Infosecurity News

  1. Microsoft Mandates MFA for All Azure Sign-Ins

    Microsoft is mandating MFA for all Azure sign-ins, with customers given 60-day advance notices to start implementation

  2. Florida-Based National Public Data Confirms Data Breach

    The US data broker did not address the threat actor’s claim that the breach concerns 2.9 billion records

  3. Geopolitical Tensions Drive Explosion in DDoS Attacks

    Radware found that Web DDoS attacks rose by 265% in H1 2024, driven by hacktivist groups amid rising geopolitical tensions

  4. Cyber-criminals Exploited Paris Olympics With Fake Domains

    166 Olympics-related domains displayed signs of DNS abuse like keyword stuffing and typosquatting

  5. Advanced ValleyRAT Campaign Hits Windows Users in China

    Discovered by FortiGuard Labs, the ValleyRAT campaign targets Chinese Windows systems

  6. Russia's FSB Behind Massive Phishing Espionage Campaign

    Citizen Lab attributed the campaign to Coldriver, a notorious FSB subordinate team, and Coldwastrel, a new, Russian-aligned group

  7. Another Record Year For Ransomware Beckons as Crypto Profits Hit $460m

    Ransom payments in the first half of 2024 hit $460m, according to Chainalysis

  8. Google Warns of Iranian Cyber-Attacks on Presidential Campaigns

    Google has highlighted sophisticated spearphishing attacks by Iranian state actor APT42 targeting individuals associated with the US Presidential campaign

  9. SolarWinds Urges Upgrade After Revealing Critical RCE Bug

    SolarWinds has discovered and fixed a critical remote code execution vulnerability in Web Help Desk

  10. New Phishing Attack Uses Sophisticated Infostealer Malware

    The phishing attack uses infostealer malware to target saved passwords, credit cards & Bitcoin info

  11. Manufacturing Firm Loses $60m in BEC Scam

    Manufacturing firm Orion revealed it has lost $60m in a business email compromise (BEC) scam, which targeted a non-executive employee

  12. Research Uncovers New Microsoft Outlook Vulnerability

    CVE-2024-38173 is a medium severity RCE flaw in Microsoft Outlook, similar to CVE-2024-30103

  13. High-Risk Cloud Exposures Surge Due to Rapid Service Growth

    Firms are introducing 300 services monthly, contributing to 32% of high or critical cloud exposures

  14. Critical Vulnerability Found in Microsoft’s AI Healthcare Chatbot

    Tenable detailed two privilege escalation vulnerabilities in the Azure Health Bot Service, one of which has been rated critical

  15. Cyber-Attack Spreads Phishing Scam Across Greater Manchester Areas

    A cyber-attack has hit several boroughs across Greater Manchester, England, leaving thousands of residents vulnerable to a phishing scam

  16. NCSC Calls on UK Firms to Join Mass Cyber-Deception Initiative

    The UK’s National Cyber Security Centre wants to test the effectiveness of cyber-deception tactics

  17. Microsoft Fixes Nine Zero-Days on Patch Tuesday

    Microsoft’s August Patch Tuesday saw the tech giant address nine zero-day vulnerabilities

  18. Gold Mining Firm in Australia Reports Ransomware Breach

    In a Monday filing with the ASX, Evolution Mining stated that the incident was contained

  19. NIST Formalizes World's First Post-Quantum Cryptography Standards

    NIST has formalized three post-quantum cryptographic algorithms, with organizations urged to start the transition to quantum-secure encryption immediately

  20. East Valley Institute of Technology Data Breach Exposes Over 200,000 Records

    The EVIT breach exposed the data of 208,717 individuals, including students, faculty and parents

Why not watch?

  1. Mastering Australian Privacy Act and Essential Eight While Improving Cybersecurity Posture

  2. Dispelling the Myths of Defense-Grade Cybersecurity

  3. Navigating Exposures in Energy ICS Environments

  4. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

What’s hot on Infosecurity Magazine?