Infosecurity News
Health Tech Execs Get Jail Time For $1bn Fraud Scheme
The former CEO and COO of a health startup will spend years in jail after conducting a large-scale fraud scheme
Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
Cisco has patched a zero-day vulnerability exploited by a Chinese APT group to compromise Nexus switches
Meta’s ‘Pay or Consent’ Data Model Breaches EU Law
The EU Commission said Meta’s pay or consent model means users cannot freely consent to their personal data being collected for advertising purposes
Critical OpenSSH Flaw Enables Full System Compromise
A newly discovered RCE vulnerability, which can lead to full system compromise, has put over 14 million OpenSSH server instances are potentially at risk, according to Qualys
Australian Police Arrest Suspect in Fake Wi-Fi Scam Targeting Airport Passengers
Evil twin Wi-Fi access points mimicked legitimate networks to capture personal data from unsuspecting victims who mistakenly connected to them
Cyber-Insurance Premiums Decline as Firms Build Resilience
Insurance broker Howden says premiums are falling as security best practice takes hold
Over Six Million Hit by Ransomware Breach at Infosys McCamish Systems
Outsourcer Infosys McCamish Systems has revealed millions of victims were impacted by a ransomware attack last year
TeamViewer Cyber-Attack Attributed to Russian APT Midnight Blizzard
Remote software provider TeamViewer has revealed it has been hit by a cyber-attack that it attributes to Russian state actor Midnight Blizzard
Cyber Workforce Grows 15% at Large Organizations as Security is Prioritized
From an average of one cybersecurity expert for 1285 employees in 2023, large organizations now have one for every 1086 employees, according to Wavestone
Google Thwarts Over 10,000 Attempts by Chinese Influence Operator
Google warned of high levels of activity from Chinese influence operator Dragon Bridge, which is increasingly experimenting with generative AI tools to create content
CISOs Reveal Firms Prioritize Savings Over Long-Term Security
The data from Bugcrowd also reveals 40% of CISOs think most firms don't understand breach risks
Operation First Light Seizes $257m in Global Scam Bust
The operation, orchestrated by Interpol, resulted in the arrest of 3950 suspects
Majority of Critical Open Source Projects Contain Memory Unsafe Code
A CISA analysis in collaboration with international partners concluded most critical open source projects potentially contain memory safety vulnerabilities
US Charges Russian Individual for Pre-Invasion Ukraine Hack
The US government is offering up to $10m for information on Amin Timovich Stigal’s location or his malicious cyber activity
IT Leaders Split on Using GenAI For Cybersecurity
Corelight study claims many IT leaders see benefit of GenAI but similar share are concerned about data exposure
Chinese State Actors Use Ransomware to Conceal Real Intent
A new report warns that Chinese APT groups are using ransomware to conceal cyber-espionage activity
Progress Discloses Two New Vulnerabilities in MOVEit Products
Two authentication bypass vulnerabilities affect Progress Software’s MOVEit Transfer SFTP service in a default configuration and MOVEit Gateway
Novel Banking Malware Targets Customers in Southeast Asia
A novel malware strain, Snowblind, bypasses security measures in banking apps on Android, leading to financial losses and fraud, according to Promon
Cyber Attackers Turn to Cloud Services to Deploy Malware
A growing number of malware operators have turned to cloud-based command and control servers to deploy malicious campaigns, Fortinet researchers found
Identity Crime Reports Drop 16% Annually but Job Scams Surge
Identity-related crimes declined 16% annually in 2023 with the majority related to compromised credentials