Infosecurity News
North Korean Hackers Spoofing Journalist Emails to Spy on Policy Experts
The US warns that the North Korea-linked Kimsuky group is exploiting poorly configured DMARC protocols to spoof legitimate domains in espionage phishing campaigns
Indonesia is a Spyware Haven, Amnesty International Finds
Amnesty International found in Indonesia a murky ecosystem of surveillance suppliers, brokers and resellers that obscures the sale and transfer of surveillance technology
Android Flaw Affected Apps With 4 Billion Installs
Microsoft illustrated the severity of the issue via a case study involving Xiaomi’s File Manager
Hackers Target New NATO Member Sweden with Surge of DDoS Attacks
Sweden experienced a wave of DDoS attacks as the country was working towards joining NATO, Netscout found
Three-Quarters of CISOs Admit App Security Incidents
Dynatrace research claims global CISOs are concerned AI is driving advanced app security threats and poor developer practices
Security Breach Exposes Dropbox Sign Users
Attackers accessed emails, usernames, phone numbers, hashed passwords and authentication information
REvil Ransomware Affiliate Sentenced to Over 13 Years in Prison
A US court has sentenced a Ukrainian national to 13 years and seven months in prison for his role in over 2500 ransomware attacks using the REvil strain
US and UK Warn of Disruptive Russian OT Attacks
The US and its allies claim Russian hacktivists are disruptive operations in water, energy, food and agriculture sectors
LockBit, Black Basta, Play Dominate Ransomware in Q1 2024
The data from ReliaQuest also suggests LockBit faced a significant setback due to law enforcement action
UnitedHealth CEO Confirms Breach Tied to Stolen Credentials, No MFA
Andrew Witty made the claims in a written testimony submitted before a House subcommittee hearing
1 in 5 US Ransomware Attacks Triggers Lawsuit
Comparitech found that 18% of ransomware incidents in the US led to a lawsuit in 2023, with 59% of completed lawsuits since 2018 proving successful
Lawsuits and Company Devaluations Await For Breached Firms
New report from Netwrix reveals unplanned expenses impact half of breached firms, including a surge in lawsuits
DBIR: Vulnerability Exploits Triple as Initial Access Point for Data Breaches
The growth of software supply chain attacks pushed vulnerability exploits to the third most used initial access method, Verizon found
Infosecurity Europe Keynote: Building Strong Teams and Driving Change with F1’s Claire Williams
Join Claire Williams at Infosecurity Europe to learn how F1 leadership strategies can inspire cybersecurity leaders
NCSC’s New Mobile Risk Model Aimed at “High-Threat” Firms
The UK’s National Cyber Security Centre claims its AMS model will protect firms from state-backed mobile threats
US Government Releases New Resources Against AI Threats
The US Department of Homeland Security has released new guidelines for securing critical infrastructure and CBRN from AI threats
Ransomware Rising Despite Takedowns, Says Corvus Report
The first quarter of 2024 saw the most ransomware activity ever recorded, Corvus Insurance found in a new analysis
YMCA Fined for Data Breach, ICO Raises Concerns About Privacy for People with HIV
Central YMCA was fined £7,500 for a data breach exposing HIV information of support program participants, prompting the ICO to call for stronger privacy protections for people with HIV
Millions of Malicious Containers Found on Docker Hub
According to JFrog, approximately 25% of all repositories lack useful functionality and serve as vehicles for spam and malware
Disinformation: EU Opens Probe Against Facebook and Instagram Ahead of Election
Meta’s moderation failings could allow coordinated disinformation campaigns to thrive in the run-up to the EU election