Infosecurity News
Ransomware Payments Decline 35% as Victims Resist Demands
Chainalysis found that ransomware payments fell significantly year-over-year despite a recorded increase in the number of ransomware events in 2024
Mobile Malware Targeting Indian Banks Exposes 50,000 Users
Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing
Five Eyes Launch Guidance to Improve Edge Device Security
The UK and its Five Eyes partners have launched new security guidance for edge device manufacturers and network defenders
Cybercriminals Eye DeepSeek, Alibaba LLMs for Malware Development
Check Point has observed cybercriminals toy with Alibaba’s Qwen LLM to develop infostealers
Destructive Attacks on Financial Institutions Surge
Contrast Security reveals a 12.5% annual increase in destructive cyber-attacks on banks
DaggerFly-Linked Linux Malware Targets Network Appliances
DaggerFly’s Lunar Peek campaign is using a new malware strain, identified by FortiGuard Labs, to compromise Linux networks
Threefold Increase in Malware Targeting Credential Stores
Picus Security reports infostealer surge after revealing credentials appear in 29% of malware
Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA
A sophisticated phishing campaign targeting Microsoft ADFS has been observed, affecting more than 150 organizations
Surge in Infostealer Attacks Threatens EMEA Organizations' Data Security
Check Point Research has found over 10 million stolen credentials associated with EMEA organizations exposed on cybercrime markets
Texas to Establish Cyber Command Amid “Dramatic” Rise in Attacks
Texas Governor Greg Abbott announced a Cyber Command, designed to combat surging attacks on the state by nation-states and cybercriminals
Casio and Others Hit by Magento Web Skimmer Campaign
Jscambler claims at least 17 sites have been infected with web skimmers, including Casio’s
CISA Warns of Backdoor Vulnerability in Contec Patient Monitors
CISA has identified a backdoor in Contec CMS8000 devices that could allow unauthorized access to patient data and disrupt monitoring functions
High-profile X Accounts Targeted in Phishing Campaign
Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes
768 CVEs Exploited in the Wild in 2024
VulnCheck observed 768 public reports of CVEs exploited in the wild for the first time in 2024, a 20% rise compared to 2023
European Police: Data Volumes and Deletion Hindering Investigations
A new Europol report warns of major challenges accessing and analyzing data for cybercrime investigations
UK Announces “World-First” AI Security Standard
The UK government has launched a new AI security code of practice it believes will become an ETSI standard
Threat Actors Target Public-Facing Apps for Initial Access
Cisco Talos found that exploitation of public-facing applications made up 40% of incidents it observed in Q4 2024, marking a notable shift in initial access techniques
Tata Technologies Hit by Ransomware Attack
The Indian tech giant temporarily suspended some of its IT services, which have now been restored
DeepSeek's Flagship AI Model Under Fire for Security Vulnerabilities
Cyber reports exposed major security flaws in DeepSeek’s R1 LLM
International Operation Dismantles Cracked and Nulled Cybercrime Hubs
A global law enforcement operation has taken down infrastructure used by Cracked.io and Nulled.io, which provide cybercriminal tools and services
