to include data extortion

  9. Ransomware Gangs Linked by Shared Code and Ransom Notes

    SentinelOne researchers highlighted similarities in the approaches used by the HellCat and Morpheus ransomware groups, suggesting shared infrastructure

  10. Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances

    Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment

  11. Bookmakers Ramp Up Efforts to Combat Arbitrage Betting Fraud

    Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams

  12. CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills

    Splunk reveals that 82% of CISOs now report directly to the CEO, but many lack EQ

  13. Cisco Fixes Critical Vulnerability in Meeting Management

    The network equipment giant urged customers to patch immediately

  14. New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing

    Cybercriminals are selling access to the malicious GenAI chatbot via Telegram, providing rapid assistance for a range of nefarious activities, according to Abnormal Security

  15. Trump Pardons Silk Road Founder Ulbricht

    President Trump has pardoned the founder of original dark web marketplace Silk Road

  16. PlushDaemon APT Targeted South Korean VPN Software

    PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign

  17. Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures

    Threat researchers analyzed the updated Tycoon 2FA phishing kit, which bypasses MFA

  18. 73% of UK Education Sector Hit by Cyber-Attacks in Past Five Years

    New ESET research reveals that 73% of UK educational institutions experienced at least one cyber-attack or breach in the past five years

  19. Ransomware Attacks Surge to Record High in December 2024

    NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded

  20. Major Cybersecurity Vendors' Credentials Found on Dark Web

    Cyble has found thousands of security vendors' credentials on the dark web, likely pulled from infostealer logs

Why Not Watch?

  1. How Trusted Time Strengthens Network Security

  2. Why Resilience‑Focused Cloud Design Is Your Best Defense Against Modern Attacks

  3. Behind the Curtain of Microsoft 365 Cybersecurity: Lessons from Overlooked Resilience Gaps

  4. Financial Services Under Pressure: Supply Chain Risk, Regulation and Operational Resilience

What’s Hot on Infosecurity Magazine?