Cybersecurity researchers warn that the recent attacks on Denmark’s energy sector highlight the need for critical infrastructure organizations across Europe to remain vigilant against exploits targeting unpatched network infrastructure devices.

The leaked data, containing names, phone numbers, and addresses, appears to be accurate according to users listed in the file. Customers should be cautious of potential smishing attacks and the misuse of their information for fraudulent purposes.

The complexity of attributing cyber incidents to specific entities, such as nation-states or criminal groups, poses challenges when applying exclusions in insurance policies.

The World Economic Forum’s Global Risks Report 2024 highlights the increasing threat of cyber threats, with misinformation and disinformation being identified as the most severe risk globally.

The NCSC-FI has warned of increased Akira ransomware attacks in December. These attacks targeted companies in Finland and involved wiping backups, making it difficult for victims to recover their data without paying a ransom.

A new Python-based hacking tool called FBot has been discovered, targeting web servers, cloud services, content management systems, and SaaS platforms like Amazon Web Services and Microsoft 365.

MC2 Security Fund has completed its acquisition of Trustwave, a managed security services provider, expanding its reach and placing Trustwave in front of Chertoff Group customers in the commercial and public sectors.

Smaller organizations are increasingly reliant on cloud and online services, making them vulnerable to cyber threats. The guide provides practical advice on choosing the right service, securing user accounts, and recovering from a cyberattack.

Threat group Water Curupira, known for its Cobalt Strike backdoors, recently transitioned to using Pikabot malware in phishing campaigns. Pikabot witnessed a surge in activity in Q4 2023, potentially serving as a replacement for Qakbot after its takedown. Users must exercise caution with email attachments and verify sender authenticity.

The breach occurred in August 2023 when threat actors gained unauthorized access to a company server and stole unencrypted files containing medical records, personal information, and employment records.