Category: Information Security Buzz

Securing Health Data in 2025: The Rising Cybersecurity Challenges

Since 1996, the Health Insurance Portability and Accountability Act (HIPAA) has been the cornerstone of patient privacy. The act established standards for how healthcare organizations handle and share patient data, creating a framework for ensuring confidentiality.  But the healthcare landscape…

Sneaky 2FA Kit Exposes Vulnerabilities in 2FA Security

Cybersecurity researchers from Sekoia have discovered a new Adversary-in-the-Middle (AiTM) phishing kit named “Sneaky 2FA,” targeting Microsoft 365 accounts. First discovered in December last year, this phishing kit has been active since at least October 2024 and is distributed as…

Critical Infrastructure Embraces CISA CyHy Service

Critical infrastructure organization enrollment in CISA’s Cyber Hygiene (CyHy) service surged 201% between 1 August 2022, and 31 August 2024, a new report released by the US cybersecurity agency has revealed. The CISA CyHy service is a suite of free…

UK Government Seeking to ‘Turbocharge’ Growth Through AI

Earlier this week, UK Prime Minister Keir Starmer released a statement and made a subsequent speech unveiling and endorsing his government’s AI Opportunities Action Plan (AOAP). He declared Artificial intelligence (AI) to be “the defining opportunity of our generation” foreshadowing…

AWS S3 Buckets Under Siege: New Ransomware Exploits SSE-C

Research from the Halcyon RISE Team has revealed that a ransomware actor dubbed “Codefinger” has launched a new campaign on Amazon S3 buckets, leveraging WS’s Server-Side Encryption with Customer Provided Keys (SSE-C) to encrypt data and render victims powerless to…

The Looming Crisis: Meta, Misinformation, and Public Trust

Meta’s jaw-dropping announcement that it is ending its third-party fact-checking program is likely to trigger increased activity from fake accounts and troll farms, which specialize in disseminating intentional falsehoods. The social media giant’s decision to end its fact-checking initiatives raises…

US Tightens AI Export Controls to Curb Adversarial Misuse

In a move to cement the US’s position as a global leader in artificial intelligence (AI), the Biden-Harris Administration has unveiled an Interim Final Rule on AI Diffusion. The policy hopes to improve national security and economic strength while ensuring…

NFL Giants Green Bay Have Their Online Defense Breached

Whilst the four-time Superbowl Champions, The Green Packers, have rightly been drawing praise this season for their on-field defensive performances, the Organization’s online defense has been called into question following the disclosure of a significant data breach affecting thousands of…

VIPRE Security Shares Cybersecurity Trends for 2025

Last year saw increasingly sophisticated cybersecurity threats as malicious actors leveraged all forms of AI to create difficult-to-detect phishing attacks, deepfakes, and ransomware incidents. To counter these, organizations adopted AI-driven security solutions, including threat detection, automated incident response, and intelligent vulnerability…

Almost 8500 People Affected by Casio Data Leak

Casio has said nearly 8500 people were affected by a ransomware attack that compromised its servers on 5 October last year. The attack led to data leaks, including internal documents and personal information, but no credit card information was included…

When is a RAT, not a RAT?

Have you heard the story about the RAT that pretended to be a RAT? If not, you’d better sit down for this one. There’s a RAT in my kitchen Last month, a malicious package, ethereumvulncontracthandler, was identified on the npm…

High-Severity Vulnerability Discovered in Nuclei: What You Need to Know

An engineering team from Wiz has discovered a critical vulnerability in Nuclei, a popular open-source security tool developed by ProjectDiscovery. The vulnerability, assigned as CVE-2024-43405, enables malicious actors to bypass the tool’s signature verification process, potentially enabling arbitrary code execution.…

Diving into Azure Lateral Movement with Pass-the-PRT

One of the most concerning attack methods I’ve come across recently is ‘Pass-the-PRT.’ It’s not the most likely of cyberattacks, but if successful – your organization’s security is in trouble. And that’s precisely what makes it dangerous—it leverages legitimate authentication…

2024 Year in Review (Part 2)

July AT&T announced (in a financial filing) the discovery of a data breach dating back to 2023 that affects almost every AT&T customer. “The stolen data also includes call records of customers with phone service from other cell carriers that…

2024 Year in Review (Part 1)

As 2023 came to a close, it was easy to predict that breaches would continue to dominate the cybersecurity news. However, the scale of the events, specifically the Change Healthcare breach eclipsed all others for the year.  The other event…

CISA and EPA Warn Water Facilities to Secure Exposed HMIs

The US government is imploring water and wastewater organizations to secure internet-exposed human-machine interfaces (HMIs) that provide access to industrial machines against cyberattacks. Unauthorized access to these HMIs can allow malicious actors to view sensitive information and disrupt operations. HMIs…

Nine Updated Security Measures for the Modern Smart Home

Modern smart homes offer unparalleled convenience, but there’s a catch. Security vulnerabilities can leave you open to cyberattacks, letting criminals “see” far more than they could glimpse through your window curtains—like your bank account number. Taking the following nine measures…

9 Updated Security Measures for the Modern Smart Home

Modern smart homes offer unparalleled convenience, but there’s a catch. Security vulnerabilities can leave you open to cyberattacks, letting criminals “see” far more than they could glimpse through your window curtains—like your bank account number. Taking the following nine measures…

Cybersecurity in 2025 – A New Era of Complexity

As the world steps into 2025, the cybersecurity landscape is set to evolve at an unprecedented pace, driven by the convergence of emerging technologies, sophisticated threats, and tightening regulations. The fourth edition of this report delves into the critical trends…

It’s Beginning to look a lot like Grinch bots

Almost three-quarters (71%) of UK consumers believe that nefariously named ‘Grinch bots’ are ruining Christmas by acquiring all the best presents. This was one of the findings of new research from Imperva, a Thales company. Grinch bots are automated programs…

SpartanWarriorz Phish Kits: Uncovered

Cybercriminals are using phish kits developed by authoring group SpartanWarriorz to target over 300 global brands, new research from Fortra has revealed. Attackers using the kits tend to target financial institutions in North America and Europe, retail, delivery services, and…

Glazed and Confused: Krispy Kreme Battles Cyberattack

Doughnut giant Krispy Kreme has disclosed a cyberattack that happened on 29 November and has led to significant operational disruptions, particularly affecting its online ordering system in parts of the United States. The doughnut chain disclosed the cyberattack in an 8-K…

Phishers Nabbed in International Sting

In a major international crackdown, Belgian and Dutch authorities, supported by Europol and Eurojust, have dismantled a phone phishing gang responsible for large-scale financial fraud across Europe. The operation resulted in eight arrests and significant seizures. Action Day Results Law…

50% of M&A Security Issues are Non-Malicious

More than half of M&A security incidents in 2024 were non-malicious, resulting instead from integration-induced investigation delays, policy and compliance challenges, and issues baselining internal tools, a report from ReliaQuest has revealed. These findings suggest that inherited assets present a…

Brand Impersonations Surge 2000% During Black Friday

Phishing scams impersonating major holiday brands like Walmart, Target, and BestBuy increased by more than 2000% during Black Friday week, new research from Darktrace has revealed. These findings come as part of a wider increase in phishing activity during the…

Data Governance and the Mandate for Tougher Security in 2025

The challenges around data governance are evolving rapidly, driven by the rapid adoption of generative AI, stringent regulatory requirements, and heightened cybersecurity risks. As we approach 2025, organisations are realising that traditional approaches to data governance are no longer sufficient.…

Developing Responsible AI in 2025: The Path to Trust and Compliance

Artificial intelligence (AI) is transforming industries at an unprecedented pace, offering solutions to some of the world’s most complex challenges. But with its immense potential come significant risks—bias, discrimination, data privacy breaches, and security vulnerabilities. Governments worldwide have enacted AI…

Avoiding cyber complacency as a small business

As a small business owner reading endless news stories about cyberattacks against well-known enterprise names, it can be easy to think it won’t happen to you. In reality, hackers don’t discriminate: businesses of all sizes can and do find themselves…

Critical Vulnerabilities Found in Veeam Service Provider Console

Two critical vulnerabilities (CVE-2024-42448 and CVE-2024-42449) have been identified in Veeam Service Provider Console (VSPC), prompting an urgent call for users to update their systems. According to Veeam’s latest security advisory, the vulnerabilities affect all builds of VSPC versions 7…

SmokeLoader Malware Targets Companies in Taiwan

A sophisticated cyberattack using the SmokeLoader malware targeted multiple industries in Taiwan in September 2024, new research from FortiGuard Labs has revealed. SmokeLoader is notorious for its versatility, advanced evasion techniques, and modular design, which allow it to perform a…

Anticipating Change: Key Cybersecurity Trends to Watch in 2025

Thanks to the fantastic response we received, we’re excited to continue our exploration of the evolving cybersecurity landscape. As we approach 2025, the challenges and threats facing businesses, governments, and individuals are becoming increasingly complex. Following our initial insights, we…

As Device Dependency Grows, So Do the Risks

It’s no stretch to say connected devices are taking over the world. In every sector and country, endpoints are driving newfound efficiencies inside the smart home, office, and warehouse. These devices – from sensors to smart meters and industrial controllers…

SpyLoan Apps: The New Face of Financial Exploitation

The McAfee mobile research team has identified a significant global rise in predatory loan applications, commonly referred to as SpyLoan apps, which primarily target Android users. These applications, classified as potentially unwanted programs (PUP), utilize social engineering tactics to manipulate users…

Godot Gaming Engine Exploited to Spread Undetectable Malware

Check Point Research has discovered that cybercriminals are exploiting the popular Godot Engine to spread malware, bypassing detection by nearly all antivirus solutions. The new technique uses Godot’s scripting language, GDScript, to deliver malicious payloads through a loader dubbed “GodLoader,”…

Shop Smart, Stay Safe: Black Friday Edition

As Black Friday approaches, shoppers eagerly hunt for bargains online, but so do malicious actors. Cyber criminals are like pick-pockets, they go where the crowds are, so this high-traffic shopping season presents a smorgasbord of opportunities for malefactors to exploit…

Phishing Attacks Dominate Threat Landscape in Q3 2024

Spearphishing attacks with links and attachments increased in Q3 2024, accounting for 46% of security incidents, ReliaQuest’s Top Cyber Attacker Techniques report has revealed. Initial access methods like spear phishing were the most common MITRE ATT&CK techniques last quarter and have…

How to Back Up Proxmox Data with NAKIVO Backup & Replication

Proxmox Virtual Environment (VE) is a Debian Linux-based virtualization management platform with a customized kernel. Proxmox fully integrates the KVM hypervisor to enable deployment and efficient management of VMs using a user-friendly GUI. This is a free, open-source solution that…

What is CMMC 2.0? And Why is Compliance Crucial?

In an era of increasingly sophisticated cyber threats, the U.S. Department of Defense (DoD) has introduced the Cybersecurity Maturity Model Certification 2.0 (CMMC 2.0) to bolster the cybersecurity posture of its Defense Industrial Base (DIB). This updated framework aims to…

Growing Matrix Botnet Poses Escalating Global Threat

The Matrix botnet is expanding at an alarming rate, with nearly 35 million devices currently vulnerable to compromise. Researchers from Aqua Nautilus who uncovered the threat, warn that even a fraction of these devices falling into the botnet’s control could…

VPN Vulnerabilities Drive Nearly 30% of Q3 Ransomware Attacks

Attackers leveraging vulnerabilities in Virtual Private Networks (VPNs) and exploiting weak passwords accounted for 28.7% of ransomware incidents in Q3 2024, according to Corvus Insurance’s latest Cyber Threat Report. Common credentials like “admin” and a lack of multi-factor authentication (MFA)…

Expert Cybersecurity Predictions for 2025: What Lies Ahead?

As the digital landscape evolves, so do the threats and challenges defining cybersecurity. With 2025 around the corner, ISB reached out to several experts to forecast transformative shifts in how businesses, governments, and individuals protect themselves against increasingly sophisticated cyberattacks.…

Ten Security and Privacy Compliance Requirements for All

The regulatory landscape for data privacy and cybersecurity continues to evolve, presenting significant challenges for organisations worldwide. Key developments include the proliferation of global data privacy laws, the emergence of AI-focused regulations, the implementation of the Cybersecurity Maturity Model Certification…

Malware Turns Trusted Avast Driver Into a Weapon

In a chilling discovery, Trellix Advanced Research Center has uncovered a malicious campaign that turns trusted security tools into instruments of attack. The malware manipulates Avast’s Anti-Rootkit driver (aswArPot.sys) to gain deep system access, disable protective measures, and take full…

Australia Introduces Bill to Ban Kids from Social Media

The Australian Government has unveiled world-first legislation setting a minimum age of 16 for social media use, aiming to bolster online safety for young Australians. The Online Safety Amendment (Social Media Minimum Age) Bill 2024, introduced today, seeks to protect…

Unmasking WolfsBane: Gelsemium’s New Linux Weapon

ESET researchers have uncovered WolfsBane, a Linux cyberespionage backdoor attributed with high confidence to the Gelsemium advanced persistent threat (APT) group. This discovery is a major development, as it is the first public report of Gelsemium deploying Linux malware. The…

Avoiding Common API Security Mistakes

Application Programming Interfaces (APIs) have become the backbone of modern software development, enabling seamless communication between different systems. However, with this increased reliance on APIs comes a heightened need for robust security measures. Read on to explore the critical importance…

Attackers Hijack Misconfigured Servers for Live Sports Streaming

In a surprising discovery, Aqua Nautilus researchers have identified an emerging attack vector that leverages misconfigured servers to hijack resources for streaming sports events. Using honeypots designed to mimic real-world development environments, researchers uncovered how attackers exploited JupyterLab and Jupyter…

5 Questions CISOs Should Be Asking Regarding DSPM

The Data Security Posture Management (DSPM) market is on a meteoric rise, and CISOs are taking note. Gartner predicts that by 2026, one in five organizations will have invested in the technology (up from only 1% in 2022). But in…

Microsoft Vulnerability Poses Risk to Domain Control

A recently disclosed flaw in Microsoft Active Directory Certificate Services (ADCS), identified as CVE-2024-49019, could allow attackers to escalate privileges and gain control of a domain. The vulnerability, rated with a CVSS score of 7.8, is classified as an elevation-of-privilege…