Infosecurity News
Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox
Kryptina, a free Ransomware-as-a-Service tool available on dark web forums, is now being used by Mallox ransomware affiliates
Vulnerabilities Found in Popular Houzez Theme and Plugin
The flaws are dangerous as the Houzez theme and Login Register plugin could allow privilege escalation by unauthenticated users
Russian Cyber-Attacks Home in on Ukraine’s Military Infrastructure
An overall rise in cyber incidents coming from Russian-aligned adversaries in 2024 was accompanied by a decrease in high and critical-severity incidents
LinkedIn Pauses GenAI Training Following ICO Concerns
The Information Commissioner’s Office says it’s pleased that LinkedIn has temporarily suspended its generative AI model training
German Police Shutter 47 Criminal Crypto Exchanges
Officers in Germany have shut down 47 cryptocurrency exchanges they accused of facilitating cybercrime
US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities
In its fourth annual report, the US Cyberspace Solarium Commission highlighted the need to focus on securing critical infrastructure and bolstering cyber resilience
Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable
A new report by Check Point Software highlights a significant increase in cloud security incidents, largely due to a lack of cybersecurity expertise and employee training
Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions
The bank giant and Quantinuum trialed the first application of quantum-secure technology for buying and selling tokenized physical gold
Infostealers Cause Surge in Ransomware Attacks, Just One in Three Recover Data
Infostealer malware and digital identity exposure behind rise in ransomware, researchers find
Western Agencies Warn Risk from Chinese-Controlled Botnet
Cyber and law enforcement agencies across the “Five Eyes” countries issue warning about large-scale botnet linked to Chinese firm and Flax Typhoon group
8000 Claimants Sue Outsourcing Giant Capita Over 2023 Data Breach
A Manchester law firm has filed a lawsuit against outsourcing giant Capita, representing nearly 8000 claimants who were affected by a cyber-attack in 2023
FCC $200m Cyber Grant Pilot Opens Applications for Schools and Libraries
US Schools and libraries have until November 1, 2024 to enrol for a three-year program during which participants will receive discounts on eligible cybersecurity services and equipment
Cryptojacking Gang TeamTNT Makes a Comeback
Group-IB claims to have found evidence of a new TeamTNT cryptojacking campaign
Insecure APIs and Bot Attacks Cost Global Firms $186bn
Thales claims API insecurity and automated bot abuse is costing organizations an estimated $186bn annually
Critical Infrastructure at Risk From Email Security Breaches
Critical infrastructure security undermined by weakness in email protection, researchers warn
Google Street View Images Used For Extortion Scams
Attackers use Google Street View images to put pressure on victims of “sextortion” scams
Europol Taskforce Disrupts Global Criminal Network Through Supply Chain Attack
The suspected creator of Ghost, an encrypted communication platform allegedly used by organized crime groups worldwide, has been arrested
AT&T Agrees $13m FCC Settlement Over Cloud Data Breach
Telco giant AT&T will pay the FCC $13m to resolve a cloud breach investigation
CISA Issues Advice to Help Eliminate XSS Bugs
The US Cybersecurity and Infrastructure Security Agency is trying to eradicate cross-site scripting vulnerabilities
US Looks to Align Security Across Government
CISA project will align cybersecurity polices across the Federal Civilian Executive Branch of US government
