Infosecurity News

  1. CISA Emergency Directive Demands Action on Ivanti Zero-Days

    US security agency CISA orders all civilian federal agencies to take immediate steps to mitigate two Ivanti zero-day flaws

  2. Russian Spies Brute Force Senior Microsoft Staff Accounts

    Russian intelligence hackers compromise emails of senior Microsoft leadership with simple password spray attacks

  3. Russian Coldriver Hackers Deploy Malware to Target Western Officials

    Google has warned that the Russia-linked Coldriver has expanded its targeting of Western officials by deploying malware to exfiltrate sensitive data

  4. Experts Urge Clearer Direction in South Africa's Cyber Strategy

    South Africa’s cyber defenses have been lacking direction and resources for too long, researchers from the Carnegie Endowment for International Peace argued

  5. TA866 Resurfaces in Targeted OneDrive Campaign

    Proofpoint said it thwarted a large-scale campaign on January 11 primarily targeting North America

  6. New Malware Campaign Exploits 9hits in Docker Assault

    Discovered by Cado Security, the campaign deploys two containers to vulnerable Docker instances

  7. Iranian Phishing Campaign Targets Israel-Hamas War Experts

    Microsoft said the social engineering campaign aims to steal sensitive data from experts deemed to be able to influence intelligence and policies relating to the Israel-Hamas War

  8. Illicit Cryptocurrency Flows Drop 39% in 2023

    Chainalysis data shows major drop in value of funds received into underground crypto addresses in 2023, to $24.2bn

  9. NCSC Builds New “Cyber League” Threat Tracking Community

    The UK’s National Cyber Security Centre has launched a Cyber League to monitor emerging cyber-threats

  10. AI, Gaming, FinTech Named Major Cybersecurity Threats For Kids

    Kaspersky also noted smart home device popularity and malicious apps as threats to children in 2024

  11. Vendor Email Attacks Surged by 137% in Financial Sector in 2023

    Abnormal Security also noted a 71% surge in BEC attacks against the same sector

  12. OpenAI Announces Plans to Combat Misinformation Amid 2024 Elections

    OpenAI will implement a provenance standard into DALL-E 3 and link ChatGPT to an authoritative election website in the US

  13. 75% of Organizations Hit by Ransomware in 2023

    Veeam found that 75% of organizations suffered at least one ransomware attack last year, with 26% hit four or more times

  14. US Government Urges Action to Mitigate Androxgh0st Malware Threat

    An advisory from the FBI and CISA says threat actors are deploying the Androxgh0st malware for victim identification and exploitation in target networks

  15. Majorca Tourist Hotspot Hit With $11m Ransom Demand

    Municipality of Calvià on the Spanish island of Majorca was hit by a ransomware attack last weekend

  16. GitHub Rotates Credentials and Patches New Bug

    GitHub urges customers to apply a new patch and take action if impacted by credential rotation

  17. Phemedrone Stealer Targets Windows Defender Flaw Despite Patch

    The malware targets browsers, steals crypto wallet and messaging app data, and collects system information

  18. New Tool Identifies Pegasus and Other iOS Spyware

    Kaspersky experts developed the tool after analyzing Shutdown.log, a file retaining reboot information

  19. Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023

    In its latest Email Security Risk Report, Egress found that businesses were 10% more negatively affected by phishing attacks in 2023 than in 2022

  20. Crypto Heists Surge in 2023, $16.93m Already Stolen in 2024

    Comparitech revealed crypto heists increased in volume by 42% last year

Why Not Watch?

  1. Five Non-Negotiable Strategies to Get Identity Security Right in 2026

  2. How To Enhance Security Operations with AI-Powered Defenses

  3. Audit & Compliance in the Era of AI and Emerging Technology

  4. Revisiting CIA: Developing Your Security Strategy in the SaaS Shared Reality

What’s Hot on Infosecurity Magazine?