Infosecurity News
Congress Introduces Bill to Strengthen Healthcare Cybersecurity
The legislation aims to expand the federal government’s role in helping healthcare providers protect and respond to cyber-attacks
20,000 Asian IPs and Domains Dismantled in Infostealer Crackdown
Interpol-coordinated Operation Secure led to 32 arrests, including the suspected ringleader of a cybercriminal organization
Hands-On Skills Now Key to Landing Your First Cyber Role
An ISC2 study found that 90% of security hiring managers would consider entry-level candidates with only previous IT work experience
Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud
The products affected by the issues are part of the Salesforce OmniStudio suite, including FlexCards and Data Mappers
Half of Mobile Users Now Face Daily Scams
Malwarebytes claims 44% of mobile users are exposed to scams every day
Two Microsoft Zero-Days for Admins to Fix in June Patch Tuesday
Microsoft has patched two zero days this month, one of which is being exploited in the wild
Android Enterprise Rolls Out Security and Productivity Updates
Android Enterprise has introduced features for mobile security, device management and user productivity in its latest update
Mastery Schools Notifies 37,031 of Major Data Breach
A ransomware attack on Mastery Schools, Philadelphia, has compromised personal information of 37,031 individuals, exposing sensitive data
DDoS Attacks on Financial Sector Surge in Scale and Sophistication
The financial sector was the industry most targeted by distributed denial-of-service (DDoS) attacks in 2024, with a peak in October
SentinelOne Warns Cybersecurity Vendors of Chinese Attacks
SentinelOne revealed details of two new intrusion attempts by China-nexus actors
Wholesale Food Giant UNFI Admits Security Breach
UNFI says it is investigating unauthorized network activity, and that some operations are affected
PayU Plugin Flaw Allows Account Takeover on 5000 WordPress Sites
Vulnerability in PayU CommercePro plugin allows account hijacking on thousands of WordPress sites
New Wiper Malware Targets Ukrainian Infrastructure
New PathWiper malware targeted Ukrainian critical infrastructure, using legitimate tools for cyber-attacks
Trump Administration Revises Cybersecurity Rules, Replaces Biden and Obama Orders
A new Trump Executive Order limits the use of cybersecurity-related sanctions only against foreign malicious actors
US Tries to Claw Back $7m Taken by North Korean IT Workers
The Justice Department has filed a civil forfeiture complaint alleging North Korean IT workers amassed $7m+
FBI Warns Smart Home Users of Badbox 2.0 Botnet Threat
The FBI says mainly Chinese-made IoT devices pose a threat from Badbox 2.0 malware
Scattered Spider Uses Tech Vendor Impersonation and Phishing Kits to Target Helpdesks
The ransomware group combines IT vendor impersonation and phishing frameworks like Evilginx to breach its targets
#Infosec2025: Top Six Cyber Trends CISOs Need to Know
Experts at Infosecurity Europe 2025 highlighted a range of major industry trends, from advanced social engineering techniques to vulnerability exploits
#Infosec2025: Cybersecurity Lessons From Maersk’s Former CISO
2017 ransomware attack on shipping company A P Moller Maersk marked a turning point for the cybersecurity industry, according to its former CISO Adam Banks
#Infosec2025: DNS Hijacking, A Major Cyber Threat for the UK Government
During Infosecurity Europe 2025, Nick Woodcraft, from the UK Government, shared his experience in implementing measures to protect domains within the .gov.uk DNS namespace
