Infosecurity News
EU Launches Investigation Into TikTok Over Child Protection and Privacy Concerns
TikTok is suspected of breaching the EU’s Digital Services Act requirements on transparency, privacy and obligations to protect minors
Ukrainian Faces Decades in Prison for Leading Prolific Malware Campaigns
The US DoJ said that the Ukrainian national has pleaded guilty to leading the Zeus and IcedID malware campaigns, which resulted in losses of tens of millions of dollars
Israeli Aircraft Survive “Cyber-Hijacking” Attempts
Hackers have attempted to divert two commercial Israeli aircraft in recent days, reports claim
Fifth of British Kids Have Broken the Law Online
A new National Crime Agency study reveals 20% of 10- to 16-year-olds have violated the Computer Misuse Act
New Ivanti Vulnerability Observed as Widespread Security Concerns Grow
After discovering a new vulnerability impacting its Connect Secure, Policy Secure, and ZTA gateways, Ivanti is under fire for poor security practices
Hackers Exploit EU Agenda in Spear Phishing Campaigns
Adversaries targeting EU-based victims increasingly leverage EU affairs in spear phishing attacks, CERT-EU found
PDF Malware on the Rise, Used to Spread WikiLoader, Ursnif and DarkGate
Cybercriminals are increasingly using PDFs to deliver malware, with a 7% rise in threats detected in Q4 2023 compared to Q1, according to a HP Wolf Security report
“TicTacToe Dropper” Malware Distribution Tactics Revealed
A new Fortinet analysis revealed a plethora of final-stage payloads delivered by a series of malware droppers
Prudential Financial Faces Cybersecurity Breach
The breach exposed administrative and user data from specific IT systems, but there is no evidence of customer or client data compromise
Crypto-Money Laundering Records 30% Annual Decline
Chainalysis data reveals a near-30% fall in the value of digital currency being laundered in 2023
Microsoft, OpenAI Confirm Nation-States are Weaponizing Generative AI in Cyber-Attacks
Microsoft and OpenAI found that nation-state groups are using generative AI tools to support cyber campaigns rather than developing novel attack techniques
GoldPickaxe Trojan Blends Biometrics Theft and Deepfakes to Scam Banks
Group-IB warns of new Trojan GoldPickaxe designed to bypass banking facial recognition with deepfakes
Water Hydra’s Zero-Day Attack Chain Targets Financial Traders
CVE-2024-21412 was used to evade Microsoft Defender SmartScreen and implant victims with DarkMe
PII Input Sparks Cybersecurity Alarm in 55% of DLP Events
Menlo Security’s latest report also revealed a 26% surge in security policies tailored for generative AI sites
Iranian Hackers Target Israel and US to Sway Public Opinion in Hamas Conflict
Iran-aligned adversaries have attempted to use cyber tactics to sway public opinion of the Israel-Hamas war, Google found in a new report
Cybersecurity Spending Expected to be Slashed in 41% of SMEs
JumpCloud found that 41% of SME IT professionals expect cybersecurity spending to be cut in their organization, increasing the risk of cyber-attacks
Microsoft Fixes Two Zero-Days in February Patch Tuesday
Two zero-day bugs actively exploited in the wild now have official Microsoft patches
Romantic AI Chatbots Fail the Security and Privacy Test
Mozilla warns of serious security and privacy concerns over romantic chatbots downloaded by 100 million users
Southern Water Notifies Customers and Employees of Data Breach
UK utilities firm Southern Water has informed 5-10% of its customer base that their personal data has been accessed following a ransomware attack in January
