Infosecurity News

  1. Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe

    OpenAI must also initiate a six-month public awareness campaign across Italian media, explaining how it processes personal data for AI training

  2. Ukraine's Security Service Probes GRU-Linked Cyber-Attack on State Registers

    The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine

  3. LockBit Admins Tease a New Ransomware Version

    The LockBitSupp persona said LockBit 4.0 will be launched in February 2025

  4. Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns

    The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging users isolate these devices from networks

  5. CISA Urges Encrypted Messaging After Salt Typhoon Hack

    The US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging

  6. Ransomware Attackers Target Industries with Low Downtime Tolerance

    A Dragos report observed 23 new ransomware groups targeting industrial organizations in Q3 2024

  7. US Organizations Still Using Kaspersky Products Despite Ban

    Bitsight found that 40% of US organizations who used Kaspersky products before the government ban came into effect still appear to be using them

  8. EU Opens Door for AI Training Using Personal Data

    The EU Data Protection Board (EDPB) published a long-awaited opinion on how GDPR should apply to AI models

  9. New Malware Can Kill Engineering Processes in ICS Environments

    Forescout identified a new type of malware capable of terminating engineering processes, used to target Siemens engineering workstations

  10. Crypto-Hackers Steal $2.2bn as North Koreans Dominate

    Mainly North Korean hackers stole over $2bn from crypto platforms in 2024, says Chainalysis

  11. Recorded Future CEO Calls Russia’s “Undesirable” Listing a “Compliment”

    Cybersecurity firm Recorded Future has been listed as an “undesirable” organization by the Prosecutor General's Office of the Russian Federation

  12. Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Attack

    A Morphisec researcher showed how an attacker could manipulate FIRST’s Exploit Prediction Scoring System (EPSS) using AI

  13. Interpol Calls for an End to “Pig Butchering” Terminology

    Interpol wants to change the term “pig butchering” to “romance baiting”

  14. US Government Issues Cloud Security Requirements for Federal Agencies

    A CISA Directive sets out actions all US federal agencies must take to identify and secure cloud tenants in their environments

  15. Phishing Attacks Double in 2024

    SlashNext reports a 202% increase in overall phishing messages and a 703% surge in credential-based phishing attacks in 2024

  16. New Attacks Exploit VSCode Extensions and npm Packages

    Malicious campaigns targeting VSCode extensions have recently expanding to npm, risking software supply chains

  17. Attacker Distributes DarkGate Using MS Teams Vishing Technique

    Trend Micro highlighted a case where an attacker posed as a client on an MS Teams call to distribute DarkGate malware

  18. Nigeria Cracks Down on Cryptocurrency Investment Fraud and Romance Scams

    The suspects were apprehended in a surprise operation at their hideout in Lagos following intelligence received by Nigeria's Economic and Financial Crimes Commission

  19. Meta Hit with Massive $263m GDPR Fine

    The Irish Data Protection Commission has fined Meta $263m for a 2018 data breach impacting 29 million Facebook accounts

  20. European Commission Opens TikTok Election Integrity Probe

    The European Commission is investigating whether TikTok allowed foreign actors to influence voters during recent Romanian elections

What’s hot on Infosecurity Magazine?