At Infosecurity Magazine myself and the team of top cybersecurity journalists are dedicated to bringing you the latest news, research, data breaches and policy announcements affecting the sector.
From urgent patch notices to new advice on password from NIST, we are dedicated to bringing you up-to-date information to help you be at the top of your cybersecurity game.
As 2024 draws to a close, Infosecurity has compiled the top 10 most read cybersecurity news article by our own readership base.
CISA Urges Critical Infrastructure to Patch Urgent ICS Vulnerabilities
CISA warned critical infrastructure organizations about vulnerabilities in nine ICS products, urging immediate action to mitigate potential risks in sectors like energy, manufacturing and transportation. The vulnerabilities ranged from medium to critical in severity.
US and Israel Warn of Iranian Threat Actor’s New Tradecraft
In November, the US and Israel issued a joint warning about the Iranian hacking group Cotton Sandstorm, which is using advanced techniques, including AI, to target critical infrastructure and influence elections. The group, also known as Marnanbridge and Haywire Kitten, was observed to have from ‘hack and leak’ operations against organizations primarily in Israel to a broader range of attacks impacting numerous countries, including Israel, France, Sweden and the US.
NIST Scraps Passwords Complexity and Mandatory Changes in New Guidelines
New guidelines published by the US National Institute of Standards and Technology (NIST) highlighted that using a mixture of character types in your passwords and regularly changing passwords are officially no longer best password management practices.
Nigerian 'Yahoo Boys' Behind Social Media Sextortion Surge in the US
Nigeria-based cybercriminals known as the Yahoo Boys were behind a serge in sextortion activity targeting teenagers from Western English-speaking countries. Social media was found to be the platform of choice for these schemes to unfold and extort victims out of large sums of money.
Change Healthcare Cyber-Attack Leads to Prescription Delays
Change Healthcare suffered a ransomware attack in 2024 which led to delays in prescriptions being issued to patients. The data breach was said to affect 100 million Americans. The healthcare insurance firm later admitted to paying attackers, understood to be BlackCat, a $22m ransom in order to restore systems.
NIST National Vulnerability Database Disruption Sees CVE Enrichment on Hold
NIST almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database (NVD) from February 2024. In March, NIST unveiled that a new consortium would help it run the NVD. The NVD issues were alleged to be the result of a number of challenges, including NIST budget issues, discussions surrounding the replacement of some vulnerability standards and adoption of Package URLs, and the conclusion of a contract with an organization that works with NIST on the NVD.
Over Six Million Hit by Ransomware Breach at Infosys McCamish Systems
Infosys McCamish Systems was hit by a ransomware attack in 2023. In 2024 it was revealed that the incident impacted over six million customers, exposing their Social Security Number, date of birth, medical treatment/record information and more. The company, which provides outsourcing services to financial and insurance companies, said it began notifying customers about the breach on June 27.
CISA Urges Improvements in US Software Supply Chain Transparency
The US Cybersecurity and Infrastructure Security Agency (CISA) published its third edition of Framing Software Component Transparency document which aims to improve the clarity and use of Software Bills of Materials (SBOMs). The document outlined essential SBOM attributes and said that simply including baseline information in an SBOM is insufficient to address all use cases. As the use of SBOMs grows, organizations will need to adopt more advanced practices for sharing and managing this data.
North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT Worker
Cybersecurity firm KnowBe4 revealed in 2024 that it was the victim of a fake IT worker scam. The company inadvertently hired a fake North Korean IT works who attempted malicious activity, this was identified and prevented before illegal access was gained. The case demonstrates North Korea’s ongoing efforts to get fake workers employed in IT roles in Western companies, both as a means of generating revenue for the Democratic People’s Republic of Korea (DPRK) government and to conduct malicious cyber intrusions.
AnyDesk Hit by Cyber-Attack and Customer Data Breach
In early 2024, popular remote desktop software provider AnyDesk confirmed that its production systems had been compromised following a cyber-attack. The adversaries managed to steal source code and private code signing keys and gain access to the firm’s production systems. AnyDesk said that the breach was not related to ransomware and found no evidence that any end-user devices were affected.