Infosecurity News

  1. New Bootkit “Bootkitty” Targets Linux Systems via UEFI

    Bootkitty, the first Linux-targeting UEFI bootkit, bypassed kernel security in a proof-of-concept attack

  2. New EU Commission to Unveil Healthcare Cybersecurity Plan in First 100 Days

    One of the priorities of the newly-approved Von der Leyen Commission II will be to strengthen the healthcare sector’s cyber resilience

  3. Pro-Russian Hacktivists Launch Branded Ransomware Operations

    A pro-Russian hacktivist collective, CyberVolk, has launched its own ransomware-as-a-service operations, SentinelLabs has found

  4. Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox and Windows

    Russia-backed hackers, known as RomCom, have exploited critical zero-day vulnerabilities in Mozilla Firefox and Windows to launch targeted attacks

  5. Nuclear Decommissioning Authority Opens Sellafield Cyber Center

    The UK’s Nuclear Decommissioning Authority has opened a new hub dedicated to cybersecurity knowledge sharing

  6. Operation Serengeti Disrupts $193m African Cybercrime Networks

    The Interpol-led Operation Serengeti has resulted in the arrest of 1000 suspects across Africa

  7. New DDoS Campaign Exploits IoT Devices and Server Misconfigurations

    DDoS campaign by Matrix targets IoT devices and servers, exploiting weak credentials and public scripts

  8. NHS Trust Declares Major Incident for “Cybersecurity Reasons”

    Wirral University Teaching Hospital has cancelled outpatient appointments as it responds to a cybersecurity incident

  9. Darknet Services Fuel Holiday Scams and E-Commerce Exploits

    Cybercriminals are ramping up scams via darknet marketplaces, selling phishing kits for $100-$1000

  10. Aggressive Chinese APT Group Targets Governments with New Backdoors

    A Trend Micro analysis of Earth Estries found that the Chinese threat actor is using new backdoors to avoid detection during espionage operations

  11. Starbucks and Grocery Stores Face Disruption after Ransomware Attack on Blue Yonder

    Supply chain management provider Blue Yonder confirmed it was hit by ransomware attack

  12. Over a Third of Firms Struggling With Shadow AI

    Some 35% of global organizations report challenges monitoring use of non-approved AI tools

  13. UK Scam Losses Surge 50% Annually to £11.4bn

    Cifas figures reveal scammers stole over £11bn from UK consumers in the past 12 months

  14. New York Secures $11.3m from Insurance Firms in Data Breach Settlement

    New York State has agreed a $11.3m settlement from two insurance firms following the breach of the personal data of over 120,000 drivers in the state

  15. IoT Device Traffic Up 18% as Malware Attacks Surge 400%

    Zscaler’s latest report finds 54.5% of IoT attacks target manufacturing, with the industry suffering more than three times the weekly attacks of other sectors

  16. npm Package Lottie-Player Compromised in Supply Chain Attack

    npm package @lottiefiles/lottie-player hacked with malicious code, draining crypto wallets via web3 pop-ups

  17. Google Deindexes Chinese Propaganda Network

    Google’s threat intelligence team uncovered four Chinese PR firms operating networks of inauthentic news sites

  18. UK Launches AI Security Lab to Combat Russian Cyber Threats

    UK Minister Pat McFadden will say in a speech at a NATO conference that adversaries are looking at using AI on the physical and cyber battlefield

  19. Meta Shutters Two Million Scam Accounts in Two-Year Crackdown

    Meta has closed down two million accounts it says were used in scams such as pig butchering

  20. ICO Urges More Data Sharing to Tackle Fraud Epidemic

    The UK’s Information Commissioner’s Office argues that regulatory concerns shouldn’t prevent firms sharing data to stop scams

What’s hot on Infosecurity Magazine?