Tag: Information Security Buzz

Data centers have become integral to modern companies, considering the amount of information necessary for operations. These systems remain in place most of the time, but your business could determine it is time to move. How can you ensure safety…

Read more →

The cybersecurity landscape is marked by sophisticated malware strains designed to harvest sensitive data, get a foothold on company networks, and generally wreak havoc. A new report from ReliaQuest examines five malware variants that have recently impacted the threat landscape…

Read more →

Claims on cyber insurance have dropped by more than a third between 2022 and 2024, despite more organizations than ever having this type of cover. This was revealed in Databarracks’ Data Health Check – an annual survey of 500 UK…

Read more →

In a year marked by significant shifts in the cybercrime landscape, 2024 is on track to become the highest-grossing year for ransomware, even as overall illicit activity on the blockchain has declined by nearly 20% year-to-date. This trend highlights the…

Read more →

Sophos researchers have uncovered a new tool, EDRKillShifter, that malicious actors are using to target endpoint detection and response (EDR) systems. The discovery came after an unsuccessful ransomware attack in May. The threat actors deployed the tool to disable endpoint…

Read more →

Background check provider National Public Data (NPD) has confirmed a data breach after hackers leaked a stolen database containing millions of Social Security numbers and other sensitive information. The compromised data reportedly includes names, email addresses, phone numbers, Social Security…

Read more →

Cybersecurity has never been something to set once and leave running in the background—it is a constantly evolving landscape. While the migration of data and applications to the cloud provides numerous business benefits, many organisations struggle to secure their networks…

Read more →

Over the last few years, attacks against the healthcare sector have been severe and widespread, targeting sensitive patient data and critical medical operations. The 2020 ransomware attack on Universal Health Services, which led to the shutdown of systems across 400…

Read more →

Remember the Hydra, the multi-headed creature from Greek mythology? Warriors attempting to slay the beast faced a seemingly impossible challenge: when they cut off one head, multiple heads re-emerged. Security teams entrusted with Identity and Access Management (IAM) can relate…

Read more →

Researchers from Kaspersky have detected a series of ongoing targeted cyberattacks on dozens of computers at Russian government entities and IT organizations. The bad actors infected devices via phishing emails with malicious shortcut attachments. These shortcuts were used to deliver…

Read more →

A Moscow-based Russian national, Georgy Kavzharadze, has been sentenced to 40 months in federal prison for selling stolen financial information on the dark web marketplace known as Slilpp. The US Attorney’s Office for the District of Columbia announced that Kavzharadze,…

Read more →

Malware loaders are a significant threat in the cybersecurity landscape, with nearly 40% of all malware observed in critical security incidents involving these specialized tools. Among the most prevalent loaders are “SocGholish,” “GootLoader,” and “Raspberry Robin,” which have been frequently…

Read more →

The World Wide Web is the greatest tool for sharing information humankind has ever created. Unfortunately, lies and fake news spread over the Internet just as well. It is so easy for disinformation to proliferate online that it takes the…

Read more →

In 2024, email breaches continue to pose a significant threat to personal and corporate security, with millions of email addresses exposed in data hacks. An email breach occurs when malicious actors infiltrate a company’s system, stealing customer data, including email…

Read more →

The US Department of Commerce’s National Institute of Standards and Technology (NIST) has officially released its first set of finalized encryption standards designed to withstand attacks from quantum computers. These post-quantum encryption standards are expected to secure a wide array…

Read more →

Twitter, recently rebranded as “X,” is under increased scrutiny after nine additional complaints were filed across Europe, alleging the company unlawfully used the personal data of over 60 million EU/EEA users to train its AI technologies without their consent. This…

Read more →

A staggering 94% of companies have fallen victim to phishing attacks over the last year, while 91% experienced data loss or exfiltration incidents. It’s not surprising, then, that 95% of cybersecurity leaders are increasingly stressed about email security, particularly phishing…

Read more →

Medical organizations must implement robust cybersecurity solutions due to the sensitivity of the data they handle and the increasing frequency of cyberattacks. As these organizations rely more heavily on technology for storing and managing patient data in the digital era,…

Read more →

Cybercriminals have significantly increased their use of data-exfiltration tools, which are highly effective for stealing sensitive data and evading detection. This was revealed in a recent report by ReliaQuest, which highlights the evolving strategies of threat actors in the digital…

Read more →

In the evolving financial services landscape, Application Programming Interfaces (APIs) have become fundamental tools for facilitating seamless digital transactions and interactions. However, as the reliance on these technologies grows, so does the need for stringent API security. Ensuring the safety…

Read more →

Modern technology has led to the rise of self-driving cars. While advantageous in some aspects, the autonomous vehicle concept introduces cybersecurity challenges. There is also innovation and concern with aviation cybersecurity and autonomous aircraft. Here’s what you need to know…

Read more →

The healthcare industry is poised for a cybersecurity transformation, with passwordless authentication at the forefront. Utilizing passkeys and biometrics improves user experience and significantly strengthens data security against contemporary threats such as credential stuffing and MFA fatigue. So says Phil…

Read more →

Vectra AI, a provider of AI-driven Extended Detection and Response (XDR) solutions, has expanded its Vectra AI Platform, enhancing its ability to provide Security Operations Center (SOC) teams with a real-time view of their active posture. This expansion leverages the…

Read more →

Approximately 2.38 million customers worldwide use Amazon Web Services (AWS) to host and power their cloud-based business assets, per a recent market report. If you’re reading this, you’re probably one of them. With officially over half (50.1%) of the market…

Read more →

Advanced Computer Software Group Ltd (Advanced) is facing a provisional fine of £6.09 million following a 2022 ransomware attack that disrupted NHS and social care services. The Information Commissioner’s Office (ICO) has preliminarily determined that the company failed to implement…

Read more →

A global stop-payment mechanism developed by INTERPOL has enabled Singapore authorities to recover over USD 40 million from a business email compromise (BEC) scam, marking their largest-ever recovery of fraudulently obtained funds. On 23 July 2024, a commodity firm based…

Read more →

French cybercrime police are investigating a ransomware attack on the Grand Palais Exhibition Hall in Paris, a venue for Olympic events such as fencing and Taekwondo. According to Reuters, the central computer system of the Grand Palais was targeted, but…

Read more →

While many small businesses rely on Microsoft 365 as their default software because of its flexibility and scalability, the seemingly endless, persistent threat of cyberattacks on email security suggests that its security standards must be revised. My opinion on the…

Read more →

A US technology contractor has inadvertently exposed the personal data of 4.6 million voters and election documents from multiple counties in Illinois, sparking significant concerns over election security and voter privacy. The databases, managed by Platinum Technology Resource, were found…

Read more →

In June, the HIPAA Journal reported a story that seems to be the trifecta of insider threat, third party risk, and medical technology risk. A terminated subcontractor employee of a medical transcription service stole at least one million patient records.…

Read more →

Proficio, a Managed Detection and Response (MDR) provider, has rolled out its ProBAS Breach and Attack Simulation service. The solution “rigorously” tests businesses’ security defenses, to ensure they can prevent compromise events and detect attacks throughout the entire threat detection and…

Read more →

Security researchers at Kaspersky have uncovered a new Android spyware campaign called LianSpy, which has been used for cyberespionage against targeted Android device users in Russia. The malware, dubbed “LianSpy,” has been in operation since July 2021, quietly harvesting sensitive…

Read more →

Wristband, a developer-first authentication platform designed for B2B SaaS, has released the public beta launch of its B2B authentication platform. Jim Verducci, CEO of Wristband, says building robust B2B authentication in-house is a complex and time-consuming process that can take…

Read more →

The cyber espionage group dubbed Evasive Panda (also known as StormBamboo and previously tracked as StromCloud) compromised an unnamed Internet Service Provider (ISP) in mid-2023 to push malicious software updates to target entities. This incident marks a significant escalation in…

Read more →

Infosec Institute, a cybersecurity education provider, is parterning with Career.io, a provider of professional career-development products and services. This collaboration aims to offer comprehensive career services to students enrolled in Infosec’s Immersive Boot Camps, equipping them with the skills and…

Read more →

A recently discovered vulnerability in the Domain Name System (DNS), dubbed ‘Sitting Ducks,’ has left millions of domains susceptible to hijacking. This attack vector, actively exploited since 2019, enables threat actors to deliver malware, phish, impersonate brands, and exfiltrate data.…

Read more →

Nearly half (49%) of spam emails can be attributed to BEC scams, with the CEO, HR, and IT being the most common targets. Alarmingly, some 40% of BEC emails are AI-generated, and in some instances, AI more than likely created…

Read more →

Nearly half (49%) of spam emails can be attributed to BEC scams, with the CEO, HR, and IT being the most common targets. Alarmingly, some 40% of BEC emails are AI-generated, and in some instances, AI more than likely created…

Read more →

Staff Reporter Over the past year, ransomware attacks have reached unprecedented levels of ambition and boldness, highlighted by a significant increase in extortion attacks. In fact, research from Zscaler ThreatLabz revealed an unparalleled ransom payout of $75 million – the…

Read more →

In today’s digital landscape, cybercriminals pose a perpetual threat to organisations. We are repeatedly reminded of the consequences of inadequate cybersecurity measures. In a cybersecurity breach, response time is critical to mitigating damage. Most cyber-attacks are like wildfires. Without the…

Read more →

Today’s businesses rely heavily on technology to streamline operations, enhance productivity, and connect with customers. However, this dependency has also opened the door to a growing threat: ransomware attacks. By 2031, the cost of ransomware attacks is estimated to reach…

Read more →

In the complex world of compliance, professionals deal with many responsibilities that go well beyond just cybersecurity.  Compliance can encompass areas such as financial regulations, anti-money laundering practices, and safety standards, each requiring its own set of specialized skills; however,…

Read more →

Home users and businesses use NAS (Network-Attached Storage) to store and manage data clearly and organise it and make it easy to access. With simplified scripts and hardware pre-installed with an optimised operating system, the NAS architecture helps improve the…

Read more →

In today’s digital world, cybersecurity is a top concern for organizations of all sizes. As our reliance on technology grows, so do the risks associated with cyber threats. Many organizations are turning to threat intelligence as a critical component of…

Read more →

We live in an era where customers demand convenience and instant gratification and want to use their smartphones and mobile devices to access their apps and services instantly. At the same time, trust in established brands such as Google or…

Read more →

The human factor often plays a role in data breaches, primarily because their inherent biases can be exploited. This vulnerability is especially pronounced in the digital age, where user authentication is a cornerstone of online applications and services. The most…

Read more →

The human factor often plays a role in data breaches, primarily because their inherent biases can be exploited. This vulnerability is especially pronounced in the digital age, where user authentication is a cornerstone of online applications and services. The most…

Read more →

2024 has ushered in a slew of new cybersecurity challenges. Gone are the days of simple firewalls and antivirus software; we’ve entered an era where AI battles AI, quantum computing looms like a cryptographic doomsday clock, and our fridges might…

Read more →

For all of Artificial Intelligence’s advantages, getting it wrong can be costly, says Bartek Roszak, Head of AI at STX Next The potential of Artificial Intelligence seems limitless, from AI-powered recommendation engines to reinforcement learning. However, the rush to implement…

Read more →

In an era where everything IT-leaning is getting leaner, meaner, faster, and more secure, we need to make sure not to leave file transfers behind. As the security and IT landscapes modernize, organizations are increasingly looking for a way to…

Read more →

Digital Rights Management (DRM) systems are a crucial tool for protecting digital content from unauthorized access or reproduction. Whether you’re a content creator looking to protect your intellectual property or a business looking to protect revenue streams, DRM is an…

Read more →

Today’s digital era is seeing the line between reality and fabrication become increasingly blurred, thanks to the advent of deepfake technology. Deepfakes are AI-generated videos or audio that convincingly mimic real people, making it appear like they said or did…

Read more →

In an age marked by frequent data breaches and cyber threats, organizations must follow strict regulatory standards to protect their sensitive and proprietary data. To remain compliant, they must also adhere to specific rules and guidelines aimed at data protection,…

Read more →