Information security

Information security

A deadly overnight raid by Islamists on a Pakistani army outpost resulted in the deaths of 16 security personnel, claiming responsibility for the attack.

The incident questions the effectiveness of existing security measures at Christmas markets in Germany.

Hackney Council's financial struggles are exacerbated by a cyber attack recovery, leading to significant overspending on staffing and IT consulting.

Noblr was fined $500,000 for a data breach impacting over 80,000 New Yorkers, stressing the need for strong cybersecurity measures among auto insurance firms.

North Korean hackers significantly contribute to rising cryptocurrency theft, with $1.3bn stolen this year, showcasing an escalating threat in the crypto sector.

Rspack npm packages @rspack/core and @rspack/cli were compromised, leading to the distribution of malware through malicious versions published on npm.

Marriott and Starwood must implement a comprehensive information security program after FTC breaches affected over 344 million customers.

Cybersecurity incidents in 2024 highlight the risks of open-source attacks and the ongoing sophistication of bot attacks, necessitating improved security measures.

User 'Product Deactivated' errors in Office apps stem from administrative license changes.

Affected users can resolve issues through reactivation or restarting apps.

Edge browser's Copilot expected to reach 10 billion interactions by 2024, signifying growing AI usage.

Bing search engine sees daily usage by 140 million users, driven by Edge's features.

User-friendly tools and significant performance improvements contribute to Edge's rising popularity.

Retailers must prioritize safety, especially in parking lots, as it heavily influences consumer shopping decisions. Security technology is essential for boosting shopper confidence.

There is an ongoing activation issue in Microsoft 365 Office triggered by licensing changes by administrators.

Sophos has patched critical vulnerabilities in its Firewall products to prevent remote code execution and privileged access.

Zero Trust requires constant verification of user identities and access rights, significantly enhancing security in modern network environments.

Malicious typosquats of legitimate npm packages have been discovered, posing significant risks to developers.

CISA's BOD 25-01 mandates federal agencies to secure cloud environments and adopt secure configuration standards.

LockBit ransomware gang is launching LockBit 4.0 despite recent law enforcement setbacks, aiming to rebuild its brand and attract new affiliates.

Data breaches are rampant, and often result from companies failing to minimize the data they collect, leading to increased harm to victims.

North Korean hackers significantly contribute to the rise in cryptocurrency theft, reflecting an organized, state-sponsored cybercrime effort. They target crypto to evade sanctions.

The holiday season increases email scams, prompting users to be vigilant and report suspicious activities to protect themselves.

McDonald's India delivery system flaws exposed personal data and allowed unauthorized access to customer and driver information.

Vulnerabilities in their API were identified by a security researcher, leading to potential data risks.

The proposal to amend the Computer Misuse Act failed, highlighting the need for legal protections for cybersecurity professionals in the UK.

The CrowdStrike outage was a significant technological failure in 2024, but it also demonstrated effective recovery and the importance of cybersecurity vigilance.

The Computer Misuse Act needs urgent updates to address modern cyber security challenges and allow legitimate research.

Microsoft's Windows 11 24H2 has new audio and Auto HDR bugs affecting users, prompting temporary update halts.