Scammers are exploiting the need for loans for Christmas spending, leading to a surge in loan fee fraud – a type of scam where victims are promised loans they never receive, whilst being tricked into paying an upfront charge as a ‘deposit’ or ‘fee.’

The ENISA Threat Landscape for DoS Attacks report provides insights into the motivations, goals, and impacts of DoS attacks, highlighting the need for organizations to enhance their defenses and prepare prevention and remediation strategies.

In one recent case, attackers sent auto-generated emails with attached PDFs personalized with the recipient’s name, detailing an inflated charge for a Disney+ subscription.

A report by the US Government Accountability Office (GAO) has found that 20 US federal agencies have failed to meet the deadline for implementing incident response capabilities required by law.

The breach occurred between August 31, 2023, and September 20, 2023, prompting ERMI to secure its systems, involve law enforcement, and conduct an investigation with a cybersecurity firm.

Meta has announced the rollout of end-to-end encryption (E2EE) in its Messenger app for personal calls and one-to-one messages. This update is considered a significant milestone and comes after years of redesigning the platform.

The bugs, discovered by external security researchers and labeled as CVE-2023-48424, CVE-2023-48425, and CVE-2023-6181, pose a risk of supply chain interception, where hackers replace legitimate software updates with malicious versions.

Seoul police have seized the servers and virtual asset exchanges used by Andariel, arrested the person involved in transferring ransomware funds, and advised organizations to strengthen their cybersecurity measures to prevent future attacks.

Battery Ventures and PayPal Ventures are co-leading this round, with participation also from Nationwide Ventures and all its previous backers, including Saban Ventures, Gradient Ventures, MassMutual Ventures, and Headline Ventures.

Atlassian has released software fixes for four critical vulnerabilities (CVE-2022-1471, CVE-2023-22522, CVE-2023-22523, CVE-2023-22524), including a deserialization flaw and remote code execution vulnerabilities in multiple products.