Category: Privacy/Governance Feed

A variant of the WikiLoader malware was observed being delivered via SEO poisoning and spoofing Palo Alto Networks’ GlobalProtect VPN software    – Read More  –  

Searchlight Cyber observed a 56% rise in active ransomware groups in H1 2024, demonstrating the growing fragmentation of the ransomware landscape    – Read More  –  

London’s transport body, TfL, is playing down the impact of a cybersecurity incident on its services    – Read More  –  

Three British men are facing jail after pleading guilty to running an MFA bypass site dubbed “OTP Agency”    – Read More  –  

Agencies under the #Stopransomware banner publish details of RansomHub group’s tactics, indicators of compromise and essential mitigations    – Read More  –  

Fota Wildlife Park in Co Cork has told visitors to its website to cancel credit and debit cards, following a cyber-attack    – Read More  –  

Chainalysis report reveals a likely increase in new internet scams this year as fraudsters adapt to increasing enforcement efforts    – Read More  –  

Threat actors are exploiting a vulnerability found in CCTV cameras used in critical infrastructure to spread a Mirai malware variant    – Read More  –  

BlackByte, linked to the Conti group, exploited VMware ESXi CVE-2024-37085 to control virtual machines    – Read More  –  

North Korean groups exploited npm packages in coordinated attacks, targeting developers and cryptocurrency wallet browser extensions    – Read More  –  

In a campaign targeting Mongolian government websites, Russian-backed APT29 leveraged exploits previously used by spyware vendors NSO Group and Intellexa    – Read More  –  

Forescout highlighted a 43% increase in published vulnerabilities in H1 2024, with attackers targeting flaws in VPNs and network infrastructure for initial access    – Read More  –  

Proofpoint has uncovered a new cyber-espionage campaign deploying new malware dubbed “Voldemort”    – Read More  –  

Truesec claims new Cicada3301 ransomware-as-a-service group could have ties to ALPHV/BlackCat and Brutus    – Read More  –  

The US FTC has proposed a $2.95m fine for security camera firm Verkada for alleged security failings that allowed hackers to access customers’ video footage    – Read More  –  

The Asian country’s law enforcement suspects the instant messaging app of abetting deepfake sex crimes    – Read More  –  

The UK’s ICO has identified children’s privacy concerns in 11 social media and video sharing platforms, warning of regulatory action if these issues are not addressed    – Read More  –  

The US Government Accountability Office has told the Environmental Protection Agency to urgently develop a strategy to tackle rising cyber-threats to the water industry    – Read More  –  

The rise in DDOS attacks against the gaming industry is accompanied by increasing bot activity    – Read More  –  

The UK’s NCSC is launching ACD 2.0, an advanced suite of cybersecurity tools and services designed to protect businesses from evolving cyber threats    – Read More  –  

CloudSek said the RansomEXX breach occurred via a misconfigured Jenkins server at Brontoo Technology    – Read More  –  

UK authorities shut down a scam platform responsible for over 1.3 million calls to 500,000 victims, resulting in millions of pounds in losses    – Read More  –  

Pharma company Cencora confirmed in an updated SEC filing that sensitive personal and health data was exfiltrated by attackers in a February 2024 incident    – Read More  –  

The “Eriakos” info-stealing campaign is using hundreds of fake web shops to defraud victims    – Read More  –  

A Vipre study reveals a 20% increase in business email compromise attacks    – Read More  –