Infosecurity News
#Infosec2024: Why Human Risk Management is Cybersecurity's Next Step for Awareness
With most cyber-attacks still involving a non-malicious human element, it is clear that awareness training alone is insufficient, this is where human risk management comes into play
#Infosec2024: Charity Bridges Digital Divide and Fuels New Cyber Talent
Every Child Online, a UK charity, tackles the digital divide and potential cybersecurity skills gap by offering free refurbished IT equipment to underprivileged children
Health Information Published Online After MediSecure Ransomware Attack
MediSecure confirmed that limited health data of customers was posted onto a dark web forum, with a 6.5TB dataset reportedly put up for sale
Microsoft: Gift Card Fraud Rising, Costing Businesses up to $100,000 a Day
Microsoft has warned of surging gift card fraud and sophisticated approaches from the group Storm-0539
Fake Pegasus Spyware Strains Populate Clear and Dark Web
Actors in the clear and dark web are distributing fake source codes of the Pegasus spyware for financial gain
Cybercriminals Exploit Cloud Storage For SMS Phishing Scams
According to Enea, these campaigns use cloud storage platforms to host malicious websites, sending links via SMS to bypass firewalls
Indian Election Faces Cyber-Attacks, Data Leaks on Dark Web
Resecurity reported a 300% spike in cyber-attacks post-#OpIsrael, intensifying since #OpIndia last year
NVD Leaves Exploited Vulnerabilities Unchecked
Over half of CISA’s known exploited vulnerabilities disclosed since February 2024 have not yet been analyzed by NIST’s National Vulnerability Database
National Records of Scotland Data Breached in NHS Cyber-Attack
National Records of Scotland said sensitive personal data was part of information published online following a ransomware attack on NHS Dumfries and Galloway
GitHub Fixes Maximum Severity Flaw in Enterprise Server
A newly patched GitHub Enterprise Server bug has a CVSS score of 10
PSNI Faces £750,000 Data Breach Fine After Spreadsheet Leak
The Police Service of Northern Ireland has been fined £750K following a serious data breach last year
Report Reveals 341% Rise in Advanced Phishing Attacks
This data comes from SlashNext’s mid-year State of Phishing 2024 report
UserPro Plugin Vulnerability Allows Account Takeover
The plugin is used by over 20,000 sites and enables users to create customizable community websites
Chinese Hackers Rely on Covert Proxy Networks to Evade Detection
Volt Typhoon and other Chinese cyber espionage actors are relying on operational relay box (ORB) networks, Mandiant has observed
Mastercard Doubles Speed of Fraud Detection with Generative AI
Mastercard said it is using generative AI-based predictive technology to double the speed at which it can detect potentially compromised cards
US Unveils $50M Program to Help Hospitals Patch Cybersecurity Gaps
The US government UPGRADE program aims to automate vulnerability management in hospital environments, ensuring minimum disruption to services
UK Government in £8.5m Bid to Tackle AI Cyber-Threats
The government is spending millions on research into AI safety
Authorized Push Payment Fraud Cases Surge 12% Annually
UK Finance figures reveal romance, purchase and investment scams drove up authorised push payment fraud in 2023
Russia’s DoppelGänger Campaign Manipulates Social Media
Operation Matriochka has been challenging the credibility of journalists and fact-checkers since May 2022
70% of CISOs Expect Cyber-Attacks in Next Year, Report Finds
Proofpoint said the shift to remote and hybrid work has expanded the attack surface for many businesses
