Infosecurity News
LockBit Ransomware Developer Extradited to US
US authorities have extradited Rostislav Panev on charges of being a developer of the notorious LockBit ransomware
Fraudsters Impersonate Clop Ransomware to Extort Businesses
Barracuda observed threat actors impersonating the Clop ransomware group via email to extort payments, claiming to have exfiltrated sensitive data
Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director
Sir Jeremy Fleming spoke during Palo Alto Networks’ Ignite event in London on March 13
Volt Typhoon Accessed US OT Network for Nearly a Year
Volt Typhoon's ten-month intrusion of Littleton Electric Light and Water Departments exposes vulnerabilities in the US electric grid
CISA, FBI Warn of Medusa Ransomware Impacting Critical Infrastructure
CISA and FBI warn of Medusa ransomware impacting over 300 victims across critical infrastructure sectors with double extortion tactics
‘ClickFix’ Phishing Scam Impersonates Booking.com to Target Hospitality
Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware
Tech Complexity Puts UK Cybersecurity at Risk
Palo Alto Networks found that nearly two-thirds of UK organizations cited technology complexity as the most significant challenge towards building a sophisticated security posture
VC Investment in Cyber Startups Surges 35%
VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously
UK ICO Fires GDPR “Warning Shot” Over Use of Children’s Data
The UK’s information commissioner has warned that all digital firms using children’s data must follow the GDPR
ISACA London Chapter's E-Voting System Comes Under Scrutiny
ISACA London Chapter members demand e-voting system investigation over security and privacy concerns
iOS 18.3.2 Patches Actively Exploited WebKit Vulnerability
iOS 18.3.2 patches actively exploited WebKit flaw, addressing critical security risks for users
Trump Administration Shakes Up CISA with Staff and Funding Cuts
In a new round of cuts since Donald Trump became president, 100 people working with the US Cybersecurity and Infrastructure Agency saw their contracts terminated
Machine Identities Outnumber Humans Increasing Risk Seven-Fold
Surging machine identities, faster threat detection and fewer vulnerabilities are shaping cloud security according to a new report
Chinese Hackers Implant Backdoor Malware on Juniper Routers
Mandiant revealed that Chinese espionage actor UNC3886 has deployed modified versions of the TinyShell backdoor across multiple Juniper OS routers
Microsoft Patches a Whopping Seven Zero-Days in March
Microsoft has fixed seven zero-days this Patch Tuesday, including one not currently being actively exploited
UK Cybersecurity Sector Revenue Grows 12% to Top £13bn
The UK’s cybersecurity sector added thousands of workers and over £1bn in revenue in 2024
Blind Eagle Targets Colombian Government with Malicious .url Files
Blind Eagle has been running campaigns targeting the Colombian government with malicious .url files and phishing attacks
New York Sues Allstate Over Data Breach and Security Failures
New York sues Allstate over data breach, alleging security failures that exposed the driver’s license numbers of nearly 200,000 individuals
95% of Data Breaches Tied to Human Error in 2024
Mimecast found that insider threats, credential misuse and user-driven errors were involved in most security incidents last year
CISA Urges All Organizations to Patch Exploited Critical Ivanti Vulnerabilities
The US Cybersecurity and Infrastructure Security Agency (CISA) has added five new flaws in Ivanti and VeraCore products to its Known Exploited Vulnerabilities catalog
