Infosecurity News
BadIIS Malware Exploits IIS Servers for SEO Fraud
Trend Micro uncovers BadIIS malware exploiting IIS servers for SEO fraud and malicious redirects
Georgia Hospital Alerts 120,000 Individuals of Data Breach
Memorial Hospital and Manor, located in Bainbridge, Georgia, has alerted 120,000 individuals that their data was breached following a ransomware attack last November
US: Man Gets 20 Years for $37m Crypto Heist
A US resident based in Indiana was charged with cyber intrusion and cryptocurrency theft conspiracies
UK Military Fast-Tracks Cybersecurity Recruitment
The UK MoD has announced it is fast-tracking the recruitment of specialist cybersecurity roles, with recruits offered a starting salary of above £40,000
Experts Dismayed at UK’s Apple Decryption Demands
Security and privacy experts have questioned a new demand from the UK Home Office on Apple’s encrypted iCloud service
Europol Warns Financial Sector of “Imminent” Quantum Threat
Europol has urged the financial sector to prioritize quantum-safe cryptography
Most UK GDPR Enforcement Actions Targeted Public Sector in 2024
27 UK public sector organizations faced ICO enforcement actions in 2024, with three fines issued, according to URM Consulting
Malicious AI Models on Hugging Face Exploit Novel Attack Technique
The technique, called nullifAI, allows the models to bypass Hugging Face’s protective measures against malicious AI models
Third-Party Risk Management Failures Expose UK Finance Sector
Orange Cyberdefense found that over half of UK financial firms suffered at least one third-party attack in 2024, linked to significant gaps in risk management strategies
Cybercriminals Weaponize Graphics Files in Phishing Attacks
Sophos has observed cybercriminals ramping up their use of graphics files as part of email phishing attacks to bypass conventional security protections
Europol Cracks Down on Global Child Abuse Network “The Com”
US and Europol dismantle neo-Nazi child abuse network in global crackdown against online exploitation
WordPress ASE Plugin Vulnerability Threatens Site Security
Patchstack urges admins to patch new WordPress ASE plugin vulnerability that lets users restore previous admin privileges
New UK Cyber Monitoring Centre Introduces 'Richter Scale' for Cyber-Attacks
This new independent non-profit was set up by the UK insurance industry to bring more transparency around cyber events
Lazarus Group Targets Bitdefender Researcher with LinkedIn Recruiting Scam
A Bitdefender researcher was targeted by North Korea’s Lazarus with the lure of a fake job offer
NCSC Issues Guidance to Protect UK Research and Innovation
The UK’s National Cyber Security Centre has published a new set of resources for startups and researchers
Spanish Police Arrest Suspected NATO and US Army Hacker
Spain’s National Police force has arrested a suspected data thief who targeted government and military victims
Sophisticated Phishing Campaign Targets Ukraine’s Largest Bank
A new phishing attack by UAC-0006 has been discovered targeting PrivatBank with malicious files in password-protected archives to evade detection
Ransomware Payments Decline 35% as Victims Resist Demands
Chainalysis found that ransomware payments fell significantly year-over-year despite a recorded increase in the number of ransomware events in 2024
Mobile Malware Targeting Indian Banks Exposes 50,000 Users
Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing
Five Eyes Launch Guidance to Improve Edge Device Security
The UK and its Five Eyes partners have launched new security guidance for edge device manufacturers and network defenders
