Infosecurity News

  1. US Sanctions Chinese Firm at Center of Global Firewall Hack

    The US government has sanctioned Sichuan Silence and one of its employees for the mass compromise of firewalls which led to the deployment of malware and ransomware

  2. Microsoft Fixes 71 CVEs Including Actively Exploited Zero-Day

    Microsoft has patched dozens of vulnerabilities in December, including one zero-day being exploited in the wild

  3. Zero Day in Cleo File Transfer Software Exploited En Masse

    A zero-day vulnerability in Cleo file transfer software is being exploited in data theft attacks

  4. Snowflake Pledges to Make MFA Mandatory

    The multi-cloud data warehousing platform said it will completely phase out single factor authentication with passwords by November 2025

  5. Hackers Exploit Misconfigurations in Public Websites With Improperly Exposed AWS Credentials

    Hackers exploited AWS misconfigurations, leaking 2TB of sensitive data, including customer information, credentials and proprietary source code

  6. Utility Companies Face 42% Surge in Ransomware Attacks

    The utilities sector saw a 42% surge in ransomware incidents over the past year, with groups like Play focusing on targets with IT and OT systems

  7. New AppLite Malware Targets Banking Apps in Phishing Campaign

    New AppLite Banker malware targets Android devices, employing advanced phishing techniques to steal credentials and data

  8. Scottish Parliament TV at Risk of Deepfake Attacks

    Researchers found that the broad accessibility of streams of Scottish Parliamentary proceedings make them highly susceptible to deepfake attacks

  9. Court Ruling Provides Clarity on Appeals Against ICO Fines

    The UK’s privacy regulator the Information Commissioner’s Office has welcomed a Court of Appeal ruling

  10. Heart Device Maker Artivion Suffers Ransomware Breach

    Artivion has revealed in an SEC filing that it suffered a double-extortion ransomware attack

  11. Major Drop in Cyber-Attack Reports from Large UK Financial Businesses

    A Hack The Box Freedom of Information request has shown a significant drop in cyber-attacks reported to the Financial Conduct Authority (FCA) in 2024

  12. Federal Appeals Court Upholds Law Threatening US TikTok Ban

    Appeals court upheld law forcing TikTok divestiture, citing national security risks over China ties

  13. Compromised AI Library Delivers Cryptocurrency Miner via PyPI

    The compromised ultralytics AI library delivered XMRig miner via GitHub Actions exploit

  14. Public Reprimands, an Effective Deterrent Against Data Breaches

    The UK's ICO has published its findings following a two-year trial of its Public Sector Approach, which aimed to improve data protection compliance and deter data breaches

  15. Unmasking Termite, the Ransomware Gang Claiming the Blue Yonder Attack

    This new ransomware group is likely a new variant of Babuk, said Cyble threat intelligence analysts

  16. Anna Jacques Hospital Ransomware Breach Hits 316K Patients

    Massachusetts’ Anna Jacques Hospital notifies over 316,000 patients of a data breach a year ago

  17. Phishing Scam Targets Ukrainian Defense Companies

    CERT-UA has issued a warning about phishing emails targeting Ukrainian defense companies and security forces

  18. European Police Disrupt Phone Phishing Gang with Arrests

    Dutch and Belgian police have arrested eight in connection with a long-running phone phishing operation

  19. FCC Proposes Stricter Cybersecurity Rules for US Telecoms

    The Salt Typhoon hack against US telecommunications firms has prompted the FCC to suggest stricter security rules to protect the sector from future cyber threats

  20. Romania Exposes TikTok Propaganda Campaign Supporting Pro-Russian Candidate

    Cǎlin Georgescu went from polling around 1% a month before the Romanian presidential election to winning the first round

Why not watch?

  1. Navigating Exposures in Energy ICS Environments

  2. Identifying Concentration Risk and Securing the Supply Chain

  3. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

  4. Alert Fatigue: What Are You and Your Security Teams Missing?

What’s hot on Infosecurity Magazine?