Infosecurity News

  1. Majority of UK SMEs Lack Cybersecurity Policy

    Insurance firm Markel Direct found that 69% of UK SMEs lack a cybersecurity policy, with a significant lack of basic cybersecurity measures in place across these firms

  2. CISA's 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration

    The US Cybersecurity and Infrastructure Security Agency’s 2024 Year in Review marks Jen Easterly’s final report before resignation

  3. Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%

    The vacuum left by RedLine’s takedown will likely lead to a bump in the activity of other a infostealers

  4. US and Japan Blame North Korea for $308m Crypto Heist

    A joint US-Japan alert attributed North Korean hackers with a May 2024 crypto heist worth $308m from Japan-based company DMM

  5. Spyware Maker NSO Group Liable for WhatsApp User Hacks

    A US judge has ruled in favor of WhatsApp in a long-running case against commercial spyware-maker NSO Group

  6. Major Biometric Data Farming Operation Uncovered

    Researchers at iProov have discovered a dark web group compiling identity documents and biometric data to bypass KYC checks

  7. Ransomware Attack Exposes Data of 5.6 Million Ascension Patients

    US healthcare giant Ascension revealed that 5.6 million individuals have had their personal, medical and financial information breached in a ransomware attack

  8. Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP

    The vulnerabilities, now patched, posed significant risks, including unauthorized file uploads, privilege escalation and SQL injection attacks

  9. Cryptomining Malware Found in Popular Open Source Packages

    Cryptomining malware hits popular npm packages rspack and vant, posing risks to open source tools

  10. Interpol Identifies Over 140 Human Traffickers in New Initiative

    A new digital operation has enabled Interpol to identify scores of human traffickers operating between South America and Europe

  11. ICO Warns of Mobile Phone Festive Privacy Snafu

    The Information Commissioner’s Office has warned that millions of Brits don’t know how to erase personal data from their old devices

  12. Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

    OpenAI must also initiate a six-month public awareness campaign across Italian media, explaining how it processes personal data for AI training

  13. Ukraine's Security Service Probes GRU-Linked Cyber-Attack on State Registers

    The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine

  14. LockBit Admins Tease a New Ransomware Version

    The LockBitSupp persona said LockBit 4.0 will be launched in February 2025

  15. Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns

    The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging users isolate these devices from networks

  16. CISA Urges Encrypted Messaging After Salt Typhoon Hack

    The US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging

  17. Ransomware Attackers Target Industries with Low Downtime Tolerance

    A Dragos report observed 23 new ransomware groups targeting industrial organizations in Q3 2024

  18. US Organizations Still Using Kaspersky Products Despite Ban

    Bitsight found that 40% of US organizations who used Kaspersky products before the government ban came into effect still appear to be using them

  19. EU Opens Door for AI Training Using Personal Data

    The EU Data Protection Board (EDPB) published a long-awaited opinion on how GDPR should apply to AI models

  20. New Malware Can Kill Engineering Processes in ICS Environments

    Forescout identified a new type of malware capable of terminating engineering processes, used to target Siemens engineering workstations

What’s hot on Infosecurity Magazine?