Infosecurity News
M&S Confirms Customer Data Stolen in Cyber-Attack
M&S Chief Executive, Stuart Machin, said that the firm has written to customers to inform them that some personal information was accessed by threat actors
UK Considers New Enterprise IoT Security Law
The UK government wants to hear feedback on a possible new standard or legislation to improve enterprise IoT security
Hacktivist Attacks on India Overstated Amid APT36 Espionage Threat
Hacktivist claims on Indian infrastructure raised alarms, but investigations showed minimal damage
Criminal Proxy Network Infects Thousands of IoT Devices
The criminal proxy network infected thousands of IoT and end-of-life devices, creating dangerous botnet
#Infosec2025: Experts to Shine Light on Vendor Supply Chain Resilience Against Third-Party Risks
During Infosecurity Europe 2025 experts will explore how to strengthen organizational resilience against persistent third-party risks
EU Launches Free Entry-Level Cyber Training Program
She@Cyber training program is focused on improving the representation of women and other underrepresented groups in the cybersecurity industry
FreeDrain Phishing Scam Drains Crypto Hobbyists' Wallets
A global cryptocurrency phishing operation likely based in India or Sri Lanka has been stealing digital assets since at least 2022
Japanese Account Hijackers Make $2bn+ of Illegal Trades
Hackers have compromised Japanese trading accounts in an apparent attempt to manipulate the stock market
German Police Shutter “eXch” Money Laundering Service
Germany’s BKA has seized the infrastructure behind the crypto swapping service eXch
Google Deploys On-Device AI to Thwart Scams on Chrome and Android
The tech giant plans to leverage its Gemini Nano LLM on-device to enhance scam detection on Chrome
UN Launches New Cyber-Attack Assessment Framework
The UNIDR Intrusion Path is designed to provide a simplified view of cyber-threats and security across the network perimeter
FBI Sounds Alarm on Rogue Cybercrime Services Targeting Obsolete Routers
The FBI has detected indicators of malware targeting end-of-life routers associated with Anyproxy and 5Socks proxy services
PowerSchool Admits Ransom Payment Amid Fresh Extortion Demands
PowerSchool said its customers had been hit by new extortion demands using data stolen in a previous attack, despite attacker claims the data had been deleted
US Federal Agencies Alert on “Unsophisticated” OT Cyber-Threats
Cyber incidents targeting OT in US critical infrastructure have prompted renewed federal action
Russian Group Launches LOSTKEYS Malware in Attacks
New LOSTKEYS malware has been identified and linked to COLDRIVER by GTIG, stealing files and system data in targeted attacks
LockBit Ransomware Hacked, Insider Secrets Exposed
The data dump will likely shed light on LockBit’s recent activity and help law enforcement trace cryptocurrency transactions
Just 5% of Enterprises Have Deployed Quantum-Safe Encryption
DigiCert survey finds only 5% of global businesses are using post-quantum cryptography
UK Cyber Essentials Certification Numbers Falling Short
The UK government is set to prioritize increasing the number of UK organizations who are Cyber Essentials certified over the coming year
UK Launches New Cybersecurity Assessment Initiatives to Drive Secure by Design
The UK government unveiled two new assessment schemes to boost confidence in the security of products and services during CYBERUK
Confusion Reigns as Threat Actors Exploit Samsung MagicInfo Flaw
Researchers spot in-the-wild exploits of Samsung MagicInfo despite recent patch
