Infosecurity News
PlushDaemon APT Targeted South Korean VPN Software
PlushDaemon APT hacked South Korean VPN software with SlowStepper backdoor as part of a 2023 espionage campaign
Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures
Threat researchers analyzed the updated Tycoon 2FA phishing kit, which bypasses MFA
73% of UK Education Sector Hit by Cyber-Attacks in Past Five Years
New ESET research reveals that 73% of UK educational institutions experienced at least one cyber-attack or breach in the past five years
Ransomware Attacks Surge to Record High in December 2024
NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded
Major Cybersecurity Vendors' Credentials Found on Dark Web
Cyble has found thousands of security vendors' credentials on the dark web, likely pulled from infostealer logs
Account Compromise and Phishing Top Healthcare Security Incidents
Netwrix claims 84% of healthcare organizations detected a cyber-attack in the past year
Cloudflare Mitigates Record-Breaking 5.6Tbps DDoS Attack
Cloudflare warns of a surge in hyper-volumetric DDoS after revealing it stopped a massive 5.6Tbps attack
New Mirai Malware Variant Targets AVTECH Cameras, Huawei Routers
Murdoc_Botnet used Mirai malware to exploit IoT vulnerabilities, targeting devices globally
UK’s New Digital IDs Raise Security and Privacy Fears
Security experts have outlined security and privacy concerns around the UK government’s GOV.UK Wallet, which will allow citizens to store all their ID documents in a single place
Phishing Risks Rise as Zendesk Subdomains Facilitate Attacks
A CloudSEK report revealed Zendesk's platform can be exploited for phishing and investment scams
GDPR Fines Total €1.2bn in 2024
Data from DLA Piper showed a 33% year-on-year fall in GDPR fines issued in Europe in 2024, with total penalties reaching €1.2bn
Oracle To Address 320 Vulnerabilities in January Patch Update
Critical flaws include those in Oracle Supply Chain products
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing
Sophos has warned of IT impersonation vishing attacks designed to remotely deploy ransomware
Most European Privacy Teams Are Understaffed and Underfunded
ISACA research claims privacy budgets are set to decline further in 2025
HPE Launches Investigation After Hacker Claims Data Breach
HPE is investigating claims of data breach by hacker IntelBroker, who offered stolen files for sale
Indian APT Group DONOT Misuses App for Intelligence Gathering
Android apps, linked to APT group DONOT, disguised as a chat platform for intelligence gathering
Ukraine's State Registers Restored Following Cyber-Attack
The December 2024 cyber-attack on the country’s state registers, was attributed to Russian military intelligence services
US Sanctions Chinese Hackers for Treasury, Telecom Breaches
The US has issued sanctions against an individual and a company involved in recent high-profile compromises of government officials by Chinese state-affiliated hackers
Former CIA Analyst Pleads Guilty to Sharing Top Secret Files
CIA analysts Asif William Rahman has pleaded guilty to sharing classified documents about an Israeli attack
Data on Half a Million Hotel Guests Exposed After Otelier Breach
At least half a million accounts have been compromised after a breach at hotel management software firm Otelier