A new Europol-led operation has dismantled infrastructure for key initial access malware used to launch ransomware attacks – Read More –
Category: Privacy/Governance Feed
Operation Raptor also resulted in the seizure of $184m and a record amount of illegal drugs, firearms and drug trafficking proceeds – Read More –
Sophos has observed DragonForce attacking rival ransomware operators including RansomHub as it seeks to expand its reach in the cybercrime marketplace – Read More –
Malware campaign exploiting TikTok’s popularity has been observed using social engineering to spread Vidar and StealC – Read More –
Kettering Health is facing significant disruptions from a cyber-attack that impacted patient care – Read More –
The US cryptocurrency exchange claimed that the breach occurred in December 2024 – Read More –
The unpatched vulnerabilities, with a CVSS score of 8.6 to 10.0, can lead to remote code execution via authentication bypass – Read More –
West Lothian Council confirmed that ransomware attackers have stolen personal and sensitive information held on its education network – Read More –
Law enforcers worldwide have teamed up with Microsoft to disrupt the infrastructure behind Lumma Stealer – Read More –
NSA, NCSC and allies warn Western tech and logistics firms of Russian APT28 cyber-espionage threat – Read More –
UK businesses should start to plan for required changes to their cybersecurity programs ahead of the Cyber Security and Resilience Bill – Read More –
A new malware campaign disguised as Kling AI used fake Facebook ads and counterfeit websites to distribute an infostealer – Read More –
Patched privilege escalation flaw in Google Cloud Platform linked to wider cloud security concerns – Read More –
The 19-year-old and his accomplices obtained key data for the extortion scheme in a 2022 breach of a US telco – Read More –
ITRC report finds that 39% of American consumers believe biometric use should be banned – Read More –
An M&S trading update estimates the ongoing cyber-incident will cost £300m, largely from lost sales due to the suspension of online orders – Read More –
A new NCSC guide offers useful information on how to safely and securely dispose of end-of-life assets – Read More –
The Venice.ai chatbot gained traction in hacking forums for its uncensored access to advanced models – Read More –
A data breach at Nationwide Recovery Services compromised data of 200,000 Harbin Clinic patients – Read More –
Researchers at ESET observed strengthened cyber-offensive activity from Russian groups, especially against Ukrainian and European entities – Read More –
Thales found that 73% of organizations are investing in AI-specific security tools, amid surging takeup of GenAI tools in enterprises – Read More –
Around half of US and UK consumers have seen fraud ads and content on ‘refund hacks’ on social media – Read More –
Regeneron, which intends to acquire 23andMe for $256m, says data security and privacy will be a priority – Read More –
Malicious dbgpkg package on PyPI poses as a debugging utility but acts as a delivery mechanism for a stealthy backdoor – Read More –
RomethemeKit for Elementor has released a patch addressing an RCE vulnerability exposing 30,000 sites – Read More –
Civil society groups and academics are calling for the EU’s GDPR to remain unchanged following the EU Commission’s plans to revisit it – Read More –
An Alabama man has been sentenced to 14 months for hacking the SEC’s X account – Read More –
The UK government says that hackers accessed a “large amount” of personal information in attack on Legal Aid Agency – Read More –
Security experts tell Infosecurity about the cloud attack trends in the past year, and how CISOs can mitigate evolving techniques – Read More –
The FBI has warned about an ongoing smishing and vishing scheme using AI deepfakes to impersonate US officials – Read More –
An analysis by Robert Walters found there are around 17,000 cybersecurity vacancies in the UK currently, with organizations struggling to fill open positions – Read More –
In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim’s webmail page – Read More –
New data from Darktrace showed that cyber-attacks targeting healthcare organizations increased in intensity in 2024 – Read More –
Coinbase is offering a $20m reward to help catch the threat actor behind a cyber-attack that could cost it between $180-$400m – Read More –
A stealthy fileless PowerShell attack using Remcos RAT bypassed antivirus by operating in memory – Read More –
The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004 – Read More –
Dior confirmed a data breach compromising customer personal information, discovered on May 7 – Read More –
Researchers discovered over 3000 Linux vulnerabilities in 2024, the most of any category – Read More –
The voluntary cybersecurity charter asks NHS suppliers to commit to eight cybersecurity pledges, amid rising attacks on healthcare – Read More –
Most online merchants now believe customers pose as big a threat as professional fraudsters – Read More –
The ransomware landscape is more fragmented than ever, with no “market leader,” says William Lyne, Head of Intelligence at the NCA – Read More –
Android Enterprise introduced Device Trust to enhance mobile security on Android devices – Read More –
CISA paused plans to overhaul its advisory system after backlash from the infosec community – Read More –
Fortinet and Ivanti published advisories on the same day revealing that attackers are exploiting new zero days, one of which is rated critical – Read More –
While appearing unsophisticated on the surface, Chihuahua Stealer uses advanced methods – Read More –
Law enforcers from multiple countries team up to dismantle a multimillion-euro fraud gang – Read More –
Microsoft has patched seven zero-day bugs, five of which were exploited in the wild – Read More –
Marbled Dust has been exploiting a vulnerability in user accounts associated with the Kurdish military operating in Iraq for over a year, according to Microsoft – Read More –
Cyber espionage campaign linked to North Korean actor TA406 targeted Ukrainian government entities – Read More –
CISA won’t post standard cybersecurity updates on its website, shifting to email and social media – Read More –