Sunday, December 15, 2024

Cybersecurity News Headlines Trending on Google

Surge in Passkey Security Adoption in 2024

Tech giants such as Google, Amazon, Microsoft, and Facebook are leading the charge in moving away from traditional passwords, embracing passkey security technology. As of 2024, passkey adoption has seen a significant increase. According to a recent survey by the FIDO Alliance, more than 15 billion online accounts now utilize passkey technology to secure user data against sophisticated cyberattacks. Google alone has seen its passkey adoption reach 800 mil-lion users this year, resulting in over 2.5 billion sign-ins in the past two years. Consumer awareness has been a major driver of this shift, with companies like Google and Apple actively promoting passkey solutions over the past eight months. Industry experts predict that this trend will accelerate further in 2025, potentially doubling adoption rates in the coming year.

Long-Lived Credentials Pose a Growing Risk to Cloud Companies

Long-lived credentials—those created by system administrators and left unchanged for extend-ed periods—are emerging as a serious security threat for cloud service providers. According to Datadog’s State of Cloud Security 2024 report, these credentials, if compromised, could lead to significant breaches in major cloud platforms like AWS, Microsoft Azure, and Google Cloud. Experts are urging CIOs and CTOs to implement policies for the regular rotation and management of such credentials to prevent misuse. The failure to address this vulnerability could result in major security incidents affecting cloud-based services.

Mastercard Introduces Biometric Payment Passkey Service in Latin America

Mastercard has unveiled its new biometric Payment Passkey Service in Latin America, allowing users to authenticate online transactions using biometric data, such as fingerprints or facial recognition (ERIS). In partnership with Sympla and Yuno, Mastercard aims to streamline the payment process, eliminating the need for traditional passwords. This launch is part of the company’s broader goal to phase out password requirements entirely by 2030, providing a more secure and user-friendly alternative for digital payments.

Iran-Linked IOCONTROL Malware Targets US and Israeli Critical Infrastructure

A new cyber threat is emerging in the form of a custom malware known as IOCONTROL, allegedly developed by Iranian cyber operatives. According to research by Claroty’s Team82, the malware has been implanted into the operational technology (OT) of critical infrastructure in North America and Israel. The targets so far include water utilities and power plants, where the malware provides hackers with the ability to conduct surveillance and potentially disrupt operations. The cyberattack is attributed to an Iranian hacking group named CyberAv3ngers, which is reportedly expanding its efforts to infiltrate gas stations in the affected regions.

Massive Data Breach at California Hospital Network

PIH Health, a major healthcare provider in California, confirmed that hackers gained access to sensitive patient data after a ransomware attack on December 1st, 2024 and since then its webside is still disrupted. The breach affected over 17 million patient records across three hospitals—Downey Hospital, Good Samaritan Hospital, and Whittier Hospital. The attack caused significant disruption, including the postponement of surgeries and rerouting of ambulances to other hospitals. While PIH Health has not yet verified the full extent of the stolen data, sources on Telegram suggest that a portion of the information is already being sold on the dark web.

MCX Engages EY to Investigate Ransomware Attack

MCX, a U.S.-based foreign exchange brokerage firm, has enlisted the services of EY (Ernst & Young) to investigate a ransomware attack that compromised its systems on December 9th, 2024. The attack, attributed to a hacking group specializing in ransomware, caused significant disruption to MCX’s operations. The company has confirmed that specialists from EY are conducting a thorough investigation to mitigate any potential risks and secure its infrastructure moving forward.

The post Cybersecurity News Headlines Trending on Google appeared first on Cybersecurity Insiders.


December 16, 2024 at 11:30AM

0 comments:

Post a Comment