Tag: Information Security Buzz

The Trump administration is set to significantly weaken the CHIPS Act by terminating hundreds of employees at the National Institute of Standards and Technology (NIST), the agency responsible for administering the semiconductor incentive program.    President Biden signed the bipartisan CHIPS…

Read more →

Cybersecurity researchers at SentinelLABS have uncovered a new campaign linked to the long-running Ghostwriter operation, targeting Belarusian opposition activists and Ukrainian military and government entities.   The campaign, which entered its active phase in late 2024, is ongoing, with recent malware…

Read more →

AI has become stronger each year as more industries adopt this technology. Superintelligence is on the horizon, so industry professionals must be one step ahead through superalignment. How could U.S. regulations factor into the equation? Here’s what you should know…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has issued a joint Cybersecurity Advisory on Ghost (Cring) ransomware.   The advisory, titled #StopRansomware: Ghost…

Read more →

A botnet made up of more than 130,000 compromised devices is conducting large-scale password-spraying attacks against M365 accounts, exploiting non-interactive sign-ins with Basic Authentication.   This method lets malicious actors bypass modern login protections, evade multi-factor authentication (MFA) enforcement, and remain…

Read more →

Cisco Talos has been actively tracking reports of extensive intrusion attempts targeting multiple major U.S. telecommunications companies. First identified in late 2024 and subsequently confirmed by the US government, this activity is attributed to a highly advanced threat actor known…

Read more →

In a newly seen phishing campaign, malicious actors have exploited URL manipulation techniques to obfuscate their malicious links, compromising businesses and individuals worldwide.   Check Point researchers identified a whopping 200,000 phishing emails abusing URL information to hide phishing links, with…

Read more →

2025 promises to be a big year in cybersecurity—for all the wrong reasons. While many are familiar with the projection that cybercrime will cost $10.5 trillion, Forrester’s updated report projects the costs will likely be closer to $12 trillion. To…

Read more →

The second annual Fortra State of Cybersecurity Survey is here. It reveals that organizations are ensuring their foundational and fundamental cybersecurity position is robust to combat more sophisticated threats and comply with more stringent regulations. We also see a rise…

Read more →

By 2025, the first major breach of a knowledge management generative artificial intelligence (Gen AI) solution chatbot will make global headlines. This will mark a turning point in cybersecurity for all industries. The widespread adoption of Gen AI-based business solutions…

Read more →

Cyberattacks in the automotive industry are on the rise. They’re also becoming more impactful. And the gap between the risk landscape and organizational resilience is growing. Automotive cybersecurity is at a critical moment, and the choice is clear: close the…

Read more →

Ransomware attacks are no longer a question of “if” but “when” or even “how often”. In this candid interview, Nigel Sampson, a cybersecurity professional, chatted to Joe Pettit, Director at Bora, to share his experience dealing with a LockBit ransomware…

Read more →

Cybercrime-as-a-Service (CaaS) is more than just a trend—it’s here to stay. As sophisticated attack tools become widely (and easily) available, even less experienced cybercriminals can now carry out highly disruptive campaigns.   In fact, Malware-as-a-Service (MaaS) now makes up 57% of…

Read more →

A recent analysis by cybersecurity firm Hudson Rock on its Infostealers site has uncovered alarming vulnerabilities within the US military and its defense contractors due to widespread info stealer malware infections.   According to the company, these infections have compromised sensitive…

Read more →

There are two types of companies, as the saying goes: those that have been hacked and those that don’t know they’ve been hacked. This is especially true in financial services. According to the IMF’s Global Financial Stability Report, nearly one-fifth…

Read more →

Researchers from Trend Micro’s Threat Hunting team have uncovered a new technique employed by the advanced persistent threat (APT) group dubbed Mustang Panda or Earth Preta.   The cyberespionage group has been abusing the Microsoft Application Virtualization Injector (MAVInject.exe) to stealthily…

Read more →

The Qualys Threat Research Unit (TRU) has uncovered two significant vulnerabilities in OpenSSH, a widely used open-source implementation of the Secure Shell (SSH) protocol.   These flaws, tracked as CVE-2025-26465 and CVE-2025-26466, pose substantial security risks to enterprise infrastructure and encrypted…

Read more →

Various threat actors and organizations are expected to undergo significant changes. Deep and Dark Web (DDW) marketplaces will likely be influenced and governed by law enforcement operations and geopolitical factors, while ransomware, digital extortion, and social engineering will continue to…

Read more →

South Korea has formally suspended new downloads of the Chinese AI chatbot DeepSeek, citing concerns over data privacy and compliance with domestic regulations. The suspension took effect on 15  February, according to the Personal Information Protection Commission (PIPC).   While downloads…

Read more →

In the last year, we’ve seen threats become more elaborate and tactical as they leverage the latest technologies. In 2024, data breaches reached the second highest level on record, with 3,158 compromises on the year exposing the data of more…

Read more →