Security News > 2024 > December

Also, Ascension notifies 5.6M victims, Krispy Kreme bandits come forward, LockBit 4.0 released, and more in brief Google has announced plans to allow its business customers to begin...

Meta Platforms-owned WhatsApp scored a major legal victory in its fight against Israeli commercial spyware vendor NSO Group after a federal judge in the U.S. state of California ruled in favor of...

Italy's data protection authority has fined ChatGPT maker OpenAI a fine of €15 million ($15.66 million) over how the generative artificial intelligence application handles personal data. The fine...

Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back in 2017, I was...

In this Help Net Security interview, Jason Passwaters, CEO of Intel 471, discusses how integrating cybercrime intelligence into an organization’s security strategy enables proactive threat...

As these threat actors become increasingly strategic and harder to detect, organizations must take all measures to protect their data, including cybersecurity training. In this Help Net Security...

With outdated and inadequately maintained components, along with insecure dependencies, the open-source ecosystem presents numerous risks that could expose organizations to threats. In this...

North Korean hackers have stolen $1.34 billion worth of cryptocurrency across 47 cyberattacks that occurred in 2024, according to a new report by blockchain analysis company Chainalysis. [...]

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: MUT-1244 targeting security researchers, red teamers, and threat actors A threat actor tracked as...

A new Microsoft 365 phishing-as-a-service platform called "FlowerStorm" is growing in popularity, filling the void left behind by the sudden shutdown of the Rockstar2FA cybercrime service. [...]