Infosecurity News
CISA, FBI Warn of Medusa Ransomware Impacting Critical Infrastructure
CISA and FBI warn of Medusa ransomware impacting over 300 victims across critical infrastructure sectors with double extortion tactics
‘ClickFix’ Phishing Scam Impersonates Booking.com to Target Hospitality
Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware
Tech Complexity Puts UK Cybersecurity at Risk
Palo Alto Networks found that nearly two-thirds of UK organizations cited technology complexity as the most significant challenge towards building a sophisticated security posture
VC Investment in Cyber Startups Surges 35%
VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously
UK ICO Fires GDPR “Warning Shot” Over Use of Children’s Data
The UK’s information commissioner has warned that all digital firms using children’s data must follow the GDPR
ISACA London Chapter's E-Voting System Comes Under Scrutiny
ISACA London Chapter members demand e-voting system investigation over security and privacy concerns
iOS 18.3.2 Patches Actively Exploited WebKit Vulnerability
iOS 18.3.2 patches actively exploited WebKit flaw, addressing critical security risks for users
Trump Administration Shakes Up CISA with Staff and Funding Cuts
In a new round of cuts since Donald Trump became president, 100 people working with the US Cybersecurity and Infrastructure Agency saw their contracts terminated
Machine Identities Outnumber Humans Increasing Risk Seven-Fold
Surging machine identities, faster threat detection and fewer vulnerabilities are shaping cloud security according to a new report
Chinese Hackers Implant Backdoor Malware on Juniper Routers
Mandiant revealed that Chinese espionage actor UNC3886 has deployed modified versions of the TinyShell backdoor across multiple Juniper OS routers
Microsoft Patches a Whopping Seven Zero-Days in March
Microsoft has fixed seven zero-days this Patch Tuesday, including one not currently being actively exploited
UK Cybersecurity Sector Revenue Grows 12% to Top £13bn
The UK’s cybersecurity sector added thousands of workers and over £1bn in revenue in 2024
Blind Eagle Targets Colombian Government with Malicious .url Files
Blind Eagle has been running campaigns targeting the Colombian government with malicious .url files and phishing attacks
New York Sues Allstate Over Data Breach and Security Failures
New York sues Allstate over data breach, alleging security failures that exposed the driver’s license numbers of nearly 200,000 individuals
95% of Data Breaches Tied to Human Error in 2024
Mimecast found that insider threats, credential misuse and user-driven errors were involved in most security incidents last year
CISA Urges All Organizations to Patch Exploited Critical Ivanti Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has added five new flaws in Ivanti and VeraCore products to its Known Exploited Vulnerabilities catalog
Record Number of Girls Compete in CyberFirst Contest
More than 14,500 girls from across the UK took part in this year’s CyberFirst Girls competition
DDoS Blamed as X Suffers Multiple Outages
Pro-Palestine Dark Storm Team group claims responsibility for major DDoS attacks on X
SIM Swapping Fraud Surges in the Middle East
SIM swapping fraud surges in the Middle East as cybercriminals exploit websites mimicking legitimate services to steal personal data
Surge in Malicious Software Packages Exploits System Flaws
A new report by Fortinet reveals techniques used by attackers to evade detection and compromise systems
