Infosecurity News
Chinese-Backed Silver Fox Plants Backdoors in Healthcare Networks
Forescout observed the recently identified Chinese hacking group using medical imaging software applications to deliver malware
Only a Fifth of Ransomware Attacks Now Encrypt Data
ReliaQuest claims 80% of ransomware attacks now focus solely on exfiltrating data as it is faster
Chinese Botnet Bypasses MFA in Microsoft 365 Attacks
SecurityScorecard revealed that the large-scale password spraying campaign can bypass MFA and security access policies by utilizing Non-interactive sign-ins
Quarter of Brits Report Deepfake Phone Scams
New Hiya data finds 26% of UK consumers encountered a deepfake scam call in Q4 2024
Essential Addons for Elementor XSS Vulnerability Discovered
Elementor plugin flaw puts 2m WordPress websites at risk, allowing XSS attacks via malicious scripts
Michigan Man Indicted for Dark Web Credential Fraud
Michigan man indicted for dark web credential fraud, purchased 2,500 logins from Genesis Market
Google Cloud Shields Data With Quantum-Resistant Digital Signatures
Google Cloud's Key Management Service now features quantum-safe digital signatures to strengthen data integrity and prepare for emerging quantum computing challenges
IT/OT Convergence Fuels Manufacturing Cyber Incidents
Telstra found that 75% of cyber incidents impacting manufacturing firms originated from the targeting of IT systems connected to OT environments
Experts Slam Government After “Disastrous” Apple Encryption Move
Experts argue Britons are now less secure after their government effectively forced Apple to abandon end-to-end encryption
Bybit Offers $140m Bounty to Recover Funds After Mega Crypto-Heist
Following the largest-ever crypto theft, Bybit is offering researchers up to 10% of recovered funds
Salt Typhoon Exploited Cisco Devices With Custom Tool to Spy on US Telcos
Chinese threat actor Salt Typhoon used JumbledPath, a custom-built utility, to gain access to a remote Cisco device, said the network provider
DoD Contractor Pays $11.2M over False Cyber Certifications Claims
Health Net Federal Services has agreed to pay over $11m over alleged false cybersecurity reporting
BlackBasta Ransomware Chatlogs Leaked Online
BlackBasta’s internal chatlogs are “highly useful from a threat intelligence perspective,” said Prodaft, the firm that revealed the leak
Microsoft’s Quantum Chip Breakthrough Accelerates Threat to Encryption Protocols
Microsoft has developed the first ever quantum chip, shortening the timeframe for when quantum computers will break exiting encryption
Malicious Ads Target Freelance Developers via GitHub
Fake job ads target freelance developers, spreading malware via GitHub
West Coast Cybersecurity Salaries Outshine Rest of Country
A survey by IANS and Artico found significant regional variation in cybersecurity salary levels across North America
Mobile Phishing Attacks Surge with 16% of Incidents in US
Mobile phishing attacks surged in 2024, with 16% of all incidents occurring in the US, according to a new Zimperium report
Over 330 Million Credentials Compromised by Infostealers
Kela researchers 330 million compromised credentials to infostealer activity on over four million machines in 2024
Hackers Chain Exploits of Three Palo Alto Networks Firewall Flaws
Palo Alto Networks has observed exploit attempts chaining three vulnerabilities in its PAN-OS firewall appliances
CISA and FBI Warn of Global Threat from Ghost Ransomware
CISA and the FBI have released a joint advisory detailing the activity of China’s Ghost ransomware