Infosecurity News
Thousands of US Congress Emails Exposed to Takeover
Some 3191 email addresses for congressional staff are available on the dark web
Critical Ivanti Authentication Bypass Bug Exploited in Wild
CISA adds critical Ivanti bug to its Known Exploited Vulnerabilities catalog
Threat Actors Shift to JavaScript-Based Phishing Attacks
Cybercriminals are increasingly prioritizing script-based phishing techniques over one based on traditional malicious documents
Cybersecurity Incident Affects Arkansas City Water Treatment Facility
Arkansas City’s water treatment facility faced a cyber incident on Sunday and has since switched to manual operations
New Octo2 Malware Variant Threatens Mobile Banking Security
Cybercriminals have been observed disguising Octo2 as legitimate apps like Google Chrome and NordVPN
14 Million Patients Impacted by US Healthcare Data Breaches in 2024
SonicWall found that data breaches caused by malware attacks on US healthcare organizations have affected 14 million people so far in 2024
#GartnerSEC: Zero Failure Tolerance, A Cybersecurity Myth Holding Back Organizations
Cybersecurity leaders should prioritize response and recovery over prevention to effectively navigate the ever-evolving threat landscape, according to Gartner analysts
US Mulls Ban on Russian, Chinese Parts in Connected Vehicles
The US Commerce Department wants to prohibit the sale or import of connected vehicles with Russian or Chinese-made hardware and software
Telegram Boss Agrees to Closer Police Cooperation
Pavel Durov says he will share details of “bad actors” and clean up Telegram’s search function
Europol: GenAI Offers “Treasure Trove of Possibilities”
A new Europol report argues that AI tools could revolutionize policing across the region
Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox
Kryptina, a free Ransomware-as-a-Service tool available on dark web forums, is now being used by Mallox ransomware affiliates
Vulnerabilities Found in Popular Houzez Theme and Plugin
The flaws are dangerous as the Houzez theme and Login Register plugin could allow privilege escalation by unauthenticated users
Russian Cyber-Attacks Home in on Ukraine’s Military Infrastructure
An overall rise in cyber incidents coming from Russian-aligned adversaries in 2024 was accompanied by a decrease in high and critical-severity incidents
LinkedIn Pauses GenAI Training Following ICO Concerns
The Information Commissioner’s Office says it’s pleased that LinkedIn has temporarily suspended its generative AI model training
German Police Shutter 47 Criminal Crypto Exchanges
Officers in Germany have shut down 47 cryptocurrency exchanges they accused of facilitating cybercrime
US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities
In its fourth annual report, the US Cyberspace Solarium Commission highlighted the need to focus on securing critical infrastructure and bolstering cyber resilience
Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable
A new report by Check Point Software highlights a significant increase in cloud security incidents, largely due to a lack of cybersecurity expertise and employee training
Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions
The bank giant and Quantinuum trialed the first application of quantum-secure technology for buying and selling tokenized physical gold
Infostealers Cause Surge in Ransomware Attacks, Just One in Three Recover Data
Infostealer malware and digital identity exposure behind rise in ransomware, researchers find
Western Agencies Warn Risk from Chinese-Controlled Botnet
Cyber and law enforcement agencies across the “Five Eyes” countries issue warning about large-scale botnet linked to Chinese firm and Flax Typhoon group
