Category: Information Security Buzz

Network-attached storage (NAS) devices have become an integral part of modern digital life. These storage solutions provide a convenient way to store and access data from multiple devices over a local network or the internet. While NAS devices are known…

Read more →

Introduction In today’s hyper-competitive business landscape, staying ahead of the competition and maximizing revenue requires access to accurate, up-to-date information about potential customers and market trends. This is where sales intelligence software comes into play. Sales intelligence software helps sales…

Read more →

Introduction Virtualization technology has revolutionized the way we use and manage computing resources. It allows multiple operating systems and applications to run simultaneously on a single physical server, improving resource utilization, scalability, and flexibility. Hypervisors are at the heart of…

Read more →

1. Accusation at the Heart of British Democracy Background on the Tory Parliamentary Expert A Tory parliamentary expert on China has been accused of spying for Beijing from a position at the very heart of the seat of British democracy…

Read more →

There are only three certainties in life. Death, taxes and cybercriminals attempting to steal information they can flip for money. Verizon’s annual Data Breach Investigation Report analyzed more than 23,000 security incidents that occurred in 2022 alone, demonstrating just how…

Read more →

The front page news about generative artificial intelligence (GAI) taking over software development from poor human developers has waned a bit. But there is no doubt that the technology will continue to transform the software development space over time. With…

Read more →

12th September 2023, London: Integrity360, Europe’s front-runner in cybersecurity insights, has unveiled research that every IT professional should heed. Amidst the myriad of cybersecurity threats that have emerged over the years, a new villain has stolen the spotlight – data…

Read more →

In its 2023 State of API Security Report, security company Traceable reported a sharp increase in API-related data breaches. The report is based on feedback from 1629 cybersecurity experts in over six major industries across the United States, the United Kingdom and…

Read more →

In a recent cybersecurity incident, Janssen Pharmaceutical’s CarePath application experienced a data breach, potentially exposing sensitive personal and medical information of its customers. The breach was linked to the application’s third-party technology service provider, IBM. CarePath, an application owned by…

Read more →

Proofpoint published its second annual Cybersecurity: The 2023 Board Perspective report and found that almost 75% of the board members believe that their organizations face a risk of a major cyberattack in the next 12 months, up from 65% the previous year…

Read more →

In a recent revelation, a zero-day vulnerability in the Atlas VPN Linux client has been exposed, putting users at risk of having their real IP addresses leaked. The flaw was publicly disclosed on Reddit, where details of the vulnerability and…

Read more →

In a startling revelation, the UK’s Electoral Commission has admitted to failing a crucial cybersecurity test around the same time it fell victim to a significant cyber-attack. This breach potentially exposed the data of 40 million voters. Background of the…

Read more →

Virtualization is a powerful technology that allows you to run multiple operating systems on a single physical computer. Whether you’re a developer testing different software configurations, a gamer wanting to run Linux alongside Windows, or a professional needing to isolate…

Read more →

In today’s digital age, our lives are increasingly intertwined with technology. We store important documents, precious memories, financial information, and more in the digital realm. Protecting these digital assets is of paramount importance. Whether you’re concerned about losing valuable data…

Read more →

Cybercriminals are capitalizing on a burgeoning opportunity, akin to a modern-day Gold Rush. With the escalating trend of enterprises migrating their data and applications to cloud environments, the potential for cloud-based cyberattacks continues to expand exponentially.   More cloud usage…

Read more →

The increasing adoption of large language models (LLMs) like ChatGPT and Google Bard has been accompanied by rising cybersecurity threats, particularly prompt injection and data poisoning attacks. The U.K.’s National Cyber Security Centre (NCSC) recently released guidance on addressing these…

Read more →

As the new academic year approaches, school leaders are being cautioned by the National Cyber Security Centre (NCSC) to prepare for potential cyberattacks. The Centre has emphasized the necessity of implementing “appropriate security measures” to safeguard against these threats and…

Read more →

In today’s interconnected world, software has become an integral part of our daily lives. From the apps on our smartphones to the software running on our computers, software applications have a global reach. However, as the world becomes more connected,…

Read more →

Executive Summary Claroty, in its 2023 Global Healthcare Cybersecurity Study, unveils unsettling revelations about the state of cybersecurity within the healthcare sector. This independent, global survey involves 1,100 professionals in various roles such as cybersecurity, engineering, IT, and networking. According…

Read more →

Overview Cybersecurity remains a top concern for organizations, given the growing frequency and sophistication of cyber threats. Google Cloud is taking unprecedented steps to confront these challenges head-on, unveiling innovations that leverage artificial intelligence (AI) for enhanced security. These announcements…

Read more →

Operation Duck Hunt Seizes 52 Servers, Over $8.6 Million in Cryptocurrency In a groundbreaking achievement that marks a significant win for global cybersecurity, the FBI, leading a multinational law enforcement coalition, has dismantled QakBot, a notorious malware loader heavily exploited…

Read more →

Introduction In today’s digital age, data security is paramount, with individuals and businesses alike seeking reliable methods to safeguard their valuable files and information. Two popular options that have gained significant attention are Cloud Backup and Network Attached Storage (NAS)…

Read more →

Introduction In today’s digital age, data security is paramount, with individuals and businesses alike seeking reliable methods to safeguard their valuable files and information. Two popular options that have gained significant attention are Cloud Backup and Network Attached Storage (NAS)…

Read more →

In the rapidly evolving landscape of cloud computing, Microsoft Azure and Amazon Web Services (AWS) stand out as two of the most prominent and widely adopted cloud platforms. As businesses increasingly shift their IT infrastructure to the cloud, understanding the…

Read more →

When it comes to cybersecurity, bad actors never stand still. As a result, neither can today’s security professionals, technology providers and data privacy legislators. Indeed, an attacker now needs just 102 minutes to begin to move laterally once they have compromised a…

Read more →

The idea of removing local admin rights from every single user in your organisation is likely to spark strong reactions. But local admin privileges are like juicy colourful fruit waiting to be picked by threat actors and used to penetrate…

Read more →

In a startling revelation, the personal information of over 2.6 million Duolingo users has been compromised and posted on a hacking forum. The breach has led to the unauthorized scraping of sensitive user data, including usernames, email addresses, and potentially…

Read more →

St Helens Borough Council in Merseyside has fallen victim to a suspected ransomware attack, according to an official statement released on Monday, August 21. The local authority has described the incident as a “complex and evolving situation,” with cybersecurity experts…

Read more →

In a significant incident that has raised alarm within the energy sector, Energy One, a prominent wholesale energy software provider, revealed on Friday, 18 August 2023, that certain corporate systems in Australia and the United Kingdom were affected by a…

Read more →

In a startling revelation, Tesla, the Austin, Texas-based electric carmaker, has confirmed that a data breach in May this year led to the exposure of personal information of over 75,735 individuals. Details of the breach were disclosed on Monday, and…

Read more →

In today’s digital landscape, Software-as-a-Service (SaaS) solutions have become integral to the operations of countless businesses. These cloud-based applications offer convenience, scalability, and accessibility like never before. However, with the increasing reliance on SaaS applications, the need for robust backup…

Read more →

In an era where cybersecurity is paramount, the emergence of Secure Access Service Edge (SASE) has revolutionized network protection. However, as technology advances at an unprecedented pace, the question arises: What lies beyond SASE? This article delves into the evolution…

Read more →

In today’s digital landscape, data is invaluable. As businesses and individuals increasingly rely on cloud computing services like Amazon Web Services (AWS), safeguarding data becomes a top priority. Amazon Elastic Compute Cloud (Amazon EC2) is a widely used cloud computing…

Read more →

In today’s increasingly digitized world, the importance of cybersecurity cannot be overstated. From multinational corporations to small businesses, and even individual users, everyone is vulnerable to the ever-evolving landscape of cyber threats. Managed Service Providers (MSPs) have emerged as crucial…

Read more →

In the digital age, data is the lifeblood of businesses and organizations. Protecting this valuable asset is crucial to ensuring business continuity and safeguarding against unforeseen events. In the realm of databases, one of the essential practices for data protection…

Read more →

In the ever-evolving landscape of technology and information security, individuals who possess a diverse skill set are the driving force behind innovation and resilience. One such individual who stands out in this regard is Alex Tray – a polymath with…

Read more →

In our increasingly interconnected world, the protection of data privacy has become a paramount concern. With the rapid advancement of technology and the widespread use of the internet, personal and sensitive information is more vulnerable than ever before. From financial…

Read more →

Recent incidents highlight a pattern of data breaches in police departments. Two leading police forces in England, Norfolk and Suffolk, have publicly acknowledged mishandling sensitive data. This breach affected 1,230 individuals, including victims, witnesses, and suspects related to cases ranging…

Read more →

New findings by Ivanti, a pioneer in the arena of enhanced and secured tech solutions for flexible working, have sparked serious concerns within the IT sector. The company’s latest “Defending IT Talent Report” discloses that a staggering 25% of IT…

Read more →

Clorox, the household cleaning product titan, disclosed a significant cybersecurity incident this week, which led the company to shut down several of its systems temporarily. The revelation came from a regulatory filing with the U.S. Securities and Exchange Commission (SEC)…

Read more →

The best practices and tips for implementing third-party backup tools, including choosing a reliable tool, determining what to back up and setting up a backup schedule. As more and more organizations rely on cloud-based solutions like Microsoft 365, data protection…

Read more →

A data-driven culture is a mindset, a philosophy that encompasses more than mere data collection. It signifies an entire organization’s shift, where every decision is underpinned by data analytics, evidence, and insights, rather than merely relying on intuition or anecdotal…

Read more →

REST and SOAP APIs are the two most common application protocols that define how to build application programming interfaces (APIs). While they share some similarities, there are critical differences that organizations must understand to secure their REST and SOAP APIs…

Read more →

The Amazon Elastic Compute Cloud, popularly known as EC2, is used to run applications on Amazon Web Services (AWS). The amount of data available since the invention of the Internet has increased a great deal. This has increased the need…

Read more →

Considering the known-known statistics, we seem to encounter a serious security breach at least once a week – and these are only the events which are notified or discovered. In fact, according to the BreachAware Report issued end July 2023,…

Read more →

In a recent shocking revelation, the UK has witnessed its most substantial data breach to date. The **Electoral Commission**, an independent body set up by the UK Parliament, confirmed that “hostile actors” penetrated its protective digital barriers, allowing unauthorized access…

Read more →

The recent cybersecurity breach at the Colorado Department of Higher Education (CDHE) underscores the ever-increasing need for robust digital safeguards, especially in the educational sector. This latest ransomware attack has not only placed CDHE in the spotlight but also impacted…

Read more →

In the digital era, even the world of sports isn’t immune to cybersecurity threats. A recent study titled “State of Play” conducted by Microsoft shed light on the amplified risks at major sporting events, highlighting a fertile ground for cybercriminals…

Read more →

In a rapidly digitalizing world, cyber threats continue to evolve, and recent disclosures from Microsoft have reinforced this concern. Microsoft Teams, a widely-used collaboration tool, has been targeted in a sophisticated phishing campaign by a hacker group with ties to…

Read more →

In today’s rapidly evolving digital landscape, organizations face an ever-increasing number of cybersecurity threats. Among these, insider threats are among the most challenging and potentially damaging. Insider threats are the intentional or unintentional misuse of an organization’s assets, systems, or…

Read more →

Social media marketing (SMM) has emerged as a useful tool for businesses to connect with their target audience, establish brand recognition, and generate conversions in the highly competitive landscape. However, social media platforms continue to implement sophisticated security measures to…

Read more →

As technology advances, cybercrime continues to evolve and mature. Fortunately, the market for cyber security solutions is changing. Perpetrators are constantly using new tactics to gain access to systems and improving as well to try and keep ahead of the…

Read more →

In the ever-evolving landscape of cybersecurity threats, a new technique involving Google’s Accelerated Mobile Pages (AMP) is being increasingly used by cybercriminals for phishing attacks. As a widely respected and trusted platform, Google AMP has now unfortunately become a tool…

Read more →

Everlast, the renowned American boxing equipment brand, recently fell victim to a brazen cyberattack orchestrated by a cybergang associated with the world’s biggest online bank heist. The attackers infiltrated Everlast’s online shop, discreetly capturing credit card data during the checkout…

Read more →

Tempur Sealy, the global leader in bedding products, faces a severe cybersecurity crisis as a malicious cyberattack forces the company to take immediate action. The cyber intrusion commenced on July 23 and has significantly impacted Tempur Sealy’s operations, leading the…

Read more →

Moving to the cloud often means lower costs, 24/7 access, and higher security. But higher security doesn’t mean guaranteed. It takes two to make cloud security work: the cloud service provider, and you—the user. While a reputable cloud service provider…

Read more →

New SEC Rules for Cyber Attack Disclosure The U.S. Securities and Exchange Commission (SEC) has approved new rules that mandate publicly traded companies to disclose details of a cyber attack within four days of identifying a “material” impact on their…

Read more →

New API Rules Unveiled In a bid to enhance user privacy, Apple has unveiled a significant modification to its App Store API regulations. From fall 2023 onwards, developers will be mandated to justify their utilization of certain APIs capable of…

Read more →

SEC Mandates Cyber Attack Disclosure Within Four Days: A Major Shift in Cybersecurity Transparency The U.S. Securities and Exchange Commission (SEC) has approved new rules that mandate publicly traded companies to disclose details of a cyber attack within four days…

Read more →

There are now more identities than ever, thanks to shifts to the cloud and other emerging technologies and trends. For one thing, with more people now working remotely or in a hybrid model, there’s been a major shift to the…

Read more →

Data regulations are likely top of mind for any business leader, with the new EU Data Act being the latest in a long list that will be leading businesses to take stock of how they manage and secure sensitive consumer…

Read more →

Data breaches can be incredibly costly. Be it lawsuits, regulatory fines, or a fall in stock price, the financial consequences of a breach can bring even the largest organization to its knees. However, in the face of economic damage, it’s…

Read more →

Security researchers from Midnight Blue, a Netherlands-based security firm, have discovered five vulnerabilities in the Terrestrial Trunked Radio (TETRA) communication systems. These systems are extensively used by government agencies, law enforcement, and emergency services organizations across Europe, the United Kingdom,…

Read more →

The IBM Cost of a Data Breach Report 2023 serves as a critical resource for understanding the financial implications of data breaches. This article aims to spotlight the key findings from the report, providing valuable insights for business leaders. The…

Read more →

In the rapidly evolving cybersecurity landscape, the concept of Zero Trust has emerged as a critical framework for enhancing security infrastructure. A recent survey conducted by PlainID, the Authorisation Company™, provides valuable insights into the implementation of Zero Trust programmes.…

Read more →

In a bid to bolster the security of digital products like smart TVs, home cameras, connected toys, and smart fridges before they hit the market, representatives from EU member states have agreed on a shared position regarding the proposed Cyber…

Read more →

Ah, summer vacation. Something we almost all look forward to each year – a time to relax and reset. It’s a time for employees to take a much-deserved break from work and recharge their batteries. It’s also a time for…

Read more →

Whilst the conceptual and academic discussions around dangerous forms of code have been on the agenda for many decades past, it was in 1983 when the young student Fred Cohen (who I think of as a distant friend) created the…

Read more →

One of the most pressing concerns in the digital age is the abundance of cyber threats from all directions, with a large number of those threats coming from email. Users must be aware of what threats exist, how to detect…

Read more →

Executive Summary In today’s complex and volatile business environment, Enterprise Risk Management (ERM) has become a strategic imperative. This article provides a comprehensive guide to aligning risk appetite, tolerance, and thresholds with strategic, operational, and tactical business planning activities. It…

Read more →

In the digital age, data is one of the most valuable assets a company can possess. However, with the increasing value of data comes the increasing risk of data loss, breaches, and non-compliance with data protection regulations. This is where…

Read more →

The humble password. A pillar of society and a cybersecurity comfort blanket for end users (and IT teams) across different applications and programmes across the globe. Humanity has been using passwords in one form or another for centuries. However, the first…

Read more →

It’s no secret that penetration testing is among the most effective methodologies for helping determine an organization’s risk posture. While it’s true that other standard processes like gap assessments, auditing, architecture reviews, and vulnerability management all offer significant value, there’s…

Read more →

Historically, the financial services sector has been the most attacked by cybercriminals. Still, in 2021 there was a substantial shift, and a different industry ranked at the top for the first time – the manufacturing industry. For the second year…

Read more →

In the realm of data loss prevention (DLP) solutions, Forcepoint DLP has solidified itself as a market-leading choice, recognized for its comprehensive coverage, robust feature set, and user-friendly interface. This review delves into the strengths and potential shortcomings of this…

Read more →

In a bid to protect its users, Apple has rolled out an important update, iOS 16.5.1, along with macOS 13.4.1, which patches two critical security flaws that have been actively exploited. The company has taken immediate action to remediate these…

Read more →

In the first quarter of 2023, the Trellix Advanced Research Center (ARC) has unveiled a comprehensive CyberThreat Report, delivering crucial insights into the evolving global threat landscape. The study meticulously analyses the key challenges faced by CISOs and SecOps teams,…

Read more →

In the vast and evolving world of cybersecurity, where cryptic jargon and a vast array of certifications can sometimes seem daunting, it is vital to recognize that the pathway to success lies not merely in the accumulation of theoretical knowledge…

Read more →

Introduction: In today’s interconnected world, the threat of cyber attacks is a constant concern for organizations across all industries. While the term “cybersecurity” is widely debated, the concept of cyber resilience offers a more comprehensive approach to mitigating risks. Cyber…

Read more →

Today’s evolving interconnected digital world has created a diverse and intricate threat landscape for organizations. Within this landscape, insider and outsider threats have emerged as significant security risks organizations must address. While the debate regarding the severity of insider versus…

Read more →

Introduction Data security is a top priority for businesses worldwide. As the volume and value of data continue to grow, the need to protect sensitive information from unauthorized access, disclosure, and data breaches has become vital. Organizations must implement effective…

Read more →

A hacking forum has exposed a database containing the personal data of over 8.8 million users of Zacks Investment Research, surpassing the company’s initial data breach reported in January 2023. The database, as confirmed by data breach notification service Have…

Read more →

Description: Fortinet has urgently issued security updates to remediate a critical vulnerability in its SSL VPN product. The vulnerability, identified as CVE-2023-27997, enables attackers to execute arbitrary code on susceptible systems. This vulnerability originates from the way Fortinet SSL VPN…

Read more →

The Verizon 2023 Data Breach Investigations Report (DBIR) presents a comprehensive analysis of global data breaches, offering valuable insights into the contemporary state of cybersecurity threats. In this analysis, we will delve into key findings from the report, including the…

Read more →

Summary: Both British Airways and Boots have recently fallen victim to data breaches, resulting in millions of customers’ personal information being compromised. Hackers accessed the personal information of 380,000 British Airways customers and 90,000 Boots customers, including sensitive data such…

Read more →

Inspired e-Learning’s  new cybersecurity awareness training game, Phishin’ Impossible, takes a novel approach in teaching employees about cyber threats. Players assume the role of a white hat hacker tasked with crafting convincing scam emails to fool unsuspecting staff. Players learn…

Read more →

Our recent Threat Report showed that while, on the whole, overall threat detections fell by 13.2%, there was one category that thrived: Android. The category registered a remarkable growth of 57% in detections, driven by a 163% increase in Adware…

Read more →

Meta Faces Hefty €1.2bn Fine For GDPR Breach In EU-US Data Transfers Meta was fined €1.2bn for transmitting consumer data to the US. Ireland’s Data Protection Commission (DPC) punished Facebook for EU data protection violations on Monday. It said Dublin-based…

Read more →

After days of doubt, and despite official claims of a “cyber incident,” the BlackByte ransomware gang has claimed credit for the computer attack on the City of Augusta. BlackByte, notorious for attacking the US government and financial institutions as well…

Read more →

Security specialists have detected a new type of malware, named “CosmicEnergy,” that possesses the potential to wreak havoc on key infrastructure systems and electricity networks. The researchers from Mandiant discovered the malware, which they claim has capabilities similar to the…

Read more →

Apria Healthcare, a manufacturer of medical equipment for the home, is sending out breach notifications to roughly two million people whose information may have been stolen in data breaches in 2019 and 2021. Close to two million people in the…

Read more →

According to Microsoft and the “Five Eyes” governments, an invisible Chinese hackers infiltrated and remained undetected in critical infrastructure organizations in the United States and Guam for years. Under the codename Volt Typhoon, the tech giant’s threat intelligence team is…

Read more →

The perpetrators behind the budding Buhti ransomware have abandoned their own payload in favor of exploiting vulnerabilities in Windows and Linux using the exposed LockBit and Babuk ransomware families. The cybersecurity firm knows them as Blacktail and is following them.…

Read more →

Barracuda, a provider of email and network security solutions, issued a warning to its customers today that a zero-day vulnerability had been exploited to compromise some of their Email Security Gateway (ESG) equipment last week. The email attachment scanning module…

Read more →

Based on a research by Tel Aviv-based cybersecurity firm ClearSky, several Israeli shipping and logistics websites were hacked to collect customer data. The business has “low confidence” that the Iranian hackers outfit Tortoiseshell (also known as TA456 and Imperial Kitten)…

Read more →

Back in March, Microsoft released data suggesting that Russian hacker groups were appearing to be preparing for a renewed wave of cyber-attacks against Ukraine, including a ransomware-style threat to organisations serving Ukraine’s supply lines. At the time, Clint Watts, General…

Read more →

GoldenJackal is a new advanced persistent threat actor that targets government and diplomatic organizations in the Middle East and South Asia. Kaspersky Labs, a Russian cybersecurity company, has been monitoring the group’s actions since the middle of 2020 and has…

Read more →

Many small businesses believe they are immune to cyberattacks because of their presumed lack of valuable information (such as customer data or computing resources), but this is far from the truth. The allure of a small business to cybercriminals lies…

Read more →

Picture this: you are a developer working tirelessly to streamline your workflows and keep up with the ever-increasing demands of your organization. But what if the AI and automation tools you rely on to make your job easier could be…

Read more →

Earlier yesterday, the stock market took a small fall due to highly realistic AI-generated visuals going popular on Twitter suggesting an explosion near the Pentagon. Many verified Twitter accounts, including a Russian state media account with millions of followers and…

Read more →