The hacking groups ShinyHunters and Nemesis have executed a large-scale cyber operation exploiting vulnerabilities in public websites, resulting in the theft of sensitive data from numerous organizations.
A sophisticated phishing campaign is targeting job seekers through fraudulent job listings, distributing the AppLite Banker malware variant primarily on Android devices to steal personal and corporate credentials.
The increasing frequency of cyberattacks on software supply chains, exemplified by incidents like the SolarWinds and Okta breaches, underscores the urgent need for enhanced security measures and continuous monitoring to protect against vulnerabilities.
The number of cyber-attacks reported by large regulated financial institutions to the UK’s Financial Conduct Authority has significantly decreased by 53% in 2024, attributed to enhanced regulations and increased vigilance within the sector.
A critical zero-day vulnerability, CVE-2024-49138, in the Microsoft Windows Common Log File System Driver poses significant risks, allowing local attackers to execute arbitrary code and elevate privileges, with active exploitation reported.
The UK’s Information Commissioner’s Office has decided to extend its revised public sector approach, which emphasizes warnings and reprimands over fines, following a successful two-year trial that improved data protection compliance among public sector organizations.
