Infosecurity News

  1. Ransomware Attacks Surge to Record High in December 2024

    NCC Group observed 574 global ransomware attacks in December, the highest monthly volume it has recorded

  2. Major Cybersecurity Vendors' Credentials Found on Dark Web

    Cyble has found thousands of security vendors' credentials on the dark web, likely pulled from infostealer logs

  3. Account Compromise and Phishing Top Healthcare Security Incidents

    Netwrix claims 84% of healthcare organizations detected a cyber-attack in the past year

  4. Cloudflare Mitigates Record-Breaking 5.6Tbps DDoS Attack

    Cloudflare warns of a surge in hyper-volumetric DDoS after revealing it stopped a massive 5.6Tbps attack

  5. New Mirai Malware Variant Targets AVTECH Cameras, Huawei Routers

    Murdoc_Botnet used Mirai malware to exploit IoT vulnerabilities, targeting devices globally

  6. UK’s New Digital IDs Raise Security and Privacy Fears

    Security experts have outlined security and privacy concerns around the UK government’s GOV.UK Wallet, which will allow citizens to store all their ID documents in a single place

  7. Phishing Risks Rise as Zendesk Subdomains Facilitate Attacks

    A CloudSEK report revealed Zendesk's platform can be exploited for phishing and investment scams

  8. GDPR Fines Total €1.2bn in 2024

    Data from DLA Piper showed a 33% year-on-year fall in GDPR fines issued in Europe in 2024, with total penalties reaching €1.2bn

  9. Oracle To Address 320 Vulnerabilities in January Patch Update

    Critical flaws include those in Oracle Supply Chain products

  10. Russian Ransomware Groups Deploy Email Bombing and Teams Vishing

    Sophos has warned of IT impersonation vishing attacks designed to remotely deploy ransomware

  11. Most European Privacy Teams Are Understaffed and Underfunded

    ISACA research claims privacy budgets are set to decline further in 2025

  12. HPE Launches Investigation After Hacker Claims Data Breach

    HPE is investigating claims of data breach by hacker IntelBroker, who offered stolen files for sale

  13. Indian APT Group DONOT Misuses App for Intelligence Gathering

    Android apps, linked to APT group DONOT, disguised as a chat platform for intelligence gathering

  14. Ukraine's State Registers Restored Following Cyber-Attack

    The December 2024 cyber-attack on the country’s state registers, was attributed to Russian military intelligence services

  15. US Sanctions Chinese Hackers for Treasury, Telecom Breaches

    The US has issued sanctions against an individual and a company involved in recent high-profile compromises of government officials by Chinese state-affiliated hackers

  16. Former CIA Analyst Pleads Guilty to Sharing Top Secret Files

    CIA analysts Asif William Rahman has pleaded guilty to sharing classified documents about an Israeli attack

  17. Data on Half a Million Hotel Guests Exposed After Otelier Breach

    At least half a million accounts have been compromised after a breach at hotel management software firm Otelier

  18. US Supreme Court Gives Green Light to TikTok Ban

    The Supreme Court has upheld a law that could potentially ban TikTok in the US

  19. Lazarus Group Targets Developers in New Data Theft Campaign

    SecurityScorecard identified a new campaign in which the North Korean Lazarus group aims to steal source code, secrets and cryptocurrency wallet keys from developer environments

  20. Star Blizzard Targets WhatsApp in New Campaign

    Microsoft highlighted a new Star Blizzard campaign targeting WhatsApp accounts, as the group adapts its TTPs following the takedown of its infrastructure by law enforcement

Why not watch?

  1. Alert Fatigue: What Are You and Your Security Teams Missing?

  2. How to Manage Your Risks and Protect Your Financial Data

  3. Navigating Exposures in Energy ICS Environments

  4. Auditing AI Risk: Essential Strategies for IT & Compliance Leaders

What’s hot on Infosecurity Magazine?