Tag: Information Security Buzz

FCC Chairman Brendan Carr has announced the creation of a new Council on National Security within the agency, which he says aims at strengthening US defenses against foreign technology threats — particularly those from China.  According to the FCC, the…

Read more →

As APIs become more integral to both everyday digital services and complex AI systems, concerns over their security are growing — and not without good reason. APIs are the connective tissue of modern software, but without strong governance, they can…

Read more →

The latest threat landscape report from ReliaQuest has unearthed some concerning findings regarding the critical threats faced by the hospitality and recreation sector. These include identifying a 43% increase in ransomware attacks, the discovery that 44% of phishing emails contained…

Read more →

Over 23,000 organizations may be at risk following a supply chain attack affecting tj-actions/changed-files GitHub Action, say researchers at StepSecurity.    GitHub Actions is a CI/CD service that allows developers to automate software builds and testing. Workflows run in response to…

Read more →

A major security flaw has been found in RSA encryption keys used across the internet. Researchers discovered that about one in 172 online certificates are at risk due to a mathematical weakness.  The issue mainly affects Internet of Things (IoT)…

Read more →

In 2024, vulnerability disclosures hit an all-time high, with over 30,000 vulnerabilities recorded in the National Vulnerability Database (NVD). Unfortunately, we can expect these numbers to continue rising as the use of open source, GenAI, and software overall is ever-growing.…

Read more →

In a recent investigation, Tenable researchers explored how DeepSeek, a large language model (LLM) built by a Chinese company, can be exploited to generate malware, including keyloggers and ransomware, despite its initial refusal to engage in harmful activities.  Unlike popular…

Read more →

Microsoft Threat Intelligence has discovered a new variant of XCSSET, a sophisticated modular macOS malware that targets Xcode projects. The malware was found in the wild during routine threat hunting and is the first known XCSSET variant to surface since…

Read more →

Industrial cybersecurity firm Dragos has revealed that a small electric and water utility in Massachusetts was breached by a sophisticated Chinese Advanced Persistent Threat (APT) group for over 300 days.  The attack targeted Littleton Electric Light and Water Departments (LELWD),…

Read more →

OpenAI has officially called on US lawmakers to exempt it from complying with state-level AI regulations, instead urging a unified approach under federal AI rules. It argues that a consistent, nationwide framework is critical to maintain US leadership in AI…

Read more →

The NHS is investigating claims made by a whistleblower regarding a security flaw at Medefer, an online healthcare provider working with the NHS. The whistleblower alleged that a flaw in the company’s application programming interface (API) exposed NHS patient data.…

Read more →

Google’s Threat Analysis Group (TAG) and Mandiant have uncovered a sophisticated espionage campaign linked to China-nexus threat actors, targeting vulnerable Juniper routers used in enterprise and government networks worldwide. This discovery highlights the ongoing risks posed by state-sponsored attacks against…

Read more →

In a joint advisory, US federal agencies have issued a cybersecurity warning about a sharp increase in attacks by Medusa ransomware, urging business leaders and IT teams to act immediately to protect their organizations.  The Federal Bureau of Investigation (FBI),…

Read more →

Kansas-based Sunflower Medical Group disclosed to authorities on 7th March that they had suffered a data breach compromising the personal and confidential information of 220,968 individuals.  In a statement on their website entitled ‘Notice of a Data Security Incident,’ Sunflower provided…

Read more →

Last month, employees at the UK-based engineering firm, Arup, were tricked by a deepfake video of the company’s CFO into transferring $25 million to cybercriminals. This isn’t an anomaly. It’s further proof that social engineering has become cybersecurity’s most costly…

Read more →

New research has revealed that although 86% of employees believe they can confidently identify phishing emails, nearly half have fallen for scams.   The study, conducted by KnowBe4, surveyed professionals in the UK, USA, Germany, France, Netherlands, and South Africa and…

Read more →

The House of Representatives has passed a bill that mandates contractors working with the federal government implement vulnerability disclosure policies (VDPs) in alignment with NIST guidelines.    The Federal Contractor Cybersecurity Vulnerability Reduction Act of 2025, introduced by Chairwoman Nancy Mace…

Read more →

Elon Musk confirmed yesterday that social media platform X was hit by a “massive cyberattack” affecting users since Monday, causing issues like the inability to view posts or profiles properly. “There was (still is) a massive cyberattack against ,” he…

Read more →

A phishing email pretending to be from Binance, offering people the chance to claim newly created TRUMP coins, has turned out to be a phishing lure.   Cofense is warning that if victims follow the email’s instructions and download what is…

Read more →

YouTube was forced to release a statement last week warning users that fraudulent artificial intelligence (AI)- generated videos depicting their CEO Neal Mohan announcing changes in monetization were in circulation. The deepfake videos were sent out as private videos to…

Read more →

As the goal posts of what it means to be (and remain) ‘cyber secure’ constantly change, one thing stays constant: all organizations are viable targets for cybercriminals. It doesn’t matter whether you’re a large enterprise business, startup, or a government…

Read more →

2025 is set to be a massive year for MSPs, the latest MSP Horizons 2025 Report from N-able suggests. Fuelled by robust cybersecurity investments, AI-driven automation, and a surge in M&A activity, the industry is poised for significant growth, with…

Read more →

For their Breaking Digital Trust Report, researchers from Keyfactor analyzed 500,000 digital certificates to identify common certificate defects that could impact organizational security and determine the scale of the issue. They discovered that 91,239 of the 504,736 certificates, a concerning…

Read more →

Phishing and social engineering attacks are exploding as threat actors increasingly discover that humans are the most exploitable entry point in organizations. Unfortunately, 70% of organizations still report that their employees lack critical cybersecurity knowledge, even when many have a…

Read more →

A global effort led by Fortra, Microsoft’s Digital Crimes Unit (DCU), and the Health Information Sharing and Analysis Center (ISAC) has reduced access to weaponized versions of the powerful hacking tool Cobalt Strike by 80%.  Dramatic Reduction in Dwell Time …

Read more →

Did you know that your smart washing machine could be hacked, leading to the theft of your data?  It’s surprising, but this viral story on Twitter will make you rethink smart technology. Smart washing machines are known to consume no…

Read more →

Since 2020, the push for consolidating cybersecurity solutions has gained significant momentum. In 2021, Gartner highlighted vendor consolidation as one of the top security and risk trends. Their article, The Top 8 Security and Risk Trends We’re Watching, revealed that 75%…

Read more →

Following the conclusion of some of their matches this season, as with any other season, the sentiment among Leeds United football supporters that they have “been robbed” can be heard reverberating around the ground, on the terraces, and in the…

Read more →

Broadcom has issued a security alert warning VMware customers about three zero-day vulnerabilities attackers are actively exploiting in the wild. The flaws – CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226 – impact VMware ESX products, including VMware ESXi, vSphere, Workstation, Fusion, Cloud Foundation,…

Read more →

Microsoft Threat Intelligence has warned of a shift in tactics by Silk Typhoon, a Chinese espionage group that is now exploiting vulnerabilities in common IT solutions—including remote management tools and cloud applications—to gain initial access to target entities.   The software…

Read more →

Researchers from Socket have identified an ongoing campaign involving at least seven typosquatted Go packages. These packages impersonate well-known Go libraries and are designed to deploy loader malware on Linux and macOS systems.   Typosquatted packages are malicious software components designed…

Read more →

Cybercriminals are more sophisticated than ever, a new report from CrowdStrike reveals. Breakout times are falling, social engineering is becoming more common and effective, and cyber espionage – particularly that originating in China – is growing increasingly aggressive.   “Our latest…

Read more →

Admins are in a tough position right now. Enterprise ecosystems are expanding, role responsibilities are growing, and hackers are getting smarter. Rather than viewing AI as another potential vulnerability, Hexnode CEO Apu Pavithran argues that admins must embrace it as…

Read more →

A major Microsoft outage on 1 March left tens of thousands unable to access key services like Outlook, Teams, and Office 365 for over three hours. Microsoft has not fully explained the cause but blamed a “problematic code change.”  Timeline…

Read more →

Google has issued an urgent security alert addressing two critical Android vulnerabilities, CVE-2024-43093 and CVE-2024-50302, which are actively being exploited in coordinated attacks targeting devices running Android versions 12 through 15.   The vulnerabilities, patched in the March 2025 Android Security…

Read more →

A new cyber espionage campaign has been uncovered targeting a select group of entities in the United Arab Emirates (UAE), focusing on aviation, satellite communications, and critical transportation infrastructure.   The attack, identified by Proofpoint researchers, used advanced obfuscation techniques and…

Read more →

AI-driven automation and real-time transaction monitoring are the top priorities for organizations seeking to combat fraud, the 2025 Digital Fraud Outlook report published by SEON has revealed. Fraud Budgets Grow, But ROI is Complicated According to the report, 85% of…

Read more →

The Splunk Threat Research Team has uncovered a widespread cyber campaign targeting Internet Service Provider (ISP) infrastructure providers on the West Coast of the United States and in China. Over 4,000 ISP-related IPs were explicitly targeted in this campaign.  The…

Read more →

JFrog a liquid software company and creators of the JFrog Software Supply Chain Platform, has debuted  JFrog ML, a MLOps solution as part of the JFrog Platform designed to enable development teams, data scientists and ML engineers to quickly develop…

Read more →

Cybersecurity information sharing is a crucial element of a strong security culture, and organizations should actively facilitate and encourage it to reduce human risk, a new report from KnowBe4 argues.   Called “Cybersecurity Information Sharing as an Element of Sustainable Security…

Read more →

Cybersecurity researchers at VulnCheck have exposed internal conversations between members of the Black Basta ransomware group, revealing rare insights into the groups’ tactics and actionable advice for cybersecurity defenders. The key takeaway? Black Basta generally prioritizes known weaknesses.   Extensive Use…

Read more →

Defense Secretary Pete Hegseth has ordered U.S. Cyber Command to halt all planning against Russia, including offensive digital operations, The Record reports.  The directive, issued towards the end of last week to Cyber Command chief General Timothy Haugh, heralds a…

Read more →

Eighty-six percent of commercial codebases contain vulnerabilities, with 81% harboring high-or-critical-risk vulnerabilities, new research from Black Duck has revealed.   The 2025 Open Source Security and Risk Analysis (OSSRA) report drives home the massive risk posed by outdated and unmonitored open-source…

Read more →

Microsoft has amended recent civil litigation to name key developers of malicious tools designed to bypass AI safeguards, including those in Azure OpenAI Service.   The legal action targets four individuals—Arian Yadegarnia (Iran), Alan Krysiak (UK), Ricky Yuen (Hong Kong), and…

Read more →

Notorious ransomware gang Qilin has claimed responsibility for the 3 February attack on Lee Enterprises, an American media company.  On its data leak site, Qilin claimed to have stolen 350 GB of data, including “investor records, financial arrangements that raise…

Read more →

The landscape of cybersecurity threats presents increasingly dire challenges for organisations worldwide. According to IBM’s 2024 Cost of a Data Breach Report, the global average cost of a data breach has reached an all-time high of $4.88 million, representing a…

Read more →

The Cleveland Municipal Court, including Cleveland Housing Court, will remain closed today, one week after it was hit by a cyber event.  On its Facebook page on 24 February, it said it is currently investigating a cyber incident. Although it…

Read more →

While cybersecurity threats dominate discussions about data protection, physical access security remains a critical, often overlooked aspect of safeguarding data centers. Even the most advanced firewalls and encryption protocols cannot prevent a breach if unauthorized people can directly access servers,…

Read more →

Check Point Research (CPR) has uncovered a sophisticated cyber campaign leveraging a vulnerable Windows driver to disable security protections, evade detection, and deploy malicious payloads.  They identified a large-scale, ongoing attack campaign that abuses a legacy version of the Truesight.sys…

Read more →

The inaugural International AI Safety Report provides a comprehensive insight into General-purpose AI’s current state, future potential, and associated risks. General-purpose AI refers to AI models or systems that can perform a wide variety of tasks, as opposed to Specialized…

Read more →

Windows CE, a decades-old operating system originally designed for embedded systems, remains a crucial component of industrial control systems (ICS) and supervisory control and data acquisition (SCADA) environments.  However, despite its widespread use in human-machine interfaces (HMI), kiosks, and even…

Read more →

Vast numbers of misconfigured Access Management Systems (AMS) across the globe are exposed to the public Internet, researchers from Internet Index Search Solution provider Modat have revealed.  The vulnerabilities, which span a wide range of industries—including critical sectors like construction,…

Read more →

Researchers at Palo Alto Networks have identified a new Linux malware strain dubbed Auto-Color, which uses cunning, advanced stealth techniques to slip through the security nets and maintain persistence on compromised systems.   The malware, first detected in early November last…

Read more →

At a time when artificial intelligence (AI) is reshaping cybersecurity, conventional approaches to passwords and endpoint management are increasingly vulnerable. AI-powered threats are rapidly evolving, leveraging automation and deep learning to crack passwords, slip past authentication measures, and exploit weaknesses…

Read more →

The Trump administration is set to significantly weaken the CHIPS Act by terminating hundreds of employees at the National Institute of Standards and Technology (NIST), the agency responsible for administering the semiconductor incentive program.    President Biden signed the bipartisan CHIPS…

Read more →

Cybersecurity researchers at SentinelLABS have uncovered a new campaign linked to the long-running Ghostwriter operation, targeting Belarusian opposition activists and Ukrainian military and government entities.   The campaign, which entered its active phase in late 2024, is ongoing, with recent malware…

Read more →

AI has become stronger each year as more industries adopt this technology. Superintelligence is on the horizon, so industry professionals must be one step ahead through superalignment. How could U.S. regulations factor into the equation? Here’s what you should know…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has issued a joint Cybersecurity Advisory on Ghost (Cring) ransomware.   The advisory, titled #StopRansomware: Ghost…

Read more →

A botnet made up of more than 130,000 compromised devices is conducting large-scale password-spraying attacks against M365 accounts, exploiting non-interactive sign-ins with Basic Authentication.   This method lets malicious actors bypass modern login protections, evade multi-factor authentication (MFA) enforcement, and remain…

Read more →

Cisco Talos has been actively tracking reports of extensive intrusion attempts targeting multiple major U.S. telecommunications companies. First identified in late 2024 and subsequently confirmed by the US government, this activity is attributed to a highly advanced threat actor known…

Read more →

In a newly seen phishing campaign, malicious actors have exploited URL manipulation techniques to obfuscate their malicious links, compromising businesses and individuals worldwide.   Check Point researchers identified a whopping 200,000 phishing emails abusing URL information to hide phishing links, with…

Read more →

2025 promises to be a big year in cybersecurity—for all the wrong reasons. While many are familiar with the projection that cybercrime will cost $10.5 trillion, Forrester’s updated report projects the costs will likely be closer to $12 trillion. To…

Read more →

The second annual Fortra State of Cybersecurity Survey is here. It reveals that organizations are ensuring their foundational and fundamental cybersecurity position is robust to combat more sophisticated threats and comply with more stringent regulations. We also see a rise…

Read more →

By 2025, the first major breach of a knowledge management generative artificial intelligence (Gen AI) solution chatbot will make global headlines. This will mark a turning point in cybersecurity for all industries. The widespread adoption of Gen AI-based business solutions…

Read more →

Cyberattacks in the automotive industry are on the rise. They’re also becoming more impactful. And the gap between the risk landscape and organizational resilience is growing. Automotive cybersecurity is at a critical moment, and the choice is clear: close the…

Read more →

Ransomware attacks are no longer a question of “if” but “when” or even “how often”. In this candid interview, Nigel Sampson, a cybersecurity professional, chatted to Joe Pettit, Director at Bora, to share his experience dealing with a LockBit ransomware…

Read more →

Cybercrime-as-a-Service (CaaS) is more than just a trend—it’s here to stay. As sophisticated attack tools become widely (and easily) available, even less experienced cybercriminals can now carry out highly disruptive campaigns.   In fact, Malware-as-a-Service (MaaS) now makes up 57% of…

Read more →

A recent analysis by cybersecurity firm Hudson Rock on its Infostealers site has uncovered alarming vulnerabilities within the US military and its defense contractors due to widespread info stealer malware infections.   According to the company, these infections have compromised sensitive…

Read more →

There are two types of companies, as the saying goes: those that have been hacked and those that don’t know they’ve been hacked. This is especially true in financial services. According to the IMF’s Global Financial Stability Report, nearly one-fifth…

Read more →

Researchers from Trend Micro’s Threat Hunting team have uncovered a new technique employed by the advanced persistent threat (APT) group dubbed Mustang Panda or Earth Preta.   The cyberespionage group has been abusing the Microsoft Application Virtualization Injector (MAVInject.exe) to stealthily…

Read more →

The Qualys Threat Research Unit (TRU) has uncovered two significant vulnerabilities in OpenSSH, a widely used open-source implementation of the Secure Shell (SSH) protocol.   These flaws, tracked as CVE-2025-26465 and CVE-2025-26466, pose substantial security risks to enterprise infrastructure and encrypted…

Read more →

Various threat actors and organizations are expected to undergo significant changes. Deep and Dark Web (DDW) marketplaces will likely be influenced and governed by law enforcement operations and geopolitical factors, while ransomware, digital extortion, and social engineering will continue to…

Read more →

South Korea has formally suspended new downloads of the Chinese AI chatbot DeepSeek, citing concerns over data privacy and compliance with domestic regulations. The suspension took effect on 15  February, according to the Personal Information Protection Commission (PIPC).   While downloads…

Read more →

In the last year, we’ve seen threats become more elaborate and tactical as they leverage the latest technologies. In 2024, data breaches reached the second highest level on record, with 3,158 compromises on the year exposing the data of more…

Read more →

Microsoft Threat Intelligence has uncovered a new variant of XCSSET, a sophisticated modular macOS malware that targets users by infecting Xcode projects. While the latest variant has only been observed in limited attacks, security researchers warn that its enhanced capabilities…

Read more →

As entities of every sector move more apps and workloads to the cloud, security is becoming a top priority. Microsoft Azure, one of the world’s most popular cloud platforms, provides a range of security tools and best practices to help…

Read more →

Jeremiah Fowler, an experienced cybersecurity researcher at vpnMentor and co-founder of Security Discovery, has uncovered a massive data exposure involving nearly 2.7 billion records linked to Mars Hydro, a China-based manufacturer of IoT-enabled grow lights.   The breach, which included sensitive…

Read more →

In MS SQL Server, master database is the primary database that stores system information. This includes login details, linked servers, endpoints, system configurations, existence of other databases, etc. If the master database gets corrupted or damaged, the SQL Server service…

Read more →

eSentire’s Threat Response Unit (TRU) has uncovered a new cyber espionage campaign leveraging a legitimate Adobe executable to sideload the EarthKapre/RedCurl loader. The attack specifically targeted a firm in the Legal Services industry, highlighting the group’s persistent focus on corporate…

Read more →

Two years ago this summer, I became a single mum. It was a bit of a hectic time. I was pregnant with my second child, and my toddler was full of energy. I needed to quickly learn how to balance…

Read more →

Midsized to large organizations often employ a large number of tools and have many interconnected relationships with other organizations and external users. With a complex network of technologies, users, and partners, it can be challenging to maintain control over every…

Read more →

Espionage actors linked to China may be diversifying their operations, as new evidence points to the use of espionage tools in a recent ransomware attack against a South Asian software and services company.   Symantec Threat Intelligence reports that the attack,…

Read more →

The Inside Man is security training like no other. Now in its sixth season, KnowBe4’s Netflix-style security awareness video series boasts a compelling storyline, memorable characters, and, most noticeably, a budget other training providers could only dream of. But does…

Read more →

As people celebrate Valentine’s Day today, malicious actors are jumping on the love bandwagon in an opportunity to exploit heightened emotions and consumer spending with a wave of scam emails.  According to the latest findings from Bitdefender Antispam Lab, a…

Read more →

Storytelling is one of the most ancient and effective forms of human teaching. Just like prehistoric tales warned of the perils lurking in the wild, modern narratives can teach people about the perils lurking in cyberspace. We recently sat down…

Read more →

The growing momentum behind business innovation, particularly in the realm of AI and data, is increasingly driving how businesses operate, invest, and deliver value. Whilst this may not appear different from previous years, the proliferation of new technologies and tools…

Read more →

The Russia-linked threat actor known as Seashell Blizzard has assigned one of its subgroups to gain initial access to internet-facing infrastructure and establish long-term persistence within targeted entity, a Microsoft report has revealed.  Also dubbed APT44, BlackEnergy Lite, Sandworm, Telebots,…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a new Secure by Design Alert warning about the risks posed by buffer overflow vulnerabilities in software.   The alert, titled “Eliminating Buffer Overflow Vulnerabilities,”…

Read more →

Small and medium-sized businesses are highly vulnerable to Business Email Compromise (BEC) attacks. Threat actors are evolving, exploiting human error and trust while leveraging automation tools and AI. To shed light on this evolving threat, Information Security Buzz spoke with…

Read more →

In the short time since its debut, DeepSeek has made waves in the AI industry, garnering praise as well as scrutiny. The model’s meteoric rise has fueled debate over its claimed efficiency, intellectual property worries, and its general reliability and…

Read more →

Ransomware payments decreased by 35.82% year-over-year (YoY) in 2024, research from Chainalysis has revealed. The blockchain analytics company attributes much of this decrease to increased law enforcement actions, improved international collaboration, and a growing refusal of victims to pay.   While,…

Read more →

The UK and the US have opted not to sign an international agreement on artificial intelligence (AI) at a global summit held in Paris. The declaration—endorsed by multiple countries including France, China, and India—commits to an “open,” “inclusive,” and “ethical”…

Read more →

As IT environments grow increasingly complex, the necessity for advanced security measures at the endpoint level has never been more critical. This year will bring a wave of new challenges and opportunities in cybersecurity. Two prominent trends that will shape…

Read more →

Cybercriminals are rapidly evolving their tactics for exploiting large language models (LLMs), with recent evidence showing a surge in LLMjacking incidents. Since Sysdig TRT first discovered LLMjacking in May 2024,  it says attackers have continuously adapted, targeting new models such…

Read more →

Organizations are increasingly prioritizing compliance due to recent regulatory requirements, such as those from the US Government regarding the sale of software to the US government and the EU’s Digital Operational Resilience Act (DORA).   This was one of the findings…

Read more →

Sectigo has introduced Sectigo PQC Labs, a testing platform developed in collaboration with Crypto4A, a provider of quantum-safe Hardware Security Modules (HSMs).   The platform aims to help companies prepare for the transition to post-quantum cryptography (PQC) by offering a secure…

Read more →

The software industry is full of surprises. From development to user experience, it`s a vast avenue of innovations, problem-solving, and security hurdles, driving to create a better and reliable digital landscape for everyone. We spoke with Paul Davis, Field CISO at JFrog,…

Read more →

Morphisec Threat Labs has uncovered cunning new delivery techniques used by ValleyRAT, a sophisticated multi-stage malware attributed to the Silver Fox APT.   The malware, which primarily targets key roles in finance, accounting, and sales, has evolved with updated tactics, techniques,…

Read more →

For long-time cybersecurity industry veterans, we’re in an age that once we never thought possible; cybersecurity has moved from a backroom, “IT-only” relegation to a top-of-mind business objective. Right where we always thought it should be. However, this new era…

Read more →

A recent security analysis conducted by Qualys, using its AualysTotalAI solution, has raised significant concerns about DeepSeek-RI’s risks, particularly in enterprise and regulatory settings.  The newly released large language model (LLM) has captured global attention with its promise of high…

Read more →