Infosecurity News
France Accuses Azerbaijan of Online Manipulation Campaigns
VIGINUM reveals that Azerbaijan state propaganda is seeking to challenge French sovereignty in French overseas territories
Corrupted Word Files Fuel Sophisticated Phishing Campaign
A new phishing attack uses corrupted Word docs to bypass security, luring victims with fake payroll and HR emails
Crypto.com Launches Massive $2m Bug Bounty Program
Crypto.com has launched a massive $2m bug bounty program on HackerOne, the largest ever offered on the platform, to enhance platform security
SmokeLoader Malware Campaign Targets Companies in Taiwan
SmokeLoader malware identified targeting Taiwanese firms via phishing, exploiting Microsoft Office vulnerabilities
Russia Arrests Prominent Ransomware Operator
Mikhail Matveev, aka WazaWaka, had worked with several ransomware groups, including Babuk, Conti, Darkside, Hive and LockBit
Bologna FC Hit By 200GB Data Theft and Ransom Demand
Bologna FC has revealed a ransomware attack, with data on players, fans and employees thought to have been stolen
Global Police Arrest 5500 in $400m Cyber-Fraud Crackdown
Interpol’s Operation Haechi V has led to the arrest of over 5500 individuals and seizure of $400m obtained via online fraud
INC Ransom Claims Cyber-Attack on UK Children's Hospital
The NHS Trust is investigating the incident with the help of the National Crime Agency
Cyber-Attacks Could Impact Romanian Presidential Race, Officials Claim
Romania’s national security council suggested that Russia is behind these attacks, amid a court order for a recount of votes in the first round of the country’s presidential election
UK Justice System Failing Cybercrime Victims, Cyber Helpline Finds
A report from the charity the Cyber Helpline found that 98% of cyber enabled crimes result in no further action from the police or justice system
Malicious PyPI Package Exposes Crypto Wallets to Infostealer Code
A malicious PyPI package “aiocpa,” that stole crypto wallet data via obfuscated code, has been removed after being reported by Reversing Labs researchers
GodLoader Malware Infects Thousands via Game Development Tools
A new cyber-attack technique uses Godot Engine to deploy undetectable malware via GodLoader, infecting more than 17,000 devices
Malicious Actors Exploit ProjectSend Critical Vulnerability
This vulnerability was patched in May 2024 but was only allocated a CVE in November after evidence of exploitation
Critical Vulnerabilities Discovered in Industrial Wireless Access Point
Customers of Advantech’s EKI-6333AC-2G industrial-grade wireless access point have been urged to update their devices to new firmware versions
Albanian Drug Smugglers Busted After Cops Decrypt Comms
European police have arrested 21 individuals linked to a violent Albanian gang after decrypting their Sky ECC communications
T-Mobile Claims Salt Typhoon Did Not Access Customer Data
The CSO of T-Mobile has clarified that no customer information was stolen by Chinese hacking group Salt Typhoon
Attack Group APT-C-60 Targets Japan Using Trusted Platforms
APT-C-60 targets Japan with phishing emails, using job application ruse and malware via Google Drive
New Bootkit “Bootkitty” Targets Linux Systems via UEFI
Bootkitty, the first Linux-targeting UEFI bootkit, bypassed kernel security in a proof-of-concept attack
New EU Commission to Unveil Healthcare Cybersecurity Plan in First 100 Days
One of the priorities of the newly-approved Von der Leyen Commission II will be to strengthen the healthcare sector’s cyber resilience
Pro-Russian Hacktivists Launch Branded Ransomware Operations
A pro-Russian hacktivist collective, CyberVolk, has launched its own ransomware-as-a-service operations, SentinelLabs has found
