Infosecurity News

  1. Unicoin Staff Locked Out of G-Suite in Mystery Attack

    Employees at crypto firm Unicoin couldn’t access Google services for four days during a recent breach

  2. US Bipartisan Committee Urges Investigation Into Chinese Wi-Fi Routers

    Two Congressmen fear that the Chinese government might use TP-Link Wi-Fi routers to deploy hacking and espionage campaigns in the US

  3. Microsoft Mandates MFA for All Azure Sign-Ins

    Microsoft is mandating MFA for all Azure sign-ins, with customers given 60-day advance notices to start implementation

  4. Florida-Based National Public Data Confirms Data Breach

    The US data broker did not address the threat actor’s claim that the breach concerns 2.9 billion records

  5. Geopolitical Tensions Drive Explosion in DDoS Attacks

    Radware found that Web DDoS attacks rose by 265% in H1 2024, driven by hacktivist groups amid rising geopolitical tensions

  6. Cyber-criminals Exploited Paris Olympics With Fake Domains

    166 Olympics-related domains displayed signs of DNS abuse like keyword stuffing and typosquatting

  7. Advanced ValleyRAT Campaign Hits Windows Users in China

    Discovered by FortiGuard Labs, the ValleyRAT campaign targets Chinese Windows systems

  8. Russia's FSB Behind Massive Phishing Espionage Campaign

    Citizen Lab attributed the campaign to Coldriver, a notorious FSB subordinate team, and Coldwastrel, a new, Russian-aligned group

  9. Another Record Year For Ransomware Beckons as Crypto Profits Hit $460m

    Ransom payments in the first half of 2024 hit $460m, according to Chainalysis

  10. Google Warns of Iranian Cyber-Attacks on Presidential Campaigns

    Google has highlighted sophisticated spearphishing attacks by Iranian state actor APT42 targeting individuals associated with the US Presidential campaign

  11. SolarWinds Urges Upgrade After Revealing Critical RCE Bug

    SolarWinds has discovered and fixed a critical remote code execution vulnerability in Web Help Desk

  12. New Phishing Attack Uses Sophisticated Infostealer Malware

    The phishing attack uses infostealer malware to target saved passwords, credit cards & Bitcoin info

  13. Manufacturing Firm Loses $60m in BEC Scam

    Manufacturing firm Orion revealed it has lost $60m in a business email compromise (BEC) scam, which targeted a non-executive employee

  14. Research Uncovers New Microsoft Outlook Vulnerability

    CVE-2024-38173 is a medium severity RCE flaw in Microsoft Outlook, similar to CVE-2024-30103

  15. High-Risk Cloud Exposures Surge Due to Rapid Service Growth

    Firms are introducing 300 services monthly, contributing to 32% of high or critical cloud exposures

  16. Critical Vulnerability Found in Microsoft’s AI Healthcare Chatbot

    Tenable detailed two privilege escalation vulnerabilities in the Azure Health Bot Service, one of which has been rated critical

  17. Cyber-Attack Spreads Phishing Scam Across Greater Manchester Areas

    A cyber-attack has hit several boroughs across Greater Manchester, England, leaving thousands of residents vulnerable to a phishing scam

  18. NCSC Calls on UK Firms to Join Mass Cyber-Deception Initiative

    The UK’s National Cyber Security Centre wants to test the effectiveness of cyber-deception tactics

  19. Microsoft Fixes Nine Zero-Days on Patch Tuesday

    Microsoft’s August Patch Tuesday saw the tech giant address nine zero-day vulnerabilities

  20. Gold Mining Firm in Australia Reports Ransomware Breach

    In a Monday filing with the ASX, Evolution Mining stated that the incident was contained

Why Not Watch?

  1. Securing M365 Data and Identity Systems Against Modern Adversaries

  2. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  3. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

  4. Time Is a New Attack Surface: Securing Networks with Trusted Time Synchronization

What’s Hot on Infosecurity Magazine?